urlscan.io logo urlscan.io
SecurityTrails logo

intelligent-money-offers.com Open in urlscan Pro
38.180.18.154  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ak.zougreek.com/4/7117868
Effective URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&int...
Submission: On February 28 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 10 domains to perform 85 HTTP transactions. The main IP is 38.180.18.154, located in Brussels, Belgium and belongs to M247, RO. The main domain is intelligent-money-offers.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time intelligent-money-offers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 2.21.20.198 20940 (AKAMAI-ASN1)
5 139.45.195.8 9002 (RETN-AS)
1 18 188.114.96.3 13335 (CLOUDFLAR...)
11 139.45.197.251 9002 (RETN-AS)
1 139.45.195.253 9002 (RETN-AS)
1 1 5.61.54.143 58061 (SCALAXY-AS)
1 1 193.34.166.106 62370 (SNEL)
1 30 38.180.18.154 9009 (M247)
10 172.217.18.10 15169 (GOOGLE)
4 172.217.16.195 15169 (GOOGLE)
85 9
1    2.21.20.198 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-198.deploy.static.akamaitechnologies.com
ak.zougreek.com
5    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
18    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
graipeepoo.com
11    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
1    139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)
datatechone.com
1    5.61.54.143 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
secureltrk.com
1    193.34.166.106 (Netherlands)

ASN62370 (SNEL, NL)
PTR: arganto.domain.com
vipntrcking.com
30    38.180.18.154 (Brussels, Belgium)

ASN9009 (M247, RO)
intelligent-money-offers.com
10    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
fonts.googleapis.com
4    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 intelligent-money-offers.com
intelligent-money-offers.com
551 KB
18 graipeepoo.com
graipeepoo.com
82 KB
11 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 31094
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
9 KB
5 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11764
3 KB
4 gstatic.com
fonts.gstatic.com
58 KB
1 vipntrcking.com
vipntrcking.com
808 B
1 secureltrk.com
secureltrk.com — Cisco Umbrella Rank: 273922
345 B
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 42429
467 B
1 zougreek.com
ak.zougreek.com — Cisco Umbrella Rank: 162824
2 KB
85 10
Domain Requested by
30 intelligent-money-offers.com 1 redirects intelligent-money-offers.com
18 graipeepoo.com 1 redirects ak.zougreek.com
graipeepoo.com
11 jouteetu.net graipeepoo.com
10 fonts.googleapis.com intelligent-money-offers.com
5 my.rtmark.net ak.zougreek.com
graipeepoo.com
4 fonts.gstatic.com fonts.googleapis.com
1 vipntrcking.com 1 redirects
1 secureltrk.com 1 redirects
1 datatechone.com graipeepoo.com
1 ak.zougreek.com
85 10

This site contains no links.

Subject Issuer Validity Valid
rtmark.net
R3		 2023-12-23 -
2024-03-22		 3 months crt.sh
graipeepoo.com
GTS CA 1P5		 2024-01-12 -
2024-04-11		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-10 -
2024-12-23		 a year crt.sh
intelligent-money-offers.com
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Frame ID: 4275365466B45C02A435E9F0C85970E2
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Special

Page URL History Show full URLs

  1. http://ak.zougreek.com/4/7117868 Page URL
  2. https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z... Page URL
  3. https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z... Page URL
  4. https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd... Page URL
  5. https://graipeepoo.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=786647904915042895&cost=0.002356&z... HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnfgcshidncc... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyL... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

