urlscan.io logo urlscan.io
SecurityTrails logo

intelligent-money-offers.com Open in urlscan Pro
185.142.239.82  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://jfjle4g5l.com/EDP/EDP.php?c=2013762
Effective URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&int...
Submission: On March 06 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 11 domains to perform 88 HTTP transactions. The main IP is 185.142.239.82, located in Amsterdam, Netherlands and belongs to COGENT-174, US. The main domain is intelligent-money-offers.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time intelligent-money-offers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

IP Address AS Autonomous System
4 212.117.190.201 7979 (SERVERS-COM)
1 72.247.154.91 20940 (AKAMAI-ASN1)
17 172.64.166.25 13335 (CLOUDFLAR...)
3 139.45.195.8 9002 (RETN-AS)
9 139.45.197.251 9002 (RETN-AS)
1 1 5.61.54.143 58061 (SCALAXY-AS)
1 1 185.142.239.85 174 (COGENT-174)
1 30 185.142.239.82 174 (COGENT-174)
10 142.250.186.42 15169 (GOOGLE)
4 142.250.185.227 ()
88 9
4    212.117.190.201 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
jfjle4g5l.com
1    72.247.154.91 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-154-91.deploy.static.akamaitechnologies.com
ak.itponytaa.com
17    172.64.166.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
ladrecaidroo.com
3    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
1    5.61.54.143 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
secureltrk.com
1    185.142.239.85 (Amsterdam, Netherlands)

ASN174 (COGENT-174, US)
PTR: black.host-85.239.142.185.in-addr.arpa
vipntrcking.com
30    185.142.239.82 (Amsterdam, Netherlands)

ASN174 (COGENT-174, US)
PTR: black.host-82.239.142.185.in-addr.arpa
intelligent-money-offers.com
10    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
4    142.250.185.227 (None, )

ASN- ()
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 intelligent-money-offers.com
intelligent-money-offers.com
551 KB
17 ladrecaidroo.com
ladrecaidroo.com
72 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
9 KB
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771 Failed
4 gstatic.com
fonts.gstatic.com
58 KB
4 jfjle4g5l.com
jfjle4g5l.com — Cisco Umbrella Rank: 68777
25 KB
3 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818 Failed
2 KB
1 vipntrcking.com
vipntrcking.com
809 B
1 secureltrk.com
secureltrk.com — Cisco Umbrella Rank: 247272
345 B
1 itponytaa.com
ak.itponytaa.com — Cisco Umbrella Rank: 115821
4 KB
0 go-mpulse.net Failed
s.go-mpulse.net Failed
88 11
Domain Requested by
30 intelligent-money-offers.com 1 redirects ladrecaidroo.com
intelligent-money-offers.com
17 ladrecaidroo.com ak.itponytaa.com
ladrecaidroo.com
10 fonts.googleapis.com intelligent-money-offers.com
9 jouteetu.net ladrecaidroo.com
4 fonts.gstatic.com fonts.googleapis.com
4 jfjle4g5l.com jfjle4g5l.com
3 my.rtmark.net ak.itponytaa.com
ladrecaidroo.com
1 vipntrcking.com 1 redirects
1 secureltrk.com 1 redirects
1 ak.itponytaa.com jfjle4g5l.com
0 s.go-mpulse.net Failed ak.itponytaa.com
88 11

This site contains no links.

Subject Issuer Validity Valid

Buypass Class 2 CA 5		 2024-01-09 -
2024-07-06		 6 months crt.sh
ladrecaidroo.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
intelligent-money-offers.com
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Frame ID: BF389B046452F6AE3093080266BE496B
Requests: 90 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://jfjle4g5l.com/EDP/EDP.php?c=2013762 Page URL
  2. https://jfjle4g5l.com/?r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_... Page URL
  3. http://ak.itponytaa.com//4/6483363 Page URL
  4. https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z... Page URL
  5. https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z... Page URL
  6. https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=789298008675332507&cost=0.000579&z... HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnkal31idncc... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepk... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

86 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

9
IPs

5
Countries

720 kB
Transfer

2332 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jfjle4g5l.com/EDP/EDP.php?c=2013762 Page URL
  2. https://jfjle4g5l.com/?r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_tvhFZmoggVtZGobRJd94GTsOgXZwRbavu1S0PY6AbrovZutb-rRsXwXpmvjoiaYcSbndUUGzM0mN6hdLw0AhqWXNe3Ugyuy3nbf9WrsJpAJtewDgKPnnwRl-Sk7OoZwSfGsezQ2Skr7K3ydD6nDixYld6DJlpRMvHrXuvtQ80rvqttT4ewp-vawTI9CPwRuUK7TcKBli3TJ3IsAx8SwBToRey66_-Rb7wuZP2M05WTKOy9pW6nDIxg==&fdl=1&nojs=0&abvar=0&febuild=1.0.211&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3489749688639488&eclog=0&im=0&pload=236&rlp=%5B0%2C0%2C92.89999961853027%2C46.89999961853027%2C4.19999885559082%2C70.70000076293945%2C118%2C70.70000076293945%5D Page URL
  3. http://ak.itponytaa.com//4/6483363 Page URL
  4. https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  5. https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  6. https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=789298008675332507&cost=0.000579&zoneid=4662728&campaignid=7743830&banner=19837471&zone_type={zone_type}&user_activity=high&subzone_id=0&oaid=e0f98d6c843ea2cd6f44d62731e25839 HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnkal31idncc739ip010 HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
EDP.php
jfjle4g5l.com/EDP/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jfjle4g5l.com/EDP/EDP.php?c=2013762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1db6d11ad8c66caae69d1be20e8a2a1aba8bc93e21b358032158745bfcbd4769

