shmoneypot.com Open in urlscan Pro
185.137.235.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shmoneypot.com/
Effective URL:
https://shmoneypot.com/
Submission: On December 19 via api (December 19th 2021, 4:06:52 pm UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 16 domains to perform 113 HTTP transactions. The main IP is 185.137.235.119, located in Russian Federation and belongs to SELECTEL, RU. The main domain is shmoneypot.com.
TLS certificate: Issued by R3 on December 19th 2021. Valid for: 3 months.

This is the only time shmoneypot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	185.137.235.119 185.137.235.119	49505 (SELECTEL) (SELECTEL)
2	2606:4700:20:... 2606:4700:20::681a:f1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 4	185.11.128.207 185.11.128.207	50599 (Autonomou...) (Autonomous System for Data Space Sp. z o.o.)
13	2606:4700:10:... 2606:4700:10::6816:28b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
15	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:a400:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
113	23

41 185.137.235.119 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)
PTR: isp2.ru.fastfox.pro

shmoneypot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:f1b (United States)

ASN13335 (CLOUDFLARENET, US)

img.wprost.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.11.128.207 (Poland) 1 redirects

ASN50599 (Autonomous System for Data Space Sp. z o.o., PL)
PTR: host-185-11-128-207.dataspace.pl

advice.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:28b9 (United States)

ASN13335 (CLOUDFLARENET, US)

api.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scoring.deep.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	shmoneypot.com 1 redirects shmoneypot.com	566 KB
15	google-analytics.com www.google-analytics.com	21 KB
13	deep.bi api.deep.bi scoring.deep.bi	21 KB
11	googlesyndication.com d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	89 KB
7	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	138 KB
5	google.com www.google.com adservice.google.com	2 KB
5	gemius.pl 1 redirects advice.hit.gemius.pl ls.hit.gemius.pl	15 KB
4	facebook.net connect.facebook.net	195 KB
3	googletagmanager.com www.googletagmanager.com	145 KB
2	google.de www.google.de	611 B
2	googletagservices.com www.googletagservices.com	63 KB
2	facebook.com www.facebook.com	313 B
2	wprost.pl img.wprost.pl	187 KB
1	google.ru adservice.google.ru	792 B
1	optad360.io get.optad360.io	247 KB
1	googleadservices.com www.googleadservices.com	14 KB
113	16

	Domain	Requested by
41	shmoneypot.com	1 redirects shmoneypot.com
15	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com shmoneypot.com
9	api.deep.bi	shmoneypot.com api.deep.bi
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	shmoneypot.com securepubads.g.doubleclick.net www.googletagservices.com
4	scoring.deep.bi	api.deep.bi
4	www.google.com	shmoneypot.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	connect.facebook.net	shmoneypot.com connect.facebook.net
4	advice.hit.gemius.pl	1 redirects shmoneypot.com advice.hit.gemius.pl
3	www.googletagmanager.com	shmoneypot.com www.googletagmanager.com
2	www.google.de	shmoneypot.com
2	www.googletagservices.com	shmoneypot.com securepubads.g.doubleclick.net
2	www.facebook.com	shmoneypot.com
2	img.wprost.pl	shmoneypot.com
1	d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ru	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	get.optad360.io	shmoneypot.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	ls.hit.gemius.pl	advice.hit.gemius.pl
113	23

This site contains links to these domains. Also see Links.

Domain
nieruchomosci.wprost.pl
www.allcon.pl
www.facebook.com
twitter.com
www.wykop.pl
www.linkedin.com
wwws.tumblr.com
pinterest.com
www.youtube.com
www.wprost.pl

Subject Issuer	Validity	Valid
shmoneypot.com R3	`2021-12-19` - `2022-03-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-18` - `2022-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-12-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com.ru GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://shmoneypot.com/
Frame ID: C92BC6970E190DAE63A00B96EE1ED881
Requests: 94 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 83E0BBBE14347879A5794C1ABBEA77F1
Requests: 1 HTTP requests in this frame

Frame: https://d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9D2C1F4249BF9DB61D6BA8E67C16D601
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2DA31393A28B5E4998078BC8B5400176
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHgCVZENjJIBaGFNmMWIfou2EZSlS0f4LVoYekfweaCX6-0K4EBoJoxwUHvHKGMezkfQ0o13r9mo7j18E36y78jiqcfoLH-OOr8k1hpupFIa45IRA0SzZYzdqz1ta29ynEki7VfRzUXhFh-HBf4MFL6oZSaAomLSOMG2_eMQNxmfmlnc_WSUy6W4ssyPf0gchpWsRc-iEY5raN7AyfAiskqR4vx0YuCnNJeFuvxAY_ec8mNjoXYwghMvwn-m9LtUGnpmDxdxiSM6CXPFaFETcU38Sr4Mol6vGR1xewKsiJlJktA2BrISoAIBljCWpgCBcuwTGYmw&sig=Cg0ArKJSzCYMZB4Ysj1IEAE&uach_m=[UACH]&adurl=
Frame ID: A02C3BDACD6A8B865E85EF864C8B5B5C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 56A39775900E04C3DADA7E8F49882710
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E19752CD2827E426D238B05DAF023FC7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gdzie inwestować w Gdańsku? – Wiadomości Nieruchomości Wprost

Page URL History Show full URLs

http://shmoneypot.com/ HTTP 301
https://shmoneypot.com/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

113
Requests

99 %
HTTPS

77 %
IPv6

16
Domains

23
Subdomains

23
IPs

6
Countries

1704 kB
Transfer

3832 kB
Size

15
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://nieruchomosci.wprost.pl/wiadomosci
Title: Wiadomości

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/inwestowanie-w-nieruchomosci
Title: Inwestowanie w nieruchomości

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/budownictwo
Title: Budownictwo

Search URL Search Domain Scan URL

URL: https://nieruchomosci.wprost.pl/architektura
Title: Architektura

Search URL Search Domain Scan URL

URL: https://www.allcon.pl/mieszkania/apartamenty/mlyny_gdanskie/lokalizacja?utm_source=wprost&utm_medium=artykul&utm_campaign=mg&utm_term=20211029&utm_content=gdzieinwestowacwgdansku
Title: Siedlce

Search URL Search Domain Scan URL

URL: https://www.allcon.pl/mieszkania/apartamenty/mlyny_gdanskie?utm_source=wprost&utm_medium=artykul&utm_campaign=mg&utm_term=20211029&utm_content=gdzieinwestowacwgdansku
Title: Młyny Gdańskie

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&t=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2F10532860&text=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.wykop.pl/dodaj?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html
Title: Wykop

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&title=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Linked In

Search URL Search Domain Scan URL

URL: http://wwws.tumblr.com/share/link?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&name=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F&description=
Title: Tumblr