91 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

9
IPs

5
Countries

704 kB
Transfer

2297 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ak.zougreek.com/4/7117868 Page URL
  2. https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  3. https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  4. https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default Page URL
  5. https://graipeepoo.com/rhd?z=4662728&syncedCookie=false&rhd=true HTTP 302
    https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=786647904915042895&cost=0.002356&zoneid=4662728&campaignid=7743830&banner=19837471&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnfgcshidncc73c3jco0 HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
7117868
ak.zougreek.com/4/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.zougreek.com/4/7117868
Protocol
HTTP/1.1
Server
2.21.20.198 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
725
Content-Type
text/html; charset=utf8
Date
Wed, 28 Feb 2024 10:09:52 GMT
Expires
Wed, 28 Feb 2024 10:09:52 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://graipeepoo.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Trace-Id
228a4e2a69ec3926e58f55f16b5104a5
img.gif
my.rtmark.net/ 		43 B
506 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008010475a104e69eda11bbc3cc49eae
Requested by
Host: ak.zougreek.com
URL: http://ak.zougreek.com/4/7117868
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://ak.zougreek.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
graipeepoo.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: ak.zougreek.com
URL: http://ak.zougreek.com/4/7117868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
069a438062d37b54c958e81a454fbff83ba18b52d86d923712a31d943d026dd9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85c7dfe28be1700c-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 10:09:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1MBCsJVPKyJ12fipM51gHHlXsYke31kZ7xr4S4rD6e6RPeAmMQ%2FPk0NILKKNyl%2Fqc9qW98D5K2KYe05dI35877jMgMT7T3%2FA%2B3BzKo%2BCLqGNvUn5OkYINGQYj0R4M70mw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=46793ea27ebd0908a3313a8ffddd4e04
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e7a6abb997ea1e50f798a2cdb1f428a3d109b0bbb5e47e48704c52dbef6d7de5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://graipeepoo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
graipeepoo.com/pfe/current/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 27 Feb 2024 10:14:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ddb606-86e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzfY6Myk1d1EjeGQy0jAcwJ%2FKWuWGWvq%2FHkj98hu0A0Se3b0xWjYc0rioEuPvogLZAZgdeVnWguywbX61454i4ra%2FWq%2FYI2KNSQ78qUq3%2BtmqG1DVkwbRHpqmZDSgG2yhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85c7dfe35d04700c-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
graipeepoo.com/ 		2 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iyx2fd4Y3%2FBNSXK99ZtmvndBtFeZqtAoWE6UOG0LlxSiTNKWV7BJKkXRABoF7GOU8BYZG1HfgWq0qRDdeSaO88Dk8gmcUu70XOTNCJgRWc4UoVD3n%2Fw0rtVEq5CeeYZGUw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85c7dfe36d0d700c-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
graipeepoo.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/19/4662728/?abt_opts=1&var=7117868&var3=786647896874553893&ymid=&rhd=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b518f90a238d27154d24ed22d07f4d4fed71f81d3c99272857b2d1319601305d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
0e2d29ddc6a29ff426ed0e2e8af39208
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbEvJTPKQeHtZyBID%2FF2TG76FSSnwHbLSZflPefV8Izm%2Ffo36Od45U6CdxYl5Y%2BgLYwxXfx8sBKl7BnyWGlW1ET%2Fp0sOsxu1ZxhoBB8P78betawOOyQGOnUbD23auGhoyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85c7dfe36d20700c-CDG
expires
Tue, 11 Jan 1994 10:00:00 GMT
rhd
graipeepoo.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/rhd?rb=2SYI1oqQfymGG9PiBEWleLxn7hUpmEnzzJ3Kpz-Rfb4HpBeiTsak8G_4vXgmEF8-kr9NDvB-1n5znHPJsrlJHcJZ1Mi6SeeSxSFzjDCV4pgF9H9oikuMwuX9rJzngBur5F1voW3b9jyQl3JwsVjbrXfsPVs-Z2D3CCiWt9D_U8sZt-0ZgT7R-bN9l8dFOYAr01JBBc6h2JsRG6Ev9jj7sngadHbVsLqVQqxags9vsQAY4h-0rKSsofKV18SJFYEmG9FCETPjWIV__ZlzDPs9scjH0Fytuoaei56QTQQ2FA5-vJq6shQAJQySw_HAtYQoucCTSJOc5S5MurMCt2DiiyHhM-eh7YaPXFY6zQF6yK7YETw50H3rex7UkRbvsaN46cAoky8BILhFCx_PQKqPaa1Rk91P7hGjP3Xa4nyuZx5ExiAMHW-O8vD4KkYr_S67Ykr2cdfY64Aq9V1j205x7e8z1Gm8x59kLYLG9MZdwRoqPkmMXacjaWrZFbWySqie8HmUjwkD0ssr7KarAG1RoBRPeDQ%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgraipeepoo.com%2F%3Fs%3D786647896874553893%26ssk%3D4a5e3f8e5345afc5d518f4f462295e47%26svar%3D1709114992%26z%3D7117868%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=7117868&var3=786647896874553893&ymid=&rhd=1&m=link
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
b0bccdae5fd0eb2c4dc28b25f37aca78
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxthJJYwvyadsgzH1sX0xI1I%2BCX1qM3zPUk7qv3vFNRHWvTmk4XRDI4RxxH8IRMuQe3yHLcN%2BgRrVsRFWxlKbBbQvC2HT7gAEEVDORC9lB07%2FnXMgBo8IRkB68wYPiRkqw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85c7dfe3edca700c-CDG
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
graipeepoo.com/sw-check-permissions/ 		0
916 B 		Other
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/sw-check-permissions/4662709?var=7117868&ymid=786647896874553893&uhd=1&zoneId=4662709
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9vgCw2WiT%2BCLmlftsCRDT3DyzoFMiB31LpREA8EkNyamuZ9JItcw6P2Jrak82Wo3j%2BpJKxLbPoCFagoPmX0Dh2m%2Bk3%2FnGI1YwqlVzn0ZNOfLyfpuHoApH6AzuxsyOZWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85c7dfe3fdde700c-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
zone
graipeepoo.com/ 		0
434 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=graipeepoo.com&var=7117868&ymid=786647896874553893&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=84c2abb5-d5ec-4ed9-b165-cd27d42af615&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
c1b35aaa98a592fbda6b1673a8214004
date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQsxbQWonI50b70QCoHu%2BqFcq23fUjCTnnqs7y9EdW4uDEQpk4JFPRtU5YDNT8NkE7t6HPmSXLNLqLBgvnIY60xF2SjjqjBTaz82CQFHG497l53iAIAjZ8EZcBYWv4r%2F5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://graipeepoo.com
access-control-allow-credentials
true
cf-ray
85c7dfe3fde1700c-CDG
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=786647896874553893&var=7117868
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e7a6abb997ea1e50f798a2cdb1f428a3d109b0bbb5e47e48704c52dbef6d7de5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://graipeepoo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
zone
graipeepoo.com/ 		796 B
819 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=graipeepoo.com&var=7117868&ymid=786647896874553893&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=84c2abb5-d5ec-4ed9-b165-cd27d42af615&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
a6223ad8d99137b69e7ed987bdb6a09f
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaEJgp0om%2F6jH4VCL%2BKfTEIRXWYJPoI1zm7bc5gwgx%2BEsU4uGwlx9MTkWm5Ih13FAh2q1qZ%2FBwCcl5L%2FvVeLcDpvSY31%2BAlAEGnQq7xrboykMv9hSVTsY9KwRneVt%2FasPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85c7dfe40df9700c-CDG
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0
/
graipeepoo.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
30fdc1b4588e56d406f93bbe63bd7bbd2e0b0bdc8c55a5a929cb793bccca233e