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 17:40:27 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
check.sumbit.dl
submit.min.js
jfjle4g5l.com/ 		45 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jfjle4g5l.com/submit.min.js?abvar=
Requested by
Host: jfjle4g5l.com
URL: https://jfjle4g5l.com/EDP/EDP.php?c=2013762
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a5b822d18f93333cb253738dbac705dc26ce79b42d7a919447a65e149e6cb510

Request headers

accept-language
pl-PL,pl;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2024 15:45:46 GMT
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
x-js-ab
current
etag
W/"65e88faa-b3cd"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
jfjle4g5l.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jfjle4g5l.com/?r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_tvhFZmoggVtZGobRJd94GTsOgXZwRbavu1S0PY6AbrovZutb-rRsXwXpmvjoiaYcSbndUUGzM0mN6hdLw0AhqWXNe3Ugyuy3nbf9WrsJpAJtewDgKPnnwRl-Sk7OoZwSfGsezQ2Skr7K3ydD6nDixYld6DJlpRMvHrXuvtQ80rvqttT4ewp-vawTI9CPwRuUK7TcKBli3TJ3IsAx8SwBToRey66_-Rb7wuZP2M05WTKOy9pW6nDIxg==&fdl=1&nojs=0&abvar=0&febuild=1.0.211&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3489749688639488&eclog=0&im=0&pload=236&rlp=%5B0%2C0%2C92.89999961853027%2C46.89999961853027%2C4.19999885559082%2C70.70000076293945%2C118%2C70.70000076293945%5D
Requested by
Host: jfjle4g5l.com
URL: https://jfjle4g5l.com/submit.min.js?abvar=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9
sec-ch-device-memory
8
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light
sec-ch-prefers-reduced-motion
no-preference
sec-ch-prefers-reduced-transparency
no-preference
sec-ch-viewport-height
1200
sec-ch-viewport-width
1600

Response headers

accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Mar 2024 17:40:27 GMT
referrer-policy
no-referrer
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
x-route-id
redirect.dl
6483363
ak.itponytaa.com//4/ 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ak.itponytaa.com//4/6483363
Requested by
Host: jfjle4g5l.com
URL: https://jfjle4g5l.com/?r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_tvhFZmoggVtZGobRJd94GTsOgXZwRbavu1S0PY6AbrovZutb-rRsXwXpmvjoiaYcSbndUUGzM0mN6hdLw0AhqWXNe3Ugyuy3nbf9WrsJpAJtewDgKPnnwRl-Sk7OoZwSfGsezQ2Skr7K3ydD6nDixYld6DJlpRMvHrXuvtQ80rvqttT4ewp-vawTI9CPwRuUK7TcKBli3TJ3IsAx8SwBToRey66_-Rb7wuZP2M05WTKOy9pW6nDIxg==&fdl=1&nojs=0&abvar=0&febuild=1.0.211&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3489749688639488&eclog=0&im=0&pload=236&rlp=%5B0%2C0%2C92.89999961853027%2C46.89999961853027%2C4.19999885559082%2C70.70000076293945%2C118%2C70.70000076293945%5D
Protocol
HTTP/1.1
Server
72.247.154.91 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-154-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
Access-Control-Allow-Methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
* *
Access-Control-Max-Age
86400
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2709
Content-Type
text/html; charset=utf8
Date
Wed, 06 Mar 2024 17:40:27 GMT
Expires
Wed, 06 Mar 2024 17:40:27 GMT
Link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ladrecaidroo.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Server-Timing
cdn-cache; desc=MISS edge; dur=6 origin; dur=7 ak_p; desc="1709746827443_1224186455_75824609_1304_797_45_0_-";dur=1
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Akamai-Transformed
9 728 0 pmb=mRUM,1
X-Trace-Id
b05cc43dba1521406e86bc7d8ada9e86
dupa.gif
jfjle4g5l.com/ 		43 B
482 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jfjle4g5l.com/dupa.gif?z=2013762&r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_tvhFZmoggVtZGobRJd94GTsOgXZwRbavu1S0PY6AbrovZutb-rRsXwXpmvjoiaYcSbndUUGzM0mN6hdLw0AhqWXNe3Ugyuy3nbf9WrsJpAJtewDgKPnnwRl-Sk7OoZwSfGsezQ2Skr7K3ydD6nDixYld6DJlpRMvHrXuvtQ80rvqttT4ewp-vawTI9CPwRuUK7TcKBli3TJ3IsAx8SwBToRey66_-Rb7wuZP2M05WTKOy9pW6nDIxg==&fdl=1&nojs=0&abvar=0&febuild=1.0.211&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3489749688639488&eclog=0&im=0&pload=236&rlp=%5B0%2C0%2C92.89999961853027%2C46.89999961853027%2C4.19999885559082%2C70.70000076293945%2C118%2C70.70000076293945%5D&pload=60&rlp=%5B0%2C0%2C0%2C0%2C-48.5%2C-0.20000076293945312%2C-0.8000011444091797%2C0%5D
Requested by
Host: jfjle4g5l.com
URL: https://jfjle4g5l.com/?r=dir&zoneid=2013762&pb=fc81271497b0c1f10612ee24469087441709754027&psp=wx1_tvhFZmoggVtZGobRJd94GTsOgXZwRbavu1S0PY6AbrovZutb-rRsXwXpmvjoiaYcSbndUUGzM0mN6hdLw0AhqWXNe3Ugyuy3nbf9WrsJpAJtewDgKPnnwRl-Sk7OoZwSfGsezQ2Skr7K3ydD6nDixYld6DJlpRMvHrXuvtQ80rvqttT4ewp-vawTI9CPwRuUK7TcKBli3TJ3IsAx8SwBToRey66_-Rb7wuZP2M05WTKOy9pW6nDIxg==&fdl=1&nojs=0&abvar=0&febuild=1.0.211&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&vcv=Intel%20Inc.&vcn=Intel%20Iris%20OpenGL%20Engine&ix=0&x=1600&y=1200&md=0&afid=3489749688639488&eclog=0&im=0&pload=236&rlp=%5B0%2C0%2C92.89999961853027%2C46.89999961853027%2C4.19999885559082%2C70.70000076293945%2C118%2C70.70000076293945%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
sec-ch-viewport-height
1200
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
sec-ch-device-memory
8
sec-ch-viewport-width
1600
sec-ch-prefers-reduced-transparency
no-preference
Referer
sec-ch-prefers-reduced-motion
no-preference
sec-ch-dpr
1
sec-ch-prefers-color-scheme
light