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fnieruchomosci.wprost.pl%2Fwiadomosci%2F10532860%2Fgdzie-inwestowac-w-gdansku.html&media=https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/f5/b0/2ff8f6c4e2e694b02e1d55ecdbb8.jpeg&description=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/tygodnikwprost
Title: Nieruchomości Wprost - Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TygodnikWPROST
Title: Nieruchomości Wprost - Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AWRWprost
Title: Nieruchomości Wprost - YouTube

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/o-awr-wprost
Title: AWR Wprost

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/kontakt
Title: Kontakt

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/reklama
Title: Reklama

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/regulamin
Title: Regulamin

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/polityka-prywatnosci
Title: Polityka prywatności

Search URL Search Domain Scan URL

URL: https://www.wprost.pl/
Title: Agencja Wydawniczo-Reklamowa „Wprost” Sp. z o.o.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shmoneypot.com/ HTTP 301
https://shmoneypot.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://advice.hit.gemius.pl/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmoneypot.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=384&lsdata=GQsQA6cjQn3kExkNhFOYJsCWXAm6.Tfb5pdNMw8Q6df.n76x96cCoC9NST0qe0RN2ypZherWMP1mFZeHCleKAAmmc34P/UuQACNUoa0Dl6/&fpdata=5oPAUq5UkhPrAbHZpcW5q0lYxdkcCPusdGFRStSuRs..p7&vis=1&fpcap= HTTP 301
https://advice.hit.gemius.pl/__/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmoneypot.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=384&lsdata=GQsQA6cjQn3kExkNhFOYJsCWXAm6.Tfb5pdNMw8Q6df.n76x96cCoC9NST0qe0RN2ypZherWMP1mFZeHCleKAAmmc34P/UuQACNUoa0Dl6/&fpdata=5oPAUq5UkhPrAbHZpcW5q0lYxdkcCPusdGFRStSuRs..p7&vis=1&fpcap=

113 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shmoneypot.com/
Redirect Chain

http://shmoneypot.com/
https://shmoneypot.com/

59 KB
15 KB

544ms
431ms

Document
text/html

185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 / PHP/7.2.34
Resource Hash: 35afb774f93baadbff26bddc324582f3ddb6709f1ee3ed7dca47392db7fdc981

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.20.2
date: Sun, 19 Dec 2021 16:06:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
content-encoding: gzip

Redirect headers

Server: nginx/1.20.2
Date: Sun, 19 Dec 2021 16:06:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://shmoneypot.com:443/

GET
H2 200 cee17864dc7f5e599a89712f12c8.jpeg
img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/ 116 KB
117 KB 319ms
247ms Image
image/jpeg 2606:4700:20::681a:f1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/cee17864dc7f5e599a89712f12c8.jpeg

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662c42d2b9d5c15f548ec750617d497cea2d63158b7aa9953ac97e20dc3bfb99

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
content-length: 118620
last-modified: Fri, 29 Oct 2021 12:21:21 GMT
server: cloudflare
etag: "1e24cd32ab260adee2b23e1a78a16c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bvj%2FVFylKAJPHXNgAyefaQTkmWxTyNvSRD5BKR9bk62bRjrpwPRqfaW4AhcUz4GQxtNiXyLfM1YdBcBVHbqd6%2FoawOi2fKzi2%2Fo9ghiYrrhIEMS6VKUkUug0HueiYBWfjiZ04Pkqmnu9MqI%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 781999651
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c01e1463a62f937-MXP

GET
H2 200 OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
shmoneypot.com/_static/ 543 KB
87 KB 74ms
73ms Stylesheet
text/css 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: f8b3082371bd6a0093087b633647e5a3f3ec1ef0e97e982814f86821f8512bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
etag: W/"61bf57df-87c93"
content-type: text/css

GET
H2 200 414f937b-ee02-4965-9ad2-498152b33573.min.js Show response
shmoneypot.com/items/ 497 B
632 B 504ms
489ms Script
application/javascript 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/items/414f937b-ee02-4965-9ad2-498152b33573.min.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-1f1"
content-length: 497
content-type: application/javascript

GET
H2 200 gpt.js Show response
shmoneypot.com/tag/js/ 77 KB
29 KB 498ms
488ms Script
application/javascript 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/tag/js/gpt.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 331e14f7226ecaea46e85f54db23f4e7a434969120e39c1a54a8087807ddf830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
etag: W/"61bf57df-135f5"
content-type: application/javascript

GET
H2 200 323699896.min.js Show response
shmoneypot.com/tag/ 9 KB
3 KB 498ms
488ms Script
application/javascript 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/tag/323699896.min.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 2ea665fc0455d38b414a5a31a72f3a8e3a3054b6d3f224d73d5d9057f6b2d3db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
etag: W/"61bf57df-2493"
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
36 KB 349ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425c27047cda8d2449d9aaaf796c2281bde10f4271db9c090675cfc8cfd14a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37155
x-xss-protection: 0
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 pusty.png
shmoneypot.com/_i/ 95 B
219 B 498ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/pusty.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-5f"
content-length: 95
content-type: image/png

GET
H2 200 daecc84600673be34d903ed5b55c.jpeg
img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/a0/8d/ 70 KB
70 KB 248ms
239ms Image
image/jpeg 2606:4700:20::681a:f1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a1f817fb0825178737f23764d2b053b0e8abcf4d6eaba57ac31615d5b15178

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
via: 1.1 varnish (Varnish/6.0)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-type: image/jpeg
content-length: 71328
last-modified: Fri, 29 Oct 2021 12:21:21 GMT
server: cloudflare
etag: "550bb2dd3f100afd4472844c5f9e8d36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=16000000; includeSubDomains; preload;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvKHFqPRlD6lC9ZMiJaIbVEB2I4Us6H3hG7zLQ1xz42emI0r9UuiSQ0Du0YzImv2m3J9os1XI9Xt%2BjDq2EkcVX20jorh1fmpLYBlwNXAObDJv1ouLkN4FF3m6KTCnPuaG8y8x3xLvlL9Ygs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 717922286
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c01e147acdbf937-MXP

GET
H2 200 html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js Show response
shmoneypot.com/_static/ 365 KB
100 KB 69ms
68ms Script
application/javascript 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_static/html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 4de28a05e0b438d5800c7dd1345e0ec1a63da96a9e2ad0a65d43203cd91d48ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
content-encoding: gzip
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
etag: W/"61bf57df-5b561"
content-type: application/javascript

GET
H2 200 xgemius.js Show response
advice.hit.gemius.pl/ 40 KB
11 KB 350ms
31ms Script
application/x-javascript 185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/xgemius.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 919462eb23533d6a32db8faf732b4d7dafa39f69d32bff2a6905748fedf47bcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 11:54:27 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10842
expires: Mon, 20 Dec 2021 04:06:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
48 KB 339ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WC56M55

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe1070238cc5d5feb2683c5b967264d874d39eee9813481d29c7b1eb3ea37b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49162
x-xss-protection: 0
last-modified: Sun, 19 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
20 KB 567ms
253ms Script
application/javascript 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v3/init.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c76e1e665df37cdb932f74ae303e63e912e40d5b14af3027bdf6a4bacb509625