Request headers

Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85c7dfe469cc6f9a-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 10:09:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lm7uGgCSZKzfaY921HcevjPXNNt3o34mU1qCTinuGxBnRm9olq9M0mAXIruWVW89xDWgopi%2BnEuPsuF3pukSVjapu4tlywEtw5uAd8ZU72MRW%2FrSrDZxbgeiEOxFmuZA3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0
micro.tag.min.js
graipeepoo.com/pfe/current/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 27 Feb 2024 10:14:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65ddb606-86e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qhAxVGmulXHp0X5b79j2XGS%2FIVnvqizFfa6p7z9WMNy1aSLJP93QjLRW0BvER1Ud9QMa9sd%2FSdTqQMji1FW0If95HTXSlGeLjU60RkxDH2hq8iUhLm4kEA5PaEYZNt33w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85c7dfe63c8d6f9a-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
graipeepoo.com/19/4662728/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/19/4662728/?abt_opts=1&var=7117868&var3=786647896874553893&ymid=&rhd=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67dfa8db838fa9af664566608199530a54df782bbcccdc43195b67dafa45592e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
02a615c3d2d8d75df82390e16637269e
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soDnNXfCalkp0DfTKlYnj9NDp7VhriFlnl46aF16m5U197xgl20yAcVJrWJ4NnBlzgSt7I2sqezu7Nvbj8OheW7KltAX4o724K428p35qvPfnUmaC6mtqeljmfpur8WXQg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85c7dfe52acb6f9a-CDG
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
graipeepoo.com/ 		2 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm8fiD5rZ1pCewX6vY%2FV5pUZnAfV19fyOLbP%2BKSnxtMS0onpOjUJ2mfZMJ29yo6lpMFzl4RLQdccAMlFvbnmn7Pf1Oh6ORi1sxJxlVlPH4%2FeMgoyPNWTmHkb6%2B6GUvsYbg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85c7dfe57b586f9a-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
graipeepoo.com/sw-check-permissions/ 		0
1007 B 		Other
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/sw-check-permissions/4662709?var=7117868&ymid=786647896874553893&uhd=1&zoneId=4662709
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSOG%2BULzlPJ57eO%2FBGKRLJNNo%2BW29GLd6IyzEBe1IIJEDyM9%2FC%2BdRneoW%2B8epAiudy5duV8oBJ4TilMm%2F2HX%2Fidne5PifhzkiqvvjBx8nmTIa1e9AdttCCHjx5LRGnhLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85c7dfe71db46f9a-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
graipeepoo.com/ 		0
493 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=graipeepoo.com&var=7117868&ymid=786647896874553893&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=3c1619aa-d156-4918-9582-6bd9285056e1&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
c543f52be443ec945e0be3dd089122f3
date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARe%2ByfXyqJL0bKAn168btGCnG0tQau70%2B%2BuX%2BODNd7kimzhbMYYXbuVPhviIWmqz5yPkrQHJA6FzJb%2BIPuplsYq%2Bnx86upln8E6upjMIJpb7tHgdrdDBRia57M%2F5eTS3jg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://graipeepoo.com
access-control-allow-credentials
true
cf-ray
85c7dfe71db76f9a-CDG
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=786647896874553893&var=7117868
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e7a6abb997ea1e50f798a2cdb1f428a3d109b0bbb5e47e48704c52dbef6d7de5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://graipeepoo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
graipeepoo.com/ 		796 B
980 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=graipeepoo.com&var=7117868&ymid=786647896874553893&var_3=&var_4=&dsig=&tg=1&sw=3.1.489&trace_id=3c1619aa-d156-4918-9582-6bd9285056e1&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c1bb8cbc4bdff26afc6ff664779672515c69c885002807bccbdfe0ee1a1c06
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:53 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
47491bfcc70d74ee59ff6dae3a38c288
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO7J1M7yaXjSEfUfP3LCZVyr6CsL96DkRCOzo5utgTiOD2Bn4%2FFO80ImlfXwYU5%2Bcd0ZiLoafzWtsmStkHvf5TZ9eyrknJsP4s6dTC2yXLLIbskwJ6xTjFfKdWJJj5mUHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85c7dfe71dbe6f9a-CDG
