intelligent-money-offers.com Open in urlscan Pro
38.180.18.154 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4...
Effective URL:
https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&int...
Submission: On January 31 via manual (January 31st 2024, 8:34:41 am UTC) from SK — Scanned from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 13 domains to perform 53 HTTP transactions. The main IP is 38.180.18.154, located in Brussels, Belgium and belongs to M247, RO. The main domain is intelligent-money-offers.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.

This is the only time intelligent-money-offers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	185.66.201.43 185.66.201.43	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	185.66.201.8 185.66.201.8	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1 1	34.90.81.51 34.90.81.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	139.45.196.64 139.45.196.64	9002 (RETN-AS) (RETN-AS)
1 2	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	139.45.195.253 139.45.195.253	9002 (RETN-AS) (RETN-AS)
1 3	2.16.202.16 2.16.202.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	5.61.54.143 5.61.54.143	58061 (SCALAXY-AS) (SCALAXY-AS)
1 1	193.34.166.43 193.34.166.43	62370 (SNEL) (SNEL)
1 30	38.180.18.154 38.180.18.154	9009 (M247) (M247)
10	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
53	10

1 185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu

548981.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu

i-i-i.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.81.51 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.81.90.34.bc.googleusercontent.com

get.contenfordphone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS, GB)

ptaumtee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

grunoaph.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.253 (United Kingdom)

ASN9002 (RETN-AS, GB)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.202.16 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-16.deploy.static.akamaitechnologies.com

ak.deephicy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.61.54.143 (Dronten, Netherlands) 1 redirects

ASN58061 (SCALAXY-AS, LV)

deftrk.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.166.43 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)
PTR: donec.domain.com

vipntrcking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 38.180.18.154 (Brussels, Belgium) 1 redirects

ASN9009 (M247, RO)

intelligent-money-offers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	intelligent-money-offers.com 1 redirects intelligent-money-offers.com	551 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	9 KB
4	gstatic.com fonts.gstatic.com	58 KB
3	deephicy.net 1 redirects ak.deephicy.net — Cisco Umbrella Rank: 125594	15 KB
2	datatechone.com datatechone.com — Cisco Umbrella Rank: 49226	933 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11663	983 B
2	grunoaph.net 1 redirects grunoaph.net — Cisco Umbrella Rank: 165023	1 KB
1	vipntrcking.com 1 redirects vipntrcking.com — Cisco Umbrella Rank: 754072	806 B
1	deftrk.live 1 redirects deftrk.live	341 B
1	ptaumtee.com ptaumtee.com	14 KB
1	contenfordphone.com 1 redirects get.contenfordphone.com	271 B
1	i-i-i.world i-i-i.world	334 B
1	548981.top 548981.top	859 B
53	13

	Domain	Requested by
30	intelligent-money-offers.com	1 redirects intelligent-money-offers.com
10	fonts.googleapis.com	intelligent-money-offers.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ak.deephicy.net	1 redirects ak.deephicy.net
2	datatechone.com	ptaumtee.com ak.deephicy.net
2	my.rtmark.net	ptaumtee.com ak.deephicy.net
2	grunoaph.net	1 redirects ptaumtee.com
1	vipntrcking.com	1 redirects
1	deftrk.live	1 redirects
1	ptaumtee.com	i-i-i.world
1	get.contenfordphone.com	1 redirects
1	i-i-i.world	548981.top
1	548981.top
53	13

This site contains no links.

Subject Issuer	Validity	Valid
548981.top R3	`2023-12-26` - `2024-03-25`	3 months	crt.sh
i-i-i.world R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
ptaumtee.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
grunoaph.net R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
rtmark.net R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh
ak.hetaruwg.com R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
intelligent-money-offers.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Frame ID: FD1F3C2DBB3048A759A8633A296DE3BF
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Special

Page URL History Show full URLs

https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4... Page URL
https://i-i-i.world/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3... Page URL
https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1706690075aff98e51e051414... HTTP 302
https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898 Page URL
https://grunoaph.net/?z=4422908&syncedCookie=true&rhd=false HTTP 302
https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60 Page URL
https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://deftrk.live/click?key=f27c929a0a2eaa7ad9fb&visitor_id=776477062671380513&cost=0.001378&z... HTTP 307
https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cmt0c71idncc... HTTP 302
https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q... HTTP 302
https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

15 %
IPv6

13
Domains

13
Subdomains

10
IPs

5
Countries

649 kB
Transfer

2162 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4a_9269&cv=wfnd6cnu2959i1fu29i8i4am Page URL
https://i-i-i.world/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1706690075aff98e51e0514145a748a675%26sub5%3D29610565&do=65b4852e07bf6dbc52420263583929d5 Page URL
https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1706690075aff98e51e0514145a748a675&sub5=29610565 HTTP 302
https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898 Page URL
https://grunoaph.net/?z=4422908&syncedCookie=true&rhd=false HTTP 302
https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60 Page URL
https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://deftrk.live/click?key=f27c929a0a2eaa7ad9fb&visitor_id=776477062671380513&cost=0.001378&zoneid=6118780&campaignid=7833298&banner=20069134&zone_type={zone_type}&user_activity=high&subzone_id=0 HTTP 307
https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cmt0c71idncc73cl0o50 HTTP 302
https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto HTTP 302
https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1706690075aff98e51e0514145a748a675&sub5=29610565 HTTP 302
https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898