Request headers

Referer: https://shmoneypot.com/
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 19 Dec 2021 16:06:46 GMT
server: cloudflare
x-rgn: tr01-hel1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
x-server: tr01-hel1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6c01e1499aa159dd-MXP

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 319ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 1bj7V1f2VM/fUaynPzRbQt283AT+lUevRrL/VNcM2EY8O/Umj4cuKKbhfI/iFaQWZP480G9pq/5cYgZRK3TwnA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sun, 19 Dec 2021 16:06:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 327ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5e2afbd536a369659cf5aed1d703019d1e32c191f503358be648cfef97ae89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mEsND5YOw76QBiOjRog4/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 4AqwLRgx4KjLNEja7dy3TdUex1Jf0a/XJoQigNYf9spvI3jnrcL7zH8HfPyIQsANMAM6fYr6jQVcetNS6MtFUA==
x-fb-trip-id: 917726464
x-fb-content-md5: 546b1ce13407c50c200ccd3430b2a0a0
x-frame-options: DENY
date: Sun, 19 Dec 2021 16:06:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "25ab71a33ede9ead66eecba61ca64248"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 19 Dec 2021 16:24:44 GMT

GET
H2 200 logo-wprost-header.png
shmoneypot.com/wprost/_i/ 3 KB
3 KB 492ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/wprost/_i/logo-wprost-header.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: c01351f6b65ecb4efde549618c748755dec43b369bec2897260f7f4ec05aebbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-a48"
content-length: 2632
content-type: image/png

GET
H2 200 icon-20-a-menu.png
shmoneypot.com/_i/ 1 KB
1 KB 491ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-menu.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 42b21abbca1944f3630cf12ce218a16eed50f9673faf100047ca61341e318b80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-403"
content-length: 1027
content-type: image/png

GET
H2 200 icon-30-share.png
shmoneypot.com/_i/ 1 KB
2 KB 491ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-share.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 7d6c3674785d0db6ea9c952d6389ad37ac07753cd0161fb0b6f7e0081153f316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-5b7"
content-length: 1463
content-type: image/png

GET
H2 200 icon-30-comment.png
shmoneypot.com/_i/ 1 KB
1 KB 491ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-comment.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: fd5e88b0f2cc6fb839016d92d209e99cefce24f4ff6bca4c5ab02bc8c2b1ffe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-4d0"
content-length: 1232
content-type: image/png

GET
H2 200 header-nieruchomosci-01.jpg
shmoneypot.com/wprost-nieruchomosci/_i/ 168 KB
168 KB 491ms
488ms Image
image/jpeg 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/wprost-nieruchomosci/_i/header-nieruchomosci-01.jpg
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: c79b7506033f731f036b8c0da54494d539ddb31a06a0266c6189a4990f1d13cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-29f56"
content-length: 171862
content-type: image/jpeg

GET
H2 200 icon-20-c-check.png
shmoneypot.com/_i/ 360 B
486 B 492ms
488ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-c-check.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 42029e6774581c9691e7a855bab8e412602160a2592cb13574e6a9b9e0f390a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-168"
content-length: 360
content-type: image/png

GET
H2 200 icon-20-a-soc-facebook.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-soc-facebook.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: dc6aa291217a39c090896ceca42dde661767f883062d581a6074b3c27b72d6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-456"
content-length: 1110
content-type: image/png

GET
H2 200 icon-20-a-soc-twitter.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-soc-twitter.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 5f416547d36ab9ef1af8bd30eb509bd63c961ffe240096d7bc6e4a9162eb10df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-501"
content-length: 1281
content-type: image/png

GET
H2 200 icon-20-a-soc-you-tube.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-soc-you-tube.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: f4231e6435e26e6cbd926387d7d59bd67745bae47173ffc868631c4138d80f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-4b1"
content-length: 1201
content-type: image/png

GET
H2 200 icon-20-a-arrow-left.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-arrow-left.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 779de053872046185bd650f7e2ffb8b4f1e0ee5f9b2bc73711dbf00f2abc6b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-46e"
content-length: 1134
content-type: image/png

GET
H2 200 icon-20-a-arrow-top.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-a-arrow-top.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 24fa35573d7e0db487ed379dc1ce2d72776d89129804568e1e5d1dccdfd3a27d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-45d"
content-length: 1117
content-type: image/png

GET
H2 200 icon-30-a-soc-facebook.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
489ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-a-soc-facebook.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: d23c6c35e02d267d4ce46c0e9b197720d883ac35a6f608393c9964ff5831d603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-489"
content-length: 1161
content-type: image/png

GET
H2 200 icon-30-a-soc-twitter.png
shmoneypot.com/_i/ 1 KB
2 KB 492ms
490ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-a-soc-twitter.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: ef6bc03a26bf3dbb80a22a2eaf54523f07a7aebac158bcd69d58bd5a13cc9351

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-5a3"
content-length: 1443
content-type: image/png

GET
H2 200 icon-30-a-soc-you-tube.png
shmoneypot.com/_i/ 1 KB
1 KB 492ms
490ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-a-soc-you-tube.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: cc450ca6f3818ff2ad8eae3a10277a1018c541e862cb5b9a34466a813e544bd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-530"
content-length: 1328
content-type: image/png

GET
H2 200 icon-30-a-soc-rss.png
shmoneypot.com/_i/ 1 KB
2 KB 492ms
490ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-30-a-soc-rss.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 5becbc936c15ff90857967205040c247e0f8a58b4fcbac94763ed3a61e059210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:45 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-5a0"
content-length: 1440
content-type: image/png

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 15 KB
15 KB 778ms
777ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "3d68-5d381ea93b0a5"
content-length: 15720

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 15 KB
15 KB 778ms
776ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "3cf4-5d381ea93b0a5"
content-length: 15604

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 15 KB
15 KB 778ms
777ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "3d18-5d381ea93b48d"
content-length: 15640

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
shmoneypot.com/_fonts/Roboto/ 15 KB
16 KB 778ms
777ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/Roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "3d78-5d381ea93c045"
content-length: 15736

GET
H2 200 ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZ.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 17 KB
17 KB 778ms
777ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVg2ZhZI2eCN5jzbjEETS9weq8-19eDpCEobdNZ.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: d7c4b870733c836a4e6688f1d748901c9b766f678418dd321a4af64de93e20ec

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "4380-5d381ea93b48d"
content-length: 17280

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 12 KB
12 KB 776ms
776ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "2edc-5d381ea93b0a5"
content-length: 11996

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
shmoneypot.com/_fonts/Roboto/ 12 KB
12 KB 773ms
773ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/Roboto/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "2fa8-5d381ea93bc5d"
content-length: 12200

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 12 KB
12 KB 761ms
760ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVl2ZhZI2eCN5jzbjEETS9weq8-19y7DRs5.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "2f30-5d381ea93b48d"
content-length: 12080