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=786647896874553893&var=7117868&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
graipeepoo.com/submenu/4662728/ 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce48cb1c06ad63531ebd60d8872151d37d07d68cf58eedfc6729ff1559ffb41
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
85c7dfea9a536f9a-CDG
content-encoding
gzip
content-type
text/html; charset=utf8
date
Wed, 28 Feb 2024 10:09:54 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpkO66W9%2FTr%2FpNDtub8UK5fIkS9FNO64i5Tm3LDAK9sKtNKprHO83trbsjuXLDAz4K1umqm9njEv6ikKbXcWfl54WLWutSl9Z6sbww52u4M7c6Wky%2BZxRMTbb4y6veua2g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-trace-id
69a58048c90d051943379aba3c9c8d26
sftouch
graipeepoo.com/ 		2 B
768 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://graipeepoo.com/sftouch?userId=46793ea27ebd0908a3313a8ffddd4e04&z=4662728&p_rid=699e9563-65e2-478c-82ad-e4009c2e6aa8&p_src=sf&branchId=0&rb=oIMBRFfotuVgotivRGhgT08dqUBoT9j10s-WfQhgiydorIQBSv64WY3UF2ceOH35SeSZeralfxPow1oOdKViF_oqRLTrACAJOJqRLFkhhlhORSSpxuEExQbfBbwTL2XBykCPmKsFUGc3EqeoqtgXjjVtwhkp8iR6hQiQXlD1Dcz7DkdKd2X4tm6qr6CxsIwb50B7cYIExsjnR-66JKLmpnA14B3J71z9m6HerPBwO4etihVWrIu81LiN-1j0I5GjSjC5xNF9vgvGYY5xguXIbfG3T6dE7QwFpTo89gTwXX40VC9a2KrdIevufrRkih_8k9ObET1CgLk1wT0DDXmr6T6LMUXKMSiPW5X58822uFmZ9bJOmonz9FvtArZXBZXye1XTYa9q1Hu5T4kZSx4Odmt2lhgcVHtp8VWm3wSt0loYPmOJZG9Rchp4L7bvLASw23zpSzFBXgjWDvVekLAhc1OgpvDgj1JC811QKMRhsIt1lBUbomPU3M0aaENmO0PIO1w0K4B3DsP_n0OFo9req0uKmR6eXnbbg0ALPw==
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:54 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2
x-trace-id
5d0fc7d8b1f366d2d7f54a2747af5237
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
https://graipeepoo.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yy6xzPcwQt7Y5yST7Yuo2A5vBHSNxkHI%2FQv3y3xTyfOqZpSc0jwamS29DoSK9h1VxBn4%2Fj69Zf%2Bbhl8v%2F3%2BBjjxfs83H6qr9oYxTqKqdcIDB6JEvYW0NHMPGT9S3dbu62w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85c7dfeb2b126f9a-CDG
expires
Tue, 11 Jan 1994 10:00:00 GMT
img.gif
my.rtmark.net/ 		43 B
505 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=46793ea27ebd0908a3313a8ffddd4e04&z=4662728&p_rid=699e9563-65e2-478c-82ad-e4009c2e6aa8&p_src=sf
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://graipeepoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 10:09:54 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://graipeepoo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
add
datatechone.com/log/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=699e9563-65e2-478c-82ad-e4009c2e6aa8
Requested by
Host: graipeepoo.com
URL: https://graipeepoo.com/submenu/4662728/?rhd=1&var=7117868&var3=786647896874553893&oaid=46793ea27ebd0908a3313a8ffddd4e04&usage_case=push_default
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://graipeepoo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Feb 2024 10:09:54 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://graipeepoo.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request index.php
intelligent-money-offers.com/amazonspecial/en/
Redirect Chain
  • https://graipeepoo.com/rhd?z=4662728&syncedCookie=false&rhd=true
  • https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=786647904915042895&cost=0.002356&zoneid=4662728&campaignid=7743830&banner=19837471&zone_type={zone_type}&user_activity=high&subzone_...
  • https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnfgcshidncc73c3jco0
  • https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
  • https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectRet...
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://graipeepoo.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Feb 2024 10:09:55 GMT
PX-IPCountryISO
PL
PX-IPTimestamp
1709055655 1709114815 1709106414
PX-X-Request-Id
8d32de14e034fc7caeb23a35d5482e58
Server
nginx
Transfer-Encoding
chunked
X-Server
egestas
X-Upstream
stavri-***ko