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
x-route-id
stats.redirect-pixel
server
nginx
accept-ch
sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin
*
content-length
43
content-type
image/gif
6WL56-FSD2M-ZCAVG-BJ5B7-474ZA
s.go-mpulse.net/boomerang/ 		0
0
img.gif
my.rtmark.net/ 		0
0
/
ladrecaidroo.com/ 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: ak.itponytaa.com
URL: http://ak.itponytaa.com//4/6483363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
d9a5b43d2669764f0a56565b4c0528ad658991bc71e38165d736a37b99487992

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
860421888bc59bd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Mar 2024 17:40:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s58Nb%2BUS5mvamybCsobnTnzVQ6NU4U%2FGEqGbCIqyAF6wsDdvmfz8z0V2eRbiJEK9N4DOLKxWs73DpBuQJYibFvWtaE9H7O9iCGmDVfnWEQWy4gU471V%2FV55cPRepzCuQ%2FMYs"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=e0f98d6c843ea2cd6f44d62731e25839
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
99216cdf156138a7a9d68b8902ccde5904453d616c752c093183597d3d2708ee
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ladrecaidroo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
ladrecaidroo.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 17:40:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Mar 2024 15:56:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e740c4-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwA4hf3797AGIt6Tu1OD8H6VTZC1d2aZClA%2Ff6tl7E8NMSD1iJQDdo4ZJ%2F35IRjHPJ3R%2BnMQ6L7DpH%2B0hsfCb73%2Bvn4akqY1pVqdqCdDD%2FjDuDljwvUwJzGp43QD4Dabg3mh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
860421894cff9bd7-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
ladrecaidroo.com/ 		2 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ky2aXcGUmGdJPx8PEBCuvj3NZFOt8c%2FYBTqJf3RvpMQl4aQjoC2W5qm7l6Jrcx9qA1TT54svtJrAGc8MVF%2FHwaogAWmRV4LjrlFXSRjiIuMmppFzbO4gqoHiWojwGgZX2bN"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
860421894cfc9bd7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
ladrecaidroo.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/19/4662728/?abt_opts=1&var=6483363&var3=789298005282132213&ymid=&rhd=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e9acc93de0f26797299c157538ce28dc7c5bf3c3803067d33227e39c3bc03e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
9ecf8a682f073cad6972ba29b4326cd6
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkwHvL4YCLwEXm3GaGtWnupQy0thYQXUgq8cAkkssUAhc3NZO16rWdl9juzm8NxB5Sb5zG%2BHrfWukSdWCS9BAknwSQOZ7U2Ny9%2FEK4QWQVDHdwaoBhsE7ghb2Gg90G7PmTc3"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
860421895d0c9bd7-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
rhd
ladrecaidroo.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/rhd?rb=JfYcOL937wk7S-hX0akv8u1M33C42vygm38N_u-5xAWwjdnyLhPhuaB5pLrrSteB_gVFItMj_p6ELuxDzAmj9V65zJCZPZbR98fyhACkDuoB_FRl6k2fAVXyySsyq3CFFpmTnu5jAJSKp91pWRci4y1a_xZ8l3VCjkorb7kV_5hsWuz5CDV0kUg74sdMjjpgeNUnv4JxN53vrmQU8JLKjL8En8E-KN-z5tHZ5bfmVhUtj-9GOx8USkQwrNXI0fpFH_5pE1KTQrLpny2t0drBG_--PM8G0MxcTTAa7U-OTw3RiZa6YcnLJn5aPh1wDG1wsqgSPv9TmcKWP8HUw1m7u6z_A5pIaEosCPjD8VpGBUsnTNCW-692PzVbuHnFjNtzUFKsSp8BO-EiqgAs49bxyt3iV5EX83tFVRKdrw6ZCZktzGXkXlt90q6YYQhg3PobfxeOQco2g0oPOG2OQ0hN2m12dpsww2Auv39kJZD260sEmqXKZWhWvgn0E4t8DHCGw_Rt5T6wzZFyapoVonwC_eIQ6_x7vtka&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fladrecaidroo.com%2F%3Fs%3D789298005282132213%26ssk%3D08776ab4008c0be3bb47be30b5a3a94e%26svar%3D1709746827%26z%3D6483363%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6483363&var3=789298005282132213&ymid=&rhd=1&m=link
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
74e0c596759cb824ed5484de742c329a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1oESB0vuUxvzm2Kjn1XOeCQDGsf5kxlDfZguZyk0ssRGlRhp9Cnzjgi2Aw%2FuQyhVF3luD9hX7ZGdUTKKzkF%2Be5yzq318nD%2FPWoVmY0ygS5e6aldDAqqGqz8U2EC7nLLVOTf"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
86042189cdc19bd7-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0
4662709
ladrecaidroo.com/sw-check-permissions/ 		0
916 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/sw-check-permissions/4662709?var=6483363&ymid=789298005282132213&uhd=1&zoneId=4662709
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFQO6cpNgyCME0%2FPrR9Yn6LiR5mY2oP5ts0drKVXRMQ%2BA1KtAL8Z3ISX0WnVLeh%2BcfX1pJ%2F0W7u0uQjpJrdC3k6wOCgjJHyiUCJLWwh3aLxNxfazDa%2Fn23fZ0mfOiT3Vcf2w"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
86042189ee059bd7-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
zone
ladrecaidroo.com/ 		0
408 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ladrecaidroo.com&var=6483363&ymid=789298005282132213&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=f33cee21-7d95-4f94-a2e4-da786ffb8259&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
0550009930d8e07b0def10d3bd354f62
date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBkgFteFNCfWjBX%2BMvn42y1j7r6ONG3oXeOOBTUARuaGXsefVRwdOhSL4%2BSR%2BNZva38D6uZwo0gqPbMgwJw0t87OIbC5vdIuJNylpcR82gnepjFhG1nMXmBft5nIPEEwnADi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ladrecaidroo.com
access-control-allow-credentials
true
cf-ray
86042189ee019bd7-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=789298005282132213&var=6483363
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ladrecaidroo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
zone
ladrecaidroo.com/ 		796 B
1013 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ladrecaidroo.com&var=6483363&ymid=789298005282132213&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=f33cee21-7d95-4f94-a2e4-da786ffb8259&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:27 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
5bd262acc84a5a4c123bbff2b9659392
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeHcFdRp2ghHwSeILMsIRcfv59pcFeqyPfq3fZrSty18IyR0AJQ4yrHJT9lE2FSGyWWejqxJQL6leglXGngqZ1BZi727jeAQBPHouqukwdX5ywz0oGKyVdl%2FUPL%2FsXsPEjTY"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
86042189faff038e-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0
/
ladrecaidroo.com/ 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
08a1083ff108cfcf29f7e2fa70488636a4feb57ea9cf8f17b3d4c6366fd0860b