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
shmoneypot.com/_fonts/RobotoCondensed/ 12 KB
12 KB 748ms
748ms Font
application/octet-stream 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/_fonts/RobotoCondensed/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCoYb8td.woff2
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 1b019dba654b6a670ff83612cc866453fac6b389c1da4832159f340ead53081a

Request headers

Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "2ec0-5d381ea93b48d"
content-length: 11968

GET
H2 200 534361764150757 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/534361764150757?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cf32e34d83dcd4116a50391d664a5ef72c132e712fb880c919bcc4f5438345f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88884
x-xss-protection: 0
pragma: public
x-fb-debug: onAHCK7C1DIKZglwP6Z+Gd02xYe1U+u5CNXzbYaW9lSNX7NjWSkpO4dL9UJ5eja1PdBzubIQeat4an/0cyOFrQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 19 Dec 2021 16:06:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pl_PL/ 285 KB
80 KB 23ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=a9196181f5d878d3b17f242e7c06c33b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c46aa73fd06a6f561566c9828a9e48d807a3d92f3f692ac28a81ac049e20cdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shmoneypot.com/
Origin: https://shmoneypot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Q7pthyjFsdolHb5H2th7NA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 19 Dec 2022 13:43:30 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82021
x-fb-rlafr: 0
x-fb-debug: 4ZJUVwZUv4t/B3T7JovaASy/3GmwRKIvpqJSYs/q/IIX/C/HyWymbbzK1l3zsjZJiwqqiJqukQvVr63SWTWNOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 13eefbda9969e9247cb46ef54345790b
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 19 Dec 2021 16:06:46 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "fff00d0fd83442d6c868cdc1fd95c8ac"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 fpdata.js Show response
advice.hit.gemius.pl/ 283 B
397 B 34ms
34ms Script
application/x-javascript 185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/fpdata.js?href=shmoneypot.com
Requested by: Host: advice.hit.gemius.pl
URL: https://advice.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: 89eafddcdc08a03ea41a88d2b5c2769c4583377506ea20a97cce5e50a42060b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 283
expires: Tue, 18 Jan 2022 16:06:46 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 83E0 5 KB
3 KB 103ms
28ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: advice.hit.gemius.pl
URL: https://advice.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: b48995e84cad13a4d6f73958a6cd898e761e750b70630914c12d02dda24711b9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
expires: Tue, 18 Jan 2022 16:06:46 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2720
content-encoding: gzip

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 62ms
24ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WC56M55

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 42ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

366a6f9726c1274fe14a1ca909d3aa7ec27d33392545bebcc3d8dc6264256bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61865
x-xss-protection: 0
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 33ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=534361764150757&ev=PageView&dl=https%3A%2F%2Fshmoneypot.com%2F&rl=&if=false&ts=1639930006141&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639930006130.179244858&it=1639930006039&coo=false&exp=p1&rqm=GET

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 19 Dec 2021 16:06:46 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
161 B 41ms
14ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76JW1KVZM8&gtm=2oec10&_p=398102797&sr=1600x1200&ul=en-us&cid=1733615630.1639930006&_s=1&dl=https%3A%2F%2Fshmoneypot.com%2F&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sid=1639930006&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-8969414-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3940
date: Sun, 19 Dec 2021 15:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 19 Dec 2021 17:01:06 GMT

GET
H2 200 icon-100-arrow-left.png
shmoneypot.com/_i/ 1 KB
1 KB 208ms
207ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-100-arrow-left.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 9c7543f17ece99c6b9fc15cd93856cf12e5f8945284a5dbeb926bbb4ac81be73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-57e"
content-length: 1406
content-type: image/png

GET
H2 200 icon-100-arrow-right.png
shmoneypot.com/_i/ 1 KB
1 KB 208ms
207ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-100-arrow-right.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 6e8da9c93695d9066c06a0ff4ad814559e5c186cb7fc93e31a499183e14cdc92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-573"
content-length: 1395
content-type: image/png

GET
H2 200 icon-20-c-arrow-bottom.png
shmoneypot.com/_i/ 1 KB
1 KB 204ms
203ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-c-arrow-bottom.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 0643484d67311199055be01407f32b3310fec6a59fe9e85107ba5f41f19a2cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-499"
content-length: 1177
content-type: image/png

GET
H2 200 icon-20-c-arrow-right.png
shmoneypot.com/_i/ 1 KB
1 KB 204ms
203ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_i/icon-20-c-arrow-right.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 2d16c6bf2e25e475f0971bc6e839faa49e350a764a9e760053b613a0aab1d5f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-493"
content-length: 1171
content-type: image/png

POST
H2 404 hits.php Show response
shmoneypot.com/ 206 B
274 B 339ms
337ms XHR
text/html 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://shmoneypot.com/hits.php
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/html5-jquery-3.5.1-lightbox-2.6.min-main-nieruchomosci-ads-deep.bi-98094d358c56483135314a865a0dd1f1-content.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 813d68061248785859a089791ba33f25cf9e90e565fa62e5848d88224fc00e9d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://shmoneypot.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
server: nginx/1.20.2
content-type: text/html; charset=iso-8859-1

GET
H2 200 prev.png
shmoneypot.com/_js/jquery/lightbox/css/img/ 1 KB
1 KB 176ms
175ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_js/jquery/lightbox/css/img/prev.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-550"
content-length: 1360
content-type: image/png

GET
H2 200 next.png
shmoneypot.com/_js/jquery/lightbox/css/img/ 1 KB
1 KB 176ms
175ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_js/jquery/lightbox/css/img/next.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-546"
content-length: 1350
content-type: image/png

GET
H2 200 loading.gif
shmoneypot.com/_js/jquery/lightbox/css/img/ 8 KB
8 KB 176ms
176ms Image
image/gif 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_js/jquery/lightbox/css/img/loading.gif
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-211c"
content-length: 8476
content-type: image/gif

GET
H2 200 close.png
shmoneypot.com/_js/jquery/lightbox/css/img/ 280 B
406 B 177ms
177ms Image
image/png 185.137.235.119
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shmoneypot.com/_js/jquery/lightbox/css/img/close.png
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.137.235.119 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS: isp2.ru.fastfox.pro
Software: nginx/1.20.2 /
Resource Hash: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/_static/OpenSans-Roboto-RobotoCondensed-define-layout-forms-header-menu-lightbox-nieruchomosci-paywall-message-1bc0e998e299128c73ed5100c28b2951-content.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
last-modified: Sun, 19 Dec 2021 16:03:43 GMT
server: nginx/1.20.2
accept-ranges: bytes
etag: "61bf57df-118"
content-length: 280
content-type: image/png

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854368221/ 2 KB
2 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854368221/?random=1639930006349&cv=9&fst=1639930006349&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshmoneypot.com%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82821f5d7a3348ef1fe4e71add918b4f70e7cb64f4c1bd343833254668ee205f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021111701.js Show response
securepubads.g.doubleclick.net/gpt/ 345 KB
116 KB 47ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118578
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 33 B
685 B 46ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shmoneypot.com