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Feb 2024 10:09:55 GMT
Location
en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
PX-IPCountryISO
PL
PX-IPTimestamp
1709055655 1709114815 1709106414
PX-X-Request-Id
f9eec5695a29ae10b4d14a81982dbcd4
Server
nginx
Transfer-Encoding
chunked
X-Server
egestas
X-Upstream
stavri-***ko
css2
fonts.googleapis.com/ 		7 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:10:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
css2
fonts.googleapis.com/ 		2 KB
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 10:09:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
css2
fonts.googleapis.com/ 		6 KB
766 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 10:07:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:56 GMT
css2
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:15:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
css2
fonts.googleapis.com/ 		10 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:44:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
css2
fonts.googleapis.com/ 		8 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 09:53:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:56 GMT
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 08:53:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
style.min5697.css
intelligent-money-offers.com/amazonspecial/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
208e88c000d878252c34e07d6e343f6c
style68b3.css
intelligent-money-offers.com/amazonspecial/css/ 		851 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style68b3.css?ver=1
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-353"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
584a4de470a4b941fde5a3505430b57e
all.css
intelligent-money-offers.com/amazonspecial/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-eac4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
1f5d24943ce5e09075541ddbc748b4eb
avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
intelligent-money-offers.com/amazonspecial/css/ 		383 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-5faa0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
92d1f8a62eecdf2c717327be0d32a62e
v4-shims.css
intelligent-money-offers.com/amazonspecial/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/v4-shims.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-684e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
4831b7a0a7d372462a9d7537ee57af1c
css
fonts.googleapis.com/ 		66 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 10:09:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:55 GMT
css2
fonts.googleapis.com/ 		5 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 08:35:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:56 GMT
slick.min.css
intelligent-money-offers.com/amazonspecial/css/ 		1 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/slick.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-559"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114774 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
28c6e1a29718ca2bbc3c16f0fc09c19c
all.min.css
intelligent-money-offers.com/amazonspecial/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-de7d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
51c7351cb977747d246fbfb6f71c321d
custom.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/custom.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2ce1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
f30e3eae84ea7464ac9f0b66c30ddcf1
funnel.css
intelligent-money-offers.com/amazonspecial/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-160d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114774 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
8fc97204d9c66e37cf7ea451aa32e85f
funnel-additional.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel-additional.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2d29"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
e3bb0477bdfbeacaed8346a51de77620
bootstrap.min.css
intelligent-money-offers.com/amazonspecial/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/bootstrap.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-22688"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
43e6541fa05e2dc1c2421364d970dab3
intgrtn.css
intelligent-money-offers.com/amazonspecial/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/intgrtn.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
9cea0a91744b29f99566cd9ded958f21
5fb67d77b617d_v.png
intelligent-money-offers.com/amazonspecial/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-137e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
867958ff8cc9b783c0a08d511e8a3d7f
5fb67d77d9256_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		25 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-6293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
6bd3373af419fd11c44a78d5736b75e8
5fb67d78c1ea3_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-45f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
d44c9ae5387fa41bc820400ee15c5368
5fb67d78cd12b_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		63 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-fa5a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709055655 1709114774 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
b5576036959a8dbd9ae4dac1707d124f
jquery-1.11.3.min.js
intelligent-money-offers.com/amazonspecial/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-176d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
f2af217b40ee1a8ee2bf770da22ed4ad
bootstrap.min.js
intelligent-money-offers.com/amazonspecial/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/bootstrap.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-c75f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
9953863e53a79bdf18a5bea3f5136f0e
css2
fonts.googleapis.com/ 		5 KB
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&amp;display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f10.1e100.net
Software
ESF /
Resource Hash
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Feb 2024 10:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 10:09:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Feb 2024 10:09:56 GMT
amazon-1-1.jpg
intelligent-money-offers.com/amazonspecial/img/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/amazon-1-1.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-195bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
ba9949324613f2df56d54040fc3d78a2
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:02:32 GMT
x-content-type-options
nosniff
age
18444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 05:02:32 GMT
uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:51:12 GMT
x-content-type-options
nosniff
age
91124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:28:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:51:12 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:56 GMT
x-content-type-options
nosniff
age
91260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:48:56 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:49:13 GMT
x-content-type-options
nosniff
age
91243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:49:13 GMT
entypo-fontello.woff2
intelligent-money-offers.com/amazonspecial/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
"637dce63-9754"
Content-Type
font/woff2
X-Upstream
stavri-***ko
PX-IPTimestamp
1709055655 1709114815 1709106414
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
09d852c7b9c8b441e2c0368b082418f0
Accept-Ranges
bytes
Content-Length
38740
sdk.js
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		489 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709055655 1709114815 1709106414
Connection
keep-alive
Last-Modified
Wed, 28 Feb 2024 08:34:14 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65def006-7a2f9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
PL
PX-X-Request-Id
31304b3ec017fcde06598d6eb79fedcf
Expires
Thu, 27 Feb 2025 09:05:05 GMT
details.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		45 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/details.php?&clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&custom2=cnfgcshidncc73c3jco0
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
97127a98f1358c902de200b74f9af94ec5c479dbe489b98bef765f3c0b7c59f0