Request headers

Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8604218a6bd7038e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Mar 2024 17:40:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI2CWSAVUUQ2MWH145GGdfJEfDkLG1V2V515vnSQNbbVikkjaahD0QotF1HBnyDyZgZXzEsNxr4Cm5S%2FXdRY2thTFNCAcvRD7INMd2gJTnU2YS%2BRQaYnega4YWSQosR%2BlnL5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
custom
jouteetu.net/ 		0
0
micro.tag.min.js
ladrecaidroo.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 17:40:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 05 Mar 2024 15:56:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e740c4-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oVzzmNcx29S08OUW8ONmyFt9dpuSVtjBkw8FGcgYrehlHzVhQP6GPcLN6Y5L6mgXqk7CbB2ysQQ43ygisGJHILSmx86oRYdr4FVfRLG3ry9QAX6rLgfpsbEPAJzWIVOItqI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8604218b3d34038e-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
ladrecaidroo.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/19/4662728/?abt_opts=1&var=6483363&var3=789298005282132213&ymid=&rhd=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb52c1b1149334b643e95627678624dc9061ca88adbf2ab16a1ce7f3f373051
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
b55f34e94375d4c7a9c86976e0afb802
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpXtpR3BCVFea%2B0PtTqRYCU%2BpOPiNNO2d%2BD1ChiImNo9aAjTRFdP%2FtWYsnRydPMkSV%2FhleJ4F3LOmUWv37Z%2FJdS2oZic%2BuU7PT9b9ch17BRwgeyMm0f6Tttee9QPSeUNknzq"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8604218b3d36038e-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
ladrecaidroo.com/ 		2 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvwWDoisYaYbWQlGAh9vaaFMh%2BotxNMgV2FFjOorS5VbwI3q54vxM1noUkydvywxz%2Bkl4ayUVYJPmDPIaLSMkFXhwg7wBEVqlGAVjD3A2mLqPgrBex5klLX0ndKVCmG0azYQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8604218b6d6f038e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
ladrecaidroo.com/sw-check-permissions/ 		0
998 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/sw-check-permissions/4662709?var=6483363&ymid=789298005282132213&uhd=1&zoneId=4662709
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k72YltUyXGJH0L3nZVrG%2FHHJuxuWMrdiHfjdakGTszL1rHas%2BdmKDg0XjcqpCe1ph%2BkeIHcD8G%2BDgl4kPAVhce1QWQvQI9X4XwVfZhXirfKLeMXoKcK1xLIcFA0QWx%2BlAxti"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8604218badc5038e-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
ladrecaidroo.com/ 		0
488 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ladrecaidroo.com&var=6483363&ymid=789298005282132213&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=d99dbe22-1eec-4862-b3d6-47bbcbeb57ad&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
9c4dc317e9f331e8c1c132965b9a30c2
date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ApiLr2OIyQxOJ3BEa5r1%2B30e65t4%2Fc%2FXkrWILWkW3NGrFhW8fsXTAQgv3tU6PKkWcclBVKrO8sJ9tc%2FB9764%2BeBWw3juuura%2FaF0LcJ0qu8W9tRqUUL07uhU8w0q1YI6YAf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ladrecaidroo.com
access-control-allow-credentials
true
cf-ray
8604218badca038e-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=789298005282132213&var=6483363
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
99216cdf156138a7a9d68b8902ccde5904453d616c752c093183597d3d2708ee
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ladrecaidroo.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