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b54e4e6b6014aa5438e8ca7d3cf7d6a39bc4d2dd615c6012a4e4d0800667aba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49
x-xss-protection: 0
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/tag/323699896.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1075 / 593 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 prebid3.16.2.BC.js Show response
get.optad360.io/sf/ 246 KB
247 KB 52ms
11ms Script
application/javascript 2600:9000:206f:a400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid3.16.2.BC.js
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/tag/323699896.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8067ebedbe560e9197bd73675a916a0c8608c981bce15196838492731565bcbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:16 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
last-modified: Tue, 11 Aug 2020 07:44:16 GMT
server: AmazonS3
age: 2259391
etag: "4dff781498624c4d6a8a35ebcda07b4c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 252405
x-amz-cf-id: 1hdnq7PNzaYw5h3PHx1aB-x0c7O4AOuO0QjDYzgJN58grV3NYjGR7w==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
19ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=398102797&t=pageview&_s=1&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1378631445&gjid=83617053&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&_r=1&gtm=2ouc10&z=588337367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 12ms
11ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=2&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=526495317

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=3&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20IDMnet%20Cascade%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=1951340553

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=4&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=631704438

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
20ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=5&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=2127768792

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=6&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=1827130524

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=7&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=147904300

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=8&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=1249700852

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=9&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=328296088

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
21ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=10&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20optad360%20Slot%20Created&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=514058641

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
advice.hit.gemius.pl/__/_1639930006442/
Redirect Chain

https://advice.hit.gemius.pl/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmoneypo...
https://advice.hit.gemius.pl/__/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmone...

169 B
426 B

86ms
86ms

Script
application/x-javascript

185.11.128.207
Autonomous System...

General

Check archive.org

Show headers Download Go to

Full URL: https://advice.hit.gemius.pl/__/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmoneypot.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=384&lsdata=GQsQA6cjQn3kExkNhFOYJsCWXAm6.Tfb5pdNMw8Q6df.n76x96cCoC9NST0qe0RN2ypZherWMP1mFZeHCleKAAmmc34P/UuQACNUoa0Dl6/&fpdata=5oPAUq5UkhPrAbHZpcW5q0lYxdkcCPusdGFRStSuRs..p7&vis=1&fpcap=
Requested by: Host: shmoneypot.com
URL: https://shmoneypot.com/
Protocol: H2
Server: 185.11.128.207 , Poland, ASN50599 (Autonomous System for Data Space Sp. z o.o., PL),
Reverse DNS: host-185-11-128-207.dataspace.pl
Software: GHC /
Resource Hash: b97fd3b9b398c747a4e4f41b38d403e7209c782e6f179030feb7ed894bd77161

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 18 Dec 2021 16:06:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1639930006442/rexdot.js?l=100&id=bPo70ouuVF6BwErIBuw7vsQM7KSWflChLqi.FWhl1jr.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fshmoneypot.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=384&lsdata=GQsQA6cjQn3kExkNhFOYJsCWXAm6.Tfb5pdNMw8Q6df.n76x96cCoC9NST0qe0RN2ypZherWMP1mFZeHCleKAAmmc34P/UuQACNUoa0Dl6/&fpdata=5oPAUq5UkhPrAbHZpcW5q0lYxdkcCPusdGFRStSuRs..p7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 18 Dec 2021 16:06:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8969414-2&cid=1733615630.1639930006&jid=1378631445&gjid=83617053&_gid=1383644114.1639930006&_u=YADAAUAAAAAAAC~&z=493580661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 19 Dec 2021 16:06:46 GMT
content-type: text/plain
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/854368221/ 42 B
548 B 51ms
24ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854368221/?random=1639930006349&cv=9&fst=1639929600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fshmoneypot.com%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&async=1&fmt=3&is_vtc=1&random=691259519&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/854368221/ 42 B
548 B 43ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854368221/?random=1639930006349&cv=9&fst=1639929600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fshmoneypot.com%2F&tiba=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&async=1&fmt=3&is_vtc=1&random=691259519&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.ru/adsid/ 107 B
792 B 293ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ru/adsid/integrator.js?domain=shmoneypot.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 284ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shmoneypot.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
19 KB 347ms
332ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1883367760426752&correlator=3392110798491490&output=ldjh&impl=fifs&eid=44752540%2C44755900%2C31063756%2C31063183&vrg=2021111701&ptt=17&sc=1&sfv=1-0-38&ecs=20211219&iu_parts=60089353%2CWprost%2Cart_rec_szpalta_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=360x600%7C336x280%7C360x300%7C300x250%7C320x100%7C160x600%7C120x600&eri=1&cust_params=Wprost_sekcja%3Dnieruchomosci%26exp%3DP&cookie_enabled=1&bc=31&abxe=1&lmt=1639930006&dt=1639930006533&dlt=1639930005382&idt=1106&frm=20&biw=1600&bih=1200&oid=2&adxs=1027&adys=983&adks=2053822233&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fshmoneypot.com%2F&vis=1&stss=1&dmc=8&scr_x=0&scr_y=0&psz=386x1&msz=360x-1&ga_vid=1733615630.1639930006&ga_sid=1639930007&ga_hid=398102797&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

684092fc929a6eaee6b5c89341691d93f7b3351fde59c560b9b3de386427061b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19355
x-xss-protection: 0
google-lineitem-id: 5861619023
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375536975
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9D2C 6 KB
4 KB 68ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 19 Dec 2021 16:06:46 GMT
expires: Mon, 19 Dec 2022 16:06:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 282ms
34ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8969414-2&cid=1733615630.1639930006&jid=1378631445&_u=YADAAUAAAAAAAC~&z=1112527009

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 275ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8969414-2&cid=1733615630.1639930006&jid=1378631445&_u=YADAAUAAAAAAAC~&z=1112527009

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ckxdfzfh00n3afb707x Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
173 B 159ms
150ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/ckxdfzfh00n3afb707x?id=deepcookie&column=score
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://shmoneypot.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6c01e14d6d1559dd-MXP
content-length: 2

GET
H2 200 ckxdfzfh00n3afb707x Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 264ms
256ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/ckxdfzfh00n3afb707x?id=deepcookie&column=level
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://shmoneypot.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6c01e14d6d1259dd-MXP
content-length: 2

GET
H2 200 ckxdfzfh00n3afb707x Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 261ms
252ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/ckxdfzfh00n3afb707x?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://shmoneypot.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6c01e14d6d0e59dd-MXP
content-length: 2

GET
H2 200 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 16 B
609 B 225ms
167ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd63d847812bbec8c35e6520d0705c9992b94e1f161d855b48cbc670737cf2d

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-hel1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6c01e14e49d983a0-MXP
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, no-store, must-revalidate
x-server: tr01-hel1.prod-deep.com
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 16
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2DA3 0
18 B 29ms
14ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://shmoneypot.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://shmoneypot.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Sun, 19 Dec 2021 16:06:46 GMT