Request Chain 6

https://grunoaph.net/?z=4422908&syncedCookie=true&rhd=false HTTP 302
https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
548981.top/b7395ed6ea53a96cd28d/39c2664af1/ 646 B
859 B 707ms
57ms Document
text/html 185.66.201.43
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4a_9269&cv=wfnd6cnu2959i1fu29i8i4am

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.43.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jan 2024 08:34:35 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex,nofollow

GET
H2 200 go.php
i-i-i.world/ 593 B
334 B 238ms
25ms Document
text/html 185.66.201.8
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL

https://i-i-i.world/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1706690075aff98e51e0514145a748a675%26sub5%3D29610565&do=65b4852e07bf6dbc52420263583929d5

Requested by

Host: 548981.top
URL: https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4a_9269&cv=wfnd6cnu2959i1fu29i8i4am

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),

Reverse DNS

185.66.201.8.skhosting.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://548981.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 31 Jan 2024 08:34:36 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

link Show response
ptaumtee.com/
Redirect Chain

https://get.contenfordphone.com/sl?id=6322ddd4737205d3c53c3d47&pid=2243&sub1=30affC1706690075aff98e51e0514145a748a675&sub5=29610565
https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898

32 KB
14 KB

111ms
28ms

Document
text/html

139.45.196.64
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898

Requested by

Host: i-i-i.world
URL: https://i-i-i.world/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1706690075aff98e51e0514145a748a675%26sub5%3D29610565&do=65b4852e07bf6dbc52420263583929d5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2c896f0ee5d579e59d56254d0b0fad3dcd0a4e85c67e6c97c1830ec7222f9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://i-i-i.world/go.php?go=https%3A%2F%2Fget.contenfordphone.com%2Fsl%3Fid%3D6322ddd4737205d3c53c3d47%26pid%3D2243%26sub1%3D30affC1706690075aff98e51e0514145a748a675%26sub5%3D29610565&do=65b4852e07bf6dbc52420263583929d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Wed, 31 Jan 2024 08:34:36 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: c158ea2d0b83ccc70fcb6aeaad994b74

Redirect headers

access-control-allow-origin: *
content-length: 0
date: Wed, 31 Jan 2024 08:34:36 GMT
location: https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898
referer
referrer-policy: no-referrer
server: nginx
x-adjust-use-original-forwarded-for: 1

POST
H2 200 sftouch
grunoaph.net/ 0
0 68ms
15ms Ping
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://grunoaph.net/sftouch?userId=c11400e87a1f4cdb8308685cb81b6f92&z=4422908&p_rid=fe407f9d-7ca9-4483-9da3-b22640a66ea6&p_src=sf&branchId=400702&rb=wM8LVHdDdVTRFxFD747xaHkQHSw2dGqM1UC98E5Mfb5Oq6nelfHGSFiragFsoPeI_UPNZyB0IwNSE9rJKFMryTOlvD51aIGreo5iDgkMQbT3T_rSdh2r9YF944v34n50XwMiAC2iH0DVoIyPerabs3DJnxVU-EL8_aiqTtGvXH15kNxXWQXWeXBFqVdgdEjFEPaPWysc8fAOdSFdwDYgxIABPMTzGmuY2BHpIHaNvUXZq6xLcaOFAXODh4VfEoyaqo6-c3TUADpXsr5dActnHmiDN7VKUnEwz13wwbOBxnDU7hS80o7ytn1HOSGpTWOJx-cXLbD52gvKwi2c-s3asw==
Requested by: Host: ptaumtee.com
URL: https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ptaumtee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 img.gif
my.rtmark.net/ 43 B
492 B 70ms
20ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=c11400e87a1f4cdb8308685cb81b6f92&z=4422908&p_rid=fe407f9d-7ca9-4483-9da3-b22640a66ea6&p_src=sf

Requested by

Host: ptaumtee.com
URL: https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ptaumtee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 08:34:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
465 B 104ms
16ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=bcd96ce6-b505-48b5-9340-40da2dac97e6
Requested by: Host: ptaumtee.com
URL: https://ptaumtee.com/link?z=6510871&var=2243_29610565&ymid=65ba061c21e6120001683898
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://ptaumtee.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 31 Jan 2024 08:34:36 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ptaumtee.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
ak.deephicy.net/4/6118780/
Redirect Chain

https://grunoaph.net/?z=4422908&syncedCookie=true&rhd=false
https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60