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709055655 1709114815 1709106414
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
369ad877d9ddca8c99b78db04d5e7847
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
ee8332e33e81dd8544979ef730bea6af9c3a86f32f0115d0ea16f20c1f9d8c6c

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709055655 1709114815 1709106414
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7746e9b4326fb1283b6771495cc0b501
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
sdk.css
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709055655 1709114774 1709106414
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:51:47 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a54683-14923"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
PL
PX-X-Request-Id
4999592ae756f3ae1ea2923acb39671f
Expires
Tue, 14 Jan 2025 15:54:51 GMT
eye-1a.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709055655 1709114774 1709106414
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:49:32 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a545fc-42f"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
PL
PX-X-Request-Id
e62d0c9a33bf61ae69d681b7fb9fe170
Expires
Tue, 14 Jan 2025 15:54:51 GMT
flags32.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709055655 1709114815 1709106414
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:49:32 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a545fc-afed"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
PL
PX-X-Request-Id
f2d34183ca7276840b699b396f3872bb
Expires
Tue, 14 Jan 2025 15:54:51 GMT
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&locale=en-US
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
9a6debd0ac8eb432d83f24a47a48fe81bfcb59372febdcc15614e696061b64eb

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709055655 1709114815 1709106414
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
973c8f0c6e3bc82f7aaf92958c2dc5c6
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
add.php
intelligent-money-offers.com/intgrtn/api/v1/events/ 		171 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/events/add.php
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=12024128111
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
0082aa9dc525d51718e600e49cbd6855e1b9270b8fabad0c1cb87d0b29e029f7