ladrecaidroo.com/ 		796 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=ladrecaidroo.com&var=6483363&ymid=789298005282132213&var_3=&var_4=&dsig=&tg=1&sw=3.1.495&trace_id=d99dbe22-1eec-4862-b3d6-47bbcbeb57ad&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a20fef2620f8cf2c4e99a4560439fb0b45919ec3ec99b6126893cabcd94de0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
50122411e837b876d52ebb9244d14bb6
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9ZEBpLiN%2BjGqibjHA5MWziul3jqPFDGCtwJnogP8Iru3p6UqW91mdI7uU9EwslMc3MK%2FN0CaXO3KhvTAWwUQuXbl2O9oOnYEJ67PbyOPIyc9pBMm7ZR0VL82dOTb6bDhlBD"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8604218bbdda038e-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
rhd
ladrecaidroo.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/rhd?rb=HiAAoNbZLanFh_fknAkS7s0vKhpFBpNjesV0CiZMb0-MvpuOJ2B_B-oZxW_werU9YdltUtPc1KY8rheeVT4OMSr1EorX2TzAFqz2e9ajJl1e3ctnpNDdhg971EnxS_m15_h62gOemq_tCn2Jzzi87XobhgemYST8UvkVUth1-pwmVh282zjJjB5QHewwB9IMBBXHeRUN3E-txt_YB-RIgVE0DTPOrw1SxdaIA5GAVd6xyg4GLxEMotkn2Gh2AhX2bDGo0RYg-Ip8HLkDMT2rwECu7Trt75sR6FuJ1U1E-pcJnCEpesyM02P7DD7GVBQo4OsxGV6B5apjoAUUj3khlWT-QD0xhj8rbbbUwMP9gHnmeeoCzeo0xpC0LORraUiNeUxmuCKrw406bXsMkps9AKQx7Zo_mC0V4LxNrzNgrCA1xTpBzhqAAdktDULt6SRvznDL98a99kePjHGk_inCOUqPGW4wn26lmz8bpJ-XPdvJA_2IfKXHie-tHJfzDAKX7QdltsHldXpl2khZZG7rLMhX_owMXBX55pbEVg%3D%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fladrecaidroo.com%2F%3Fs%3D789298005282132213%26ssk%3D08776ab4008c0be3bb47be30b5a3a94e%26svar%3D1709746827%26z%3D6483363%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fladrecaidroo.com%2F%3Fs%3D789298005282132213%26ssk%3D08776ab4008c0be3bb47be30b5a3a94e%26svar%3D1709746827%26z%3D6483363%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=6483363&var3=789298005282132213&ymid=&rhd=1&m=link
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab4d4392dfa189d8cc0104b8752ad219e398bed771be091f30c7a72ed06f7bb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
3a4001a14800d85eb84993472c54d185
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dh7JSm6KCQRTg8uiz59fK0YC3fv3LFgd0auQ1dQTJf22zAwENjyul0R2uQbOw2XvS7laBxtV7AlbVMNA%2Bot9LrjmYM%2BfK4UrRQ4azN1w%2F0D%2B3Gd885lSySghs6jsRK2gSJ3K"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8604218bbdde038e-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/pfe/current/micro.tag.min.js?z=4662709&ymid=789298005282132213&var=6483363&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ladrecaidroo.com/
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request index.php
intelligent-money-offers.com/amazonspecial/en/
Redirect Chain
  • https://secureltrk.com/click?key=0d6af299bdfdb75e6a17&visitor_id=789298008675332507&cost=0.000579&zoneid=4662728&campaignid=7743830&banner=19837471&zone_type={zone_type}&user_activity=high&subzone_...
  • https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnkal31idncc739ip010
  • https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
  • https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectRet...
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Mar 2024 17:40:30 GMT
PX-IPCountryISO
PL
PX-IPTimestamp
1709649960 1709746634 1709711223
PX-X-Request-Id
b75a966fa3c2349f5fcad8e3abbfc0df
Server
nginx
Transfer-Encoding
chunked
X-Server
tincidunt
X-Upstream
evlampi-***ko