GET
H2 200 ckxdfzfh00n3afb707x Show response
scoring.deep.bi/score/j7odeRmIZNFp/ 2 B
58 B 258ms
258ms XHR
application/json 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/j7odeRmIZNFp/ckxdfzfh00n3afb707x?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://shmoneypot.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6c01e14dde9e59dd-MXP
content-length: 2

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 93ms
93ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://shmoneypot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
access-control-allow-origin: https://shmoneypot.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-hel1.prod-deep.com
x-rgn: tr01-hel1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c01e14d6ce459dd-MXP

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 48ms
24ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af384b1b74e23a1ca7ab3f2b014281c1cd3884a6db231587672306eec6329ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A02C 0
0 44ms
41ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHgCVZENjJIBaGFNmMWIfou2EZSlS0f4LVoYekfweaCX6-0K4EBoJoxwUHvHKGMezkfQ0o13r9mo7j18E36y78jiqcfoLH-OOr8k1hpupFIa45IRA0SzZYzdqz1ta29ynEki7VfRzUXhFh-HBf4MFL6oZSaAomLSOMG2_eMQNxmfmlnc_WSUy6W4ssyPf0gchpWsRc-iEY5raN7AyfAiskqR4vx0YuCnNJeFuvxAY_ec8mNjoXYwghMvwn-m9LtUGnpmDxdxiSM6CXPFaFETcU38Sr4Mol6vGR1xewKsiJlJktA2BrISoAIBljCWpgCBcuwTGYmw&sig=Cg0ArKJSzCYMZB4Ysj1IEAE&uach_m=[UACH]&adurl=

Requested by

Host: shmoneypot.com
URL: https://shmoneypot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame A02C 19 KB
8 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Jan 2022 16:04:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame A02C 2 KB
1 KB 38ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Jan 2022 16:03:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A02C 119 KB
36 KB 36ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Dec 2021 16:06:46 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A02C 0
0 19ms
17ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlGSDbgiSJfktvsQEqpEuuAjIwfpsdvaTgXyOrR6aDFel46Q_Tz0ha6O_72kd61KNb1iVtt3Kyld63vFPXqJo4t_De7Q
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 3889896949269431924
tpc.googlesyndication.com/simgad/ Frame A02C 42 KB
42 KB 38ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3889896949269431924

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fab98b4a0c651fca0d4c03e32be9a49906fee6cf709e4cf40b150da8883d60c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 15:28:52 GMT
x-content-type-options: nosniff
age: 175074
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42556
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:59:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 17 Dec 2022 15:28:52 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&_s=11&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=genesis_ads&ea=AD%20GAM%20Rectangle%20Displayed&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=505645287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83269
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sun, 19 Dec 2021 16:06:46 GMT

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 73ms
73ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://shmoneypot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 19 Dec 2021 16:06:46 GMT
access-control-allow-origin: https://shmoneypot.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-hel1.prod-deep.com
x-rgn: tr01-hel1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c01e14f5ba159dd-MXP

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 162ms
162ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://shmoneypot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 19 Dec 2021 16:06:47 GMT
access-control-allow-origin: https://shmoneypot.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-hel1.prod-deep.com
x-rgn: tr01-hel1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c01e14f5ba859dd-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
59 B 166ms
166ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Sun, 19 Dec 2021 16:06:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-hel1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://shmoneypot.com
x-server: tr01-hel1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6c01e14fde4783a0-MXP

OPTIONS
H2 204 events
api.deep.bi/v1/streams/j7odeRmIZNFp/ Frame 0
0 161ms
161ms Preflight 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://shmoneypot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 19 Dec 2021 16:06:47 GMT
access-control-allow-origin: https://shmoneypot.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
x-server: tr01-hel1.prod-deep.com
x-rgn: tr01-hel1.prod-deep.com
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c01e14f6bac59dd-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
36 B 172ms
172ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Sun, 19 Dec 2021 16:06:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-hel1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://shmoneypot.com
x-server: tr01-hel1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6c01e1506fc683a0-MXP

POST
H2 204 events Show response
api.deep.bi/v1/streams/j7odeRmIZNFp/ 0
36 B 76ms
75ms XHR
text/plain 2606:4700:10::6816:28b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deep.bi/v1/streams/j7odeRmIZNFp/events
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:28b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Sun, 19 Dec 2021 16:06:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-rgn: tr01-hel1.prod-deep.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin: https://shmoneypot.com
x-server: tr01-hel1.prod-deep.com
access-control-allow-credentials: true
cf-ray: 6c01e1506fc283a0-MXP

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A02C 0
0 60ms
46ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPFoI_L7hcBiHyr1QdJMbxgg3E2Y3N-SMRwK1yDy4v-rYC5AbSk3unHknKOCKz0M5gVBRdePmYxszRoHRczaW0br010BcG8RruBAB4aulJV2g7A_4mrsMRjcpRF7HastMwRY_e5zyXPAOdc0xo9d_psb5F_k4gYVgALc47z10a7MoCu1fkrdgt-6v6ebZJ7kQPI0Nb7cCzPFmoO6yGlrzNDAujTImpPhvKgM3v_-ReUgQAOnBZIvaFcFn7urKP9MYKYyp3af6bZ-cPBhrVMuIKQsVWQN9X0yNPwh-nZtQEV9u8wJLNAEobkOmoWn3pjjd1vH8xytHG&sig=Cg0ArKJSzL1_co_kcXElEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 Dec 2021 16:06:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 19 Dec 2021 16:06:47 GMT