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95&intgrtn_custom2=cnfgcshidncc73c3jco0&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 28 Feb 2024 10:09:56 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://intelligent-money-offers.com
PX-IPTimestamp
1709055655 1709114774 1709106414
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
b3b95995084310c89bb5f4eaa5abc77b
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| bootstrap object| jQuery11130804431944394383 function| intgrtnInit object| intgrtn

17 Cookies

Domain/Path Name / Value
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_clickID
Value: nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_custom2
Value: cnfgcshidncc73c3jco0
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_redirectReturningLead
Value: auto
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_locale
Value: en-US
ak.zougreek.com/ Name: OAID
Value: 008010475a104e69eda11bbc3cc49eae
ak.zougreek.com/ Name: oaidts
Value: 1709114992
my.rtmark.net/ Name: ID
Value: 008010475a104e69eda11bbc3cc49eae
graipeepoo.com/ Name: syncedCookie
Value: true
graipeepoo.com/ Name: prefetchAd_4662728
Value: true
graipeepoo.com/ Name: reverse
Value: A4CkTeCrvxMou5g-t6Hgr-ov9IHRkL_g3bU1nNg2R-0
graipeepoo.com/ Name: oaidts
Value: 1709114994
graipeepoo.com/ Name: OAID
Value: 008010475a104e69eda11bbc3cc49eae
secureltrk.com/ Name: uclick
Value: zenfwQtcPto1guvwamCY5TKnlmlB54bxoS02QuZmO5TSl6p6+H156B6r5+YLsYmBMUqZsg==
secureltrk.com/ Name: bcid
Value: cnfgcshidncc73c3jco0
secureltrk.com/ Name: cid
Value: cnfgcshidncc73c3jco0
vipntrcking.com/ Name: clickID
Value: nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95
vipntrcking.com/ Name: leadID
Value: nBb0Y47KvjdWOAoxamkeX07AZvP5wJ6RG2QqElrpMZVyLzg95

9 Console Messages

Source Level URL
Text
other warning URL: http://ak.zougreek.com/partitial/5117836/?var=7117868&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/?s=786647896874553893&ssk=4a5e3f8e5345afc5d518f4f462295e47&svar=1709114992&z=7117868&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/afu.php?zoneid=4662728&var=4662728&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=true&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://graipeepoo.com/afu.php?zoneid=4662728&var=4662728&rid=UOc2oKHlKAQMxeQ00KE1Mg%3D%3D&rhd=true&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.zougreek.com
datatechone.com
fonts.googleapis.com
fonts.gstatic.com
graipeepoo.com
intelligent-money-offers.com
jouteetu.net
my.rtmark.net
secureltrk.com
vipntrcking.com
jouteetu.net
139.45.195.253
139.45.195.8
139.45.197.251
172.217.16.195
172.217.18.10
188.114.96.3
193.34.166.106
2.21.20.198
38.180.18.154
5.61.54.143
0082aa9dc525d51718e600e49cbd6855e1b9270b8fabad0c1cb87d0b29e029f7
069a438062d37b54c958e81a454fbff83ba18b52d86d923712a31d943d026dd9
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
25c1bb8cbc4bdff26afc6ff664779672515c69c885002807bccbdfe0ee1a1c06
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
30fdc1b4588e56d406f93bbe63bd7bbd2e0b0bdc8c55a5a929cb793bccca233e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e
67dfa8db838fa9af664566608199530a54df782bbcccdc43195b67dafa45592e
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
82d8362b37eb75953222f757b3f69b712f2fcc1b6cf31f7948e9636915db4f05
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
97127a98f1358c902de200b74f9af94ec5c479dbe489b98bef765f3c0b7c59f0
9a6debd0ac8eb432d83f24a47a48fe81bfcb59372febdcc15614e696061b64eb
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b518f90a238d27154d24ed22d07f4d4fed71f81d3c99272857b2d1319601305d
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d
cce48cb1c06ad63531ebd60d8872151d37d07d68cf58eedfc6729ff1559ffb41
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e7a6abb997ea1e50f798a2cdb1f428a3d109b0bbb5e47e48704c52dbef6d7de5
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee8332e33e81dd8544979ef730bea6af9c3a86f32f0115d0ea16f20c1f9d8c6c
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93