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Mar 2024 17:40:29 GMT
Location
en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
PX-IPCountryISO
PL
PX-IPTimestamp
1709649960 1709746634 1709711223
PX-X-Request-Id
4e12b767a20057e6e8321c7dd6a74dc0
Server
nginx
Transfer-Encoding
chunked
X-Server
tincidunt
X-Upstream
evlampi-***ko
cat.php
ladrecaidroo.com/ 		0
754 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ladrecaidroo.com/cat.php?userId=e0f98d6c843ea2cd6f44d62731e25839&zoneid=4662728&rb=HiAAoNbZLanFh_fknAkS7s0vKhpFBpNjesV0CiZMb0-MvpuOJ2B_B-oZxW_werU9YdltUtPc1KY8rheeVT4OMSr1EorX2TzAFqz2e9ajJl1e3ctnpNDdhg971EnxS_m15_h62gOemq_tCn2Jzzi87XobhgemYST8UvkVUth1-pwmVh282zjJjB5QHewwB9IMBBXHeRUN3E-txt_YB-RIgVE0DTPOrw1SxdaIA5GAVd6xyg4GLxEMotkn2Gh2AhX2bDGo0RYg-Ip8HLkDMT2rwECu7Trt75sR6FuJ1U1E-pcJnCEpesyM02P7DD7GVBQo4OsxGV6B5apjoAUUj3khlWT-QD0xhj8rbbbUwMP9gHnmeeoCzeo0xpC0LORraUiNeUxmuCKrw406bXsMkps9AKQx7Zo_mC0V4LxNrzNgrCA1xTpBzhqAAdktDULt6SRvznDL98a99kePjHGk_inCOUqPGW4wn26lmz8bpJ-XPdvJA_2IfKXHie-tHJfzDAKX7QdltsHldXpl2khZZG7rLMhX_owMXBX55pbEVg==&var=6483363&var3=789298005282132213&ymid=&rhd=1
Requested by
Host: ladrecaidroo.com
URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.166.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 06 Mar 2024 17:40:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
e1446ea5b53e3a214cd6a036db68d407
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcRKoEIWf%2FAWuL%2Fn8mrgP9SFU1NPdsa3iL5u6tuhROKi8BqbjwS73cqKtWmWRi%2Fq2xdtrgXPw3TCfhRiVjPxP2ZFTNAvr6Lma5GcSypv6dtbe0vQ%2BJjrVZWJacyXnKDg3Zuu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ladrecaidroo.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
8604218f3b8e038e-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ 		7 KB
699 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		2 KB
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		6 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:34:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		10 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:04:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		8 KB
778 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 16:45:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:36 GMT
css2
fonts.googleapis.com/ 		9 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 15:41:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
style.min5697.css
intelligent-money-offers.com/amazonspecial/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7e7ecc2fc726b13618e39941bf89cc44
style68b3.css
intelligent-money-offers.com/amazonspecial/css/ 		851 B
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style68b3.css?ver=1
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-353"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
d4e40b76844399e14ad1facb160137a0
all.css
intelligent-money-offers.com/amazonspecial/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-eac4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
67137d2710f064d51798961f40bba8fa
avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
intelligent-money-offers.com/amazonspecial/css/ 		383 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-5faa0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
9851bc76e087c71fe58455d391b03249
v4-shims.css
intelligent-money-offers.com/amazonspecial/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/v4-shims.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-684e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
4a2c78b2b6e8ce5ae5e8ed43d9b33f7d
css
fonts.googleapis.com/ 		66 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:03:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
slick.min.css
intelligent-money-offers.com/amazonspecial/css/ 		1 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/slick.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-559"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
f08cca975e6f119ef262f953e4f3b316
all.min.css
intelligent-money-offers.com/amazonspecial/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-de7d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
64c7db330d5d4ba1c1582613e0add6ad
custom.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/custom.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2ce1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
4f3d162f0c8714db926803a1646141bb
funnel.css
intelligent-money-offers.com/amazonspecial/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-160d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
6f4cbc3ec7d17f227fb3b7a31747d319
funnel-additional.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel-additional.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2d29"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7045135b7bededbb09937e616f9a3b3a
bootstrap.min.css
intelligent-money-offers.com/amazonspecial/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/bootstrap.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-22688"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
f05aa348b1713e2322e9dc2b39180ae0
intgrtn.css
intelligent-money-offers.com/amazonspecial/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/intgrtn.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
e599900f042347912b0cea94bd7b936f
5fb67d77b617d_v.png
intelligent-money-offers.com/amazonspecial/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-137e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
1c8778631853baf46bcb5e50f6b0aee4
5fb67d77d9256_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		25 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-6293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7f4c24ebe468b760eb1fa3bf3b285d47
5fb67d78c1ea3_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-45f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
55c390c6649980dd1d883571db0b3c9a
5fb67d78cd12b_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		63 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-fa5a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
771096da641cc5e3a4dd16916fd84613
jquery-1.11.3.min.js
intelligent-money-offers.com/amazonspecial/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-176d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746705 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7901b599c68832cf416fdc53def77757
bootstrap.min.js
intelligent-money-offers.com/amazonspecial/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/bootstrap.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
STALE
ETag
W/"637dce63-c75f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
a5a61a27cf52f8e3e4ee5a3bd3eef8f9
css2
fonts.googleapis.com/ 		5 KB
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&amp;display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 17:40:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 17:40:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 17:40:30 GMT
amazon-1-1.jpg
intelligent-money-offers.com/amazonspecial/img/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/amazon-1-1.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-195bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
ecd46e62466b29c4c73d21b714340bbb
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 02:27:03 GMT
x-content-type-options
nosniff
age
141209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 02:27:03 GMT
uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 04:43:14 GMT
x-content-type-options
nosniff
age
133038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:28:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 04:43:14 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 14:47:55 GMT
x-content-type-options
nosniff
age
96757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 14:47:55 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 14:30:02 GMT
x-content-type-options
nosniff
age
97830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 14:30:02 GMT
entypo-fontello.woff2
intelligent-money-offers.com/amazonspecial/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Origin
https://intelligent-money-offers.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:31 GMT
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
"637dce63-9754"
Content-Type
font/woff2
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709649960 1709746634 1709711223
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
7f7ef2e39e35a1e17130c7488ffb5887
Accept-Ranges
bytes
Content-Length
38740
sdk.js
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		489 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709649960 1709746634 1709711223
Connection
keep-alive
Last-Modified
Tue, 05 Mar 2024 16:14:17 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65e744d9-7a2f9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Server
tincidunt
PX-IPCountryISO
PL
PX-X-Request-Id
4e110069572e2f57990e7da23ceb3369
Expires
Thu, 06 Mar 2025 09:37:12 GMT
details.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		45 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/details.php?&clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&custom2=cnkal31idncc739ip010
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
279a20f3911bbca46bdb5b0c16255d447b898c9b0c4984aac04e6e236d462bb1