GET
DATA 200
OK truncated
/ Frame A02C 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12609be5b4169ed119405e55fcbbe41facdb26c3c615989f81a4bdc34d154ebf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 56A3 13 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 19 Dec 2021 14:13:42 GMT
expires: Mon, 19 Dec 2022 14:13:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E197 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47fa322559e024f510b566d12007678367d8d3010627db0258ac1f992e2bf30f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ViIOabvFou0OoKytk2FeiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 19 Dec 2021 16:06:47 GMT
date: Sun, 19 Dec 2021 16:06:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ViIOabvFou0OoKytk2FeiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E197 0
0 59ms
43ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021111701&jk=1883367760426752&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 56A3 35 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 21:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:31:34 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021111701&jk=1883367760426752&bg=!TE-lTwvNAAZKWFskSlg7ACkAdvg8WvaaNUbGLweVY78Izbdkncx15JSoT8fGUw5HC-wbppAocqUthQIAAABoUgAAAAdoAQcKAOb8qMEWZdMLoNClX0nngyliZIAJIaB_ft39-TsWEAuyRT7rRMImKZW2LxfRvkv8c-aGzluQ8vC5DFk8-Q7iCR-67w_zqw6YgZJESbXgDThcxuzwPLpNemrIomYKoHp8yZ_pFD4cmdPy4NBFdrC09dC_4EZ2VwltGjOWLl48ooSzdcMMBX6l0ctWtfLh83r1rn9QqjmiOJBO_ScY3CeBys62o9NXT2yodIbr-Ec3rJPjHy43TQO2IrQ8AlqVcRVULeKm8yS_pdW3e-DnIjBhPROs_Z9AyhRoyUucmOSJBJir5KpPu91fI5kCpCtUN2mLkjL7pA6fKah5Jzy_wFrC7hKgyc94QkCaB9LnqVApIjSN0q_LwmLls_W8xAuSiu2mVguf70CNyD3dkWDV1mj1nMbo-z4zWOzgbMgpcVkwmKLsytEcmMudurVCT9jebIiszdSPkxF_J6B0WZZX4CEsEw5nwWDKQnFdO2zVyhYddT7grd-FRbMJsGpN8e-wXopG9mu9WH8IrjXfq0Qd6kMnUOFDceOAVfRPQYqU9_bkoICCinnUQsnUsuFysq3HVCShfyAA7bNTei5NohknMMeKIxm6X_fxMW6DplV7pFn-fe7HQ2Tii3uV8p3e5imIwThhK20-OeSqJ-nVbVhAEhsu8cuVEyYZWkvmFRAy5rHPqJ0GUFmNfpbSURtlAsZc5pkYNpjHaxn-dMiU7ZYHyBYOMbGZj8Xu2CLwk1BI12WMqydlkbmEQup4ExMTLU3QZaXP-JoFnBCu-JB56z44hAYcgX39I35F2CkDliyqCRcvKsIooWnrlh3DmEoSRjkFph8YmhI7y6w3uaXWtjGIVv3dC1ruiAPORbjZNbK1VJB5gJhxCYZNAuvLYiA7RVaKcd0TrTnJ7jN-iiTsh2mcPyPdwUdADx5X24mCHlrP8CE_DKlUvZ4aoyk79bcTSdGKBuEGjirypJ7dxPpMSDyiMLfYRfXZzKwB8K5soZDrJef99wpplortPi8OXep3PzLqBLK8jM0cHOICWWZJBc5UR3CNtAROPZ6RhwDgweoQjTmtT5cqkwv0GBQbX74c7-hAV6Tky57DJ0p3T_ZosMyWXIvXBtRusv90M_nLdNnWIFc2qE-SzNG0_nHxK8ZJVLpelF7xFva_nihHME75Jj-TpT_UI3C_Wwy89vkCfQmn_qV0OvHLny4VWsMkqcA_mGxDB4Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A02C 42 B
64 B 61ms
43ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNB73Egfph99pKJbvGlw-l5I-hnzIkyV7cAHKzc9mrU7ryhhqVrhF2FIszSxD01RuRMKEWeqiuuOLmwTd_LcLBMiFaxVxRArGIEJf3AAjklRC9ocrl&sig=Cg0ArKJSzHWRsB8oFfo5EAE&id=lidar2&mcvt=1000&p=983,1039,1263,1375&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.78&app=0&itpl=3&adk=2053822233&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639930006896&rpt=96&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=398102797&t=event&ni=1&_s=12&dl=https%3A%2F%2Fshmoneypot.com%2F&ul=en-us&de=UTF-8&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VisitTime&ea=Timer&el=%3E%205%20sec&_u=aADAAUABAAAAAC~&jid=&gjid=&cid=1733615630.1639930006&tid=UA-8969414-2&_gid=1383644114.1639930006&gtm=2ouc10&z=1255027003

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shmoneypot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Dec 2021 16:58:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83274
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 15ms
14ms Ping
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-76JW1KVZM8&gtm=2oec10&_p=398102797&sr=1600x1200&ul=en-us&cid=1733615630.1639930006&dl=https%3A%2F%2Fshmoneypot.com%2F&dt=Gdzie%20inwestowa%C4%87%20w%20Gda%C5%84sku%3F%20%E2%80%93%20Wiadomo%C5%9Bci%20Nieruchomo%C5%9Bci%20Wprost&sid=1639930006&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-76JW1KVZM8&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shmoneypot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 19 Dec 2021 16:06:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shmoneypot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shmoneypot.com/	1970-01-20 01:41:46	Name: _gcl_au Value: 1.1.461419685.1639930006
.shmoneypot.com/	1970-01-20 01:41:46	Name: _fbp Value: fb.1.1639930006130.179244858
.shmoneypot.com/	1970-01-20 09:00:58	Name: __gfp_64b Value: 5oPAUq5UkhPrAbHZpcW5q0lYxdkcCPusdGFRStSuRs..p7\|1639930006
.shmoneypot.com/	1970-01-20 17:03:22	Name: _ga_76JW1KVZM8 Value: GS1.1.1639930006.1.0.1639930006.0
shmoneypot.com/	1970-01-19 23:42:14	Name: __oagr Value: true
.shmoneypot.com/	1970-01-20 17:03:22	Name: _ga Value: GA1.2.1733615630.1639930006
.shmoneypot.com/	1970-01-19 23:33:36	Name: _gid Value: GA1.2.1383644114.1639930006
.shmoneypot.com/	1970-01-19 23:32:10	Name: _gat_gtag_UA_8969414_2 Value: 1
.hit.gemius.pl/	1970-01-19 23:42:14	Name: Gtest Value: KlQN7MXGQMQG0uD9BkjMTIEissGMXP8c25nSGJBoQjn7XBG.
.hit.gemius.pl/	1970-01-20 09:00:58	Name: Gdyn Value: Klx4rMMGQMQG0uD9BkjMTIEissGMXP8c25nSGJBoQjn7FRxSG7RrGS6GYo8BFlMXYH8Po1WrGQaPge9iaQG.
.shmoneypot.com/	1970-01-20 08:17:46	Name: deepbi_firstparty_cookie Value: ckxdfzfh00n3afb707x
.shmoneypot.com/	1970-01-19 23:32:11	Name: deepbi_user_session Value: e597be38-b73c-4bb1-afde-83f3c9a390f1\|2
.doubleclick.net/	1970-01-20 08:53:46	Name: IDE Value: AHWqTUmJRMdpL8IIz2YCZJWcqEYtkchxWg4LklGZ50AEinUJRODiMfY13D4QWskUVPc
.shmoneypot.com/	1970-01-20 08:53:46	Name: __gads Value: ID=d9c3a27086adb1cb:T=1639930006:S=ALNI_MZDKZoUUttYvUB9J3GiynBwPbsV5Q
.shmoneypot.com/	1969-12-31 23:59:59	Name: deepbi_user_deepcookie Value: kxdfzfqf-1b8f7v4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shmoneypot.com/hits.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
javascript	warning	URL: https://shmoneypot.com/ Message: The resource https://img.wprost.pl/img/mlyny-gdanskie-sa-efektem-polaczenia-inspiracji-historyczna-zabudowa-gdanska-ze-wspolczesna-architektura-oraz-nowoczesnymi-rozwiazaniami/5b/fe/cee17864dc7f5e599a89712f12c8.jpeg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.ru
advice.hit.gemius.pl
api.deep.bi
connect.facebook.net
d81ca1f88b1f97826891535a379bbe2c.safeframe.googlesyndication.com
get.optad360.io
googleads.g.doubleclick.net
img.wprost.pl
ls.hit.gemius.pl
pagead2.googlesyndication.com
scoring.deep.bi
securepubads.g.doubleclick.net
shmoneypot.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
142.250.184.194
142.250.185.66
146.59.30.108
185.11.128.207
185.137.235.119
2600:9000:206f:a400:11:a4de:2580:93a1
2606:4700:10::6816:28b9
2606:4700:20::681a:f1b
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
0643484d67311199055be01407f32b3310fec6a59fe9e85107ba5f41f19a2cf2
0cd63d847812bbec8c35e6520d0705c9992b94e1f161d855b48cbc670737cf2d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12609be5b4169ed119405e55fcbbe41facdb26c3c615989f81a4bdc34d154ebf
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1af384b1b74e23a1ca7ab3f2b014281c1cd3884a6db231587672306eec6329ef
1b019dba654b6a670ff83612cc866453fac6b389c1da4832159f340ead53081a
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
24fa35573d7e0db487ed379dc1ce2d72776d89129804568e1e5d1dccdfd3a27d
2cf32e34d83dcd4116a50391d664a5ef72c132e712fb880c919bcc4f5438345f
2d16c6bf2e25e475f0971bc6e839faa49e350a764a9e760053b613a0aab1d5f6
2ea665fc0455d38b414a5a31a72f3a8e3a3054b6d3f224d73d5d9057f6b2d3db
331e14f7226ecaea46e85f54db23f4e7a434969120e39c1a54a8087807ddf830
35afb774f93baadbff26bddc324582f3ddb6709f1ee3ed7dca47392db7fdc981
366a6f9726c1274fe14a1ca909d3aa7ec27d33392545bebcc3d8dc6264256bfd
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42029e6774581c9691e7a855bab8e412602160a2592cb13574e6a9b9e0f390a8
425c27047cda8d2449d9aaaf796c2281bde10f4271db9c090675cfc8cfd14a50
42b21abbca1944f3630cf12ce218a16eed50f9673faf100047ca61341e318b80
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47fa322559e024f510b566d12007678367d8d3010627db0258ac1f992e2bf30f
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4c84629456a70df1137ab4bdcddba32050a2524568912630c2538746cbbcdc51
4de28a05e0b438d5800c7dd1345e0ec1a63da96a9e2ad0a65d43203cd91d48ed
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5becbc936c15ff90857967205040c247e0f8a58b4fcbac94763ed3a61e059210
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5f416547d36ab9ef1af8bd30eb509bd63c961ffe240096d7bc6e4a9162eb10df
5fab98b4a0c651fca0d4c03e32be9a49906fee6cf709e4cf40b150da8883d60c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662c42d2b9d5c15f548ec750617d497cea2d63158b7aa9953ac97e20dc3bfb99
684092fc929a6eaee6b5c89341691d93f7b3351fde59c560b9b3de386427061b
6e13e58861d0d8000aa6c0b58204094359a1614ab079848ba8ba3a7f06028066
6e8da9c93695d9066c06a0ff4ad814559e5c186cb7fc93e31a499183e14cdc92
779de053872046185bd650f7e2ffb8b4f1e0ee5f9b2bc73711dbf00f2abc6b28
7d6c3674785d0db6ea9c952d6389ad37ac07753cd0161fb0b6f7e0081153f316
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
8067ebedbe560e9197bd73675a916a0c8608c981bce15196838492731565bcbb
813d68061248785859a089791ba33f25cf9e90e565fa62e5848d88224fc00e9d
82821f5d7a3348ef1fe4e71add918b4f70e7cb64f4c1bd343833254668ee205f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88a1f817fb0825178737f23764d2b053b0e8abcf4d6eaba57ac31615d5b15178
89eafddcdc08a03ea41a88d2b5c2769c4583377506ea20a97cce5e50a42060b5
8d8aa9c2c3798099cba43890c7808bfb34b70dbc853177ef287b50bc28161911
919462eb23533d6a32db8faf732b4d7dafa39f69d32bff2a6905748fedf47bcb
9c7543f17ece99c6b9fc15cd93856cf12e5f8945284a5dbeb926bbb4ac81be73
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab106619cd53cba1c09e1b3aedcf87dc90958fef3b886f9107a0ae94f5dd7733
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b48995e84cad13a4d6f73958a6cd898e761e750b70630914c12d02dda24711b9
b54e4e6b6014aa5438e8ca7d3cf7d6a39bc4d2dd615c6012a4e4d0800667aba5
b97fd3b9b398c747a4e4f41b38d403e7209c782e6f179030feb7ed894bd77161
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c01351f6b65ecb4efde549618c748755dec43b369bec2897260f7f4ec05aebbe
c46aa73fd06a6f561566c9828a9e48d807a3d92f3f692ac28a81ac049e20cdbd
c5e2afbd536a369659cf5aed1d703019d1e32c191f503358be648cfef97ae89c
c76e1e665df37cdb932f74ae303e63e912e40d5b14af3027bdf6a4bacb509625
c79b7506033f731f036b8c0da54494d539ddb31a06a0266c6189a4990f1d13cc
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc450ca6f3818ff2ad8eae3a10277a1018c541e862cb5b9a34466a813e544bd0
d23c6c35e02d267d4ce46c0e9b197720d883ac35a6f608393c9964ff5831d603
d7c4b870733c836a4e6688f1d748901c9b766f678418dd321a4af64de93e20ec
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dc6aa291217a39c090896ceca42dde661767f883062d581a6074b3c27b72d6af
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6bc03a26bf3dbb80a22a2eaf54523f07a7aebac158bcd69d58bd5a13cc9351
f4231e6435e26e6cbd926387d7d59bd67745bae47173ffc868631c4138d80f55
f8b3082371bd6a0093087b633647e5a3f3ec1ef0e97e982814f86821f8512bfc
fd5e88b0f2cc6fb839016d92d209e99cefce24f4ff6bca4c5ab02bc8c2b1ffe0
fe1070238cc5d5feb2683c5b967264d874d39eee9813481d29c7b1eb3ea37b08

shmoneypot.com Open in urlscan Pro 185.137.235.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

99 %HTTPS

77 %IPv6

16 Domains

23 Subdomains

23 IPs

6 Countries

1704 kBTransfer

3832 kBSize

15 Cookies

21 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shmoneypot.com Open in urlscan Pro
185.137.235.119 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

99 %
HTTPS

77 %
IPv6

16
Domains

23
Subdomains

23
IPs

6
Countries

1704 kB
Transfer

3832 kB
Size

15
Cookies

113 HTTP transactions
1 data transactions