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 06 Mar 2024 17:40:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709649960 1709746634 1709711223
Vary
Accept-Encoding
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
34ac395b7d75ef248cbdd39aedc79fb2
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
bd2e836d41d162f41365c0142b4085f2927e9e91e90cb44fac94549d92abb1e7

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 06 Mar 2024 17:40:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709649960 1709746634 1709711223
Vary
Accept-Encoding
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
37b270afc102e441d9fcdfa5adcc35ff
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
sdk.css
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709649960 1709746634 1709711223
Connection
keep-alive
Last-Modified
Tue, 30 Jan 2024 09:31:06 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65b8c1da-14923"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
X-Server
tincidunt
PX-IPCountryISO
PL
PX-X-Request-Id
3401ed772908bd25419cb196e99c717a
Expires
Wed, 29 Jan 2025 12:49:10 GMT
eye-1a.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709649960 1709746634 1709711223
Connection
keep-alive
Last-Modified
Tue, 30 Jan 2024 09:28:49 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65b8c151-42f"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
tincidunt
PX-IPCountryISO
PL
PX-X-Request-Id
7a56e94e8b4ca563f7d559e149770ec7
Expires
Wed, 29 Jan 2025 12:49:10 GMT
flags32.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Wed, 06 Mar 2024 17:40:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709649960 1709746634 1709711223
Connection
keep-alive
Last-Modified
Tue, 30 Jan 2024 09:28:49 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65b8c151-afed"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
tincidunt
PX-IPCountryISO
PL
PX-X-Request-Id
d4d0a4c00e1214fa749caef0ad6cf7c0
Expires
Wed, 29 Jan 2025 12:49:10 GMT
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&locale=en-US
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
0603e073228742d3d3ed70160771f78ea840caa9863a926eb7b7aef2b194422d

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 06 Mar 2024 17:40:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709649960 1709746634 1709711223
Vary
Accept-Encoding
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
5b425763aba3640824e66c394f84b1c8
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
add.php
intelligent-money-offers.com/intgrtn/api/v1/events/ 		171 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/events/add.php
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202426184
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.142.239.82 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
black.host-82.239.142.185.in-addr.arpa
Software
nginx /
Resource Hash
a45a2bc19d2284464641d32c739daf1051adb8acf645652d9bfbb0b56adf5255

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R&intgrtn_custom2=cnkal31idncc739ip010&country=PL&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Wed, 06 Mar 2024 17:40:37 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://intelligent-money-offers.com
PX-IPTimestamp
1709649960 1709746634 1709711223
Vary
Accept-Encoding
X-Server
tincidunt
PX-IPCountryISO
PL
Connection
keep-alive
PX-X-Request-Id
2220dfefd9600aa862947057161a3382
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.go-mpulse.net
URL
https://s.go-mpulse.net/boomerang/6WL56-FSD2M-ZCAVG-BJ5B7-474ZA
Domain
my.rtmark.net
URL
https://my.rtmark.net/img.gif?f=merge&userId=008017c1ec46425fef48da45967d1773
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Domain/Path Name / Value
jfjle4g5l.com/ Name: CHCK
Value: 1
jfjle4g5l.com/ Name: UID
Value: 2403061240a10ff304b4aa4efaa60ed7ec94
jfjle4g5l.com/ Name: OACCAP
Value: ACpubgAAAAAAAAAB
jfjle4g5l.com/ Name: OACBLOCK
Value: ACpubgAAAABl5%2FhQ
jfjle4g5l.com/ Name: OXCCLK
Value: ACpubgAAAAAAAAAB
jfjle4g5l.com/ Name: OXPCLK
Value: AAIoBgAAAAAAAAAB
jfjle4g5l.com/ Name: ppucnt
Value: 1
ak.itponytaa.com/ Name: OAID
Value: 008017c1ec46425fef48da45967d1773
ak.itponytaa.com/ Name: oaidts
Value: 1709746827
ladrecaidroo.com/ Name: oaidts
Value: 1709746827
my.rtmark.net/ Name: ID
Value: 008017c1ec46425fef48da45967d1773
ladrecaidroo.com/ Name: syncedCookie
Value: true
ladrecaidroo.com/ Name: OAID
Value: e0f98d6c843ea2cd6f44d62731e25839
ladrecaidroo.com/ Name: prefetchAd_4662728
Value: true
ladrecaidroo.com/ Name: reverse
Value: TLf1GlNjjlcsco36e2sTYB4tn2qIEoPj24gTRmui9-U
secureltrk.com/ Name: uclick
Value: mr/fwVxab9g1hOvxbmCYsIYxJ2kcvGH3uXfP3sqt9z/V/ir+EH2XIz+Wbr1Vbk2ZQ8Ay7w==
secureltrk.com/ Name: bcid
Value: cnkal31idncc739ip010
secureltrk.com/ Name: cid
Value: cnkal31idncc739ip010
vipntrcking.com/ Name: clickID
Value: 1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R
vipntrcking.com/ Name: leadID
Value: 1q5VomYxQ3GWAZrBdl69XJveDGv4X0DyMPn2gzJKbaepkO74R

7 Console Messages

Source Level URL
Text
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ladrecaidroo.com/?s=789298005282132213&ssk=08776ab4008c0be3bb47be30b5a3a94e&svar=1709746827&z=6483363&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.itponytaa.com
fonts.googleapis.com
fonts.gstatic.com
intelligent-money-offers.com
jfjle4g5l.com
jouteetu.net
ladrecaidroo.com
my.rtmark.net
s.go-mpulse.net
secureltrk.com
vipntrcking.com
jouteetu.net
my.rtmark.net
s.go-mpulse.net
139.45.195.8
139.45.197.251
142.250.185.227
142.250.186.42
172.64.166.25
185.142.239.82
185.142.239.85
212.117.190.201
5.61.54.143
72.247.154.91
0603e073228742d3d3ed70160771f78ea840caa9863a926eb7b7aef2b194422d
08a1083ff108cfcf29f7e2fa70488636a4feb57ea9cf8f17b3d4c6366fd0860b
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
1db6d11ad8c66caae69d1be20e8a2a1aba8bc93e21b358032158745bfcbd4769
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
279a20f3911bbca46bdb5b0c16255d447b898c9b0c4984aac04e6e236d462bb1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
4fb52c1b1149334b643e95627678624dc9061ca88adbf2ab16a1ce7f3f373051
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e
63e9acc93de0f26797299c157538ce28dc7c5bf3c3803067d33227e39c3bc03e
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
76d2557eeb69b8934253e2892c6a80cf8f27ecb31ca33605d798007a9b73d541
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
85a20fef2620f8cf2c4e99a4560439fb0b45919ec3ec99b6126893cabcd94de0
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
99216cdf156138a7a9d68b8902ccde5904453d616c752c093183597d3d2708ee
a45a2bc19d2284464641d32c739daf1051adb8acf645652d9bfbb0b56adf5255
a5b822d18f93333cb253738dbac705dc26ce79b42d7a919447a65e149e6cb510
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
bd2e836d41d162f41365c0142b4085f2927e9e91e90cb44fac94549d92abb1e7
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d
cab4d4392dfa189d8cc0104b8752ad219e398bed771be091f30c7a72ed06f7bb
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
d9a5b43d2669764f0a56565b4c0528ad658991bc71e38165d736a37b99487992
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93