32 KB
14 KB

114ms
23ms

Document
text/html

2.16.202.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-16.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35fd5a6b778f63f85af3ea2942eaa74fdf8e014b3d7a159c58d31c9163dce67c

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ptaumtee.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 13202
content-type: text/html; charset=utf8
date: Wed, 31 Jan 2024 08:34:36 GMT
expires: Wed, 31 Jan 2024 08:34:36 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: aa53f03da54af06627c7500508692eb5

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ptaumtee.com
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Wed, 31 Jan 2024 08:34:36 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 0bb1810fb6084862109c3839f77abc57

POST
H2 200 sftouch
ak.deephicy.net/ 2 B
539 B 29ms
28ms Ping
text/plain 2.16.202.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.deephicy.net/sftouch?userId=8bc6c3dba6ef4a0db19c265c51419381&z=6118780&p_rid=071a9410-e344-4a09-ba4e-cb4a61ab1d89&p_src=sf&branchId=150020&rb=YQNaLL6lmypCUff_qhokDnc-WEwNN5nG1XbtMvFOthq4WCrXN7C3Pxd06HBhkJGA241Klsw-SfWhMMiVlkUhPxO_4gOc7JNcU_Bg4bkleM23vH_hvBi8hqBWGPJIcwOAj8-jdZD638C5BexFqgP46Sm_bKmnvA2KEezzyhegdv4H74dl46doacqoihKzusOPE2L4qX6zTKRocRJZiBxbDAjLp6RmQ-PBkklxvBMU9U6at2G8lnSEcEkEzDiscrXRcifsqyibzwvqhTdp4PjdOoKa-OBUCjjKeRY-UzP2llR9Y7A5TKAbnQ==

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.202.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-202-16.deploy.static.akamaitechnologies.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=1
date: Wed, 31 Jan 2024 08:34:36 GMT
x-content-type-options: nosniff
content-length: 2
x-trace-id: dbd6729589ae213fca67f1696d7aef5e
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ak.deephicy.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Wed, 31 Jan 2024 08:34:36 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
491 B 14ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=8bc6c3dba6ef4a0db19c265c51419381&z=6118780&p_rid=071a9410-e344-4a09-ba4e-cb4a61ab1d89&p_src=sf

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ak.deephicy.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 08:34:36 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H/1.1 200
OK add
datatechone.com/log/ 2 B
468 B 15ms
15ms XHR
text/plain 139.45.195.253
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=c794b92d-d8af-4b23-8c84-8e16aaa87f6f
Requested by: Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=4422908&btz=Europe/Berlin&bto=-60
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.253 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash

Request headers

Referer: https://ak.deephicy.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 31 Jan 2024 08:34:36 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.deephicy.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H/1.1

200
OK

Primary Request index.php Show response
intelligent-money-offers.com/amazonspecial/de/
Redirect Chain

https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false
https://deftrk.live/click?key=f27c929a0a2eaa7ad9fb&visitor_id=776477062671380513&cost=0.001378&zoneid=6118780&campaignid=7833298&banner=20069134&zone_type={zone_type}&user_activity=high&subzone_id=0
https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cmt0c71idncc73cl0o50
https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectRet...

29 KB
9 KB

103ms
103ms

Document
text/html

38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 34eac3c742d773c06bba433b0f28e7f37e5b18bce3a3c5f2882a040f7922c698

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.deephicy.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 08:34:37 GMT
PX-IPCountryISO: DE
PX-IPTimestamp: 1706626332 1706689932 1706687232
PX-X-Request-Id: 5908d598c168a42994da486d73a2567f
Server: nginx
Transfer-Encoding: chunked
X-Server: egestas
X-Upstream: evlampi-***ko

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 08:34:37 GMT
Location: de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
PX-IPCountryISO: DE
PX-IPTimestamp: 1706626332 1706689932 1706687232
PX-X-Request-Id: 3622a7f05eaa510f83083f6d60bb43b6
Server: nginx
Transfer-Encoding: chunked
X-Server: egestas
X-Upstream: evlampi-***ko

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
722 B 57ms
34ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Requested by

Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2909edf30b16f7de68ac1337efa233d86638574e6cfa9f6cdc864209c04bdd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:02:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
474 B 53ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0b5040188b87d5fbf5bea8f2917a8974044d1c3bf4b54addf32b6108f27b4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:34:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
743 B 59ms
36ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd9a11ca1953fa8496e162a862524599ddbe0272bffcc08131570bba7c816d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:02:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
531 B 52ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 07:23:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
863 B 58ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

029bb5d248019deb70476021d41809a4922c550bd730d66cfa1c3f6840bbee75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:16:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
755 B 52ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c455bd6ebceda276c47696f41c77f926cf6a0d5bf64dc1d38c77860bf0fd1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:19:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
839 B 56ms
33ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 07:06:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H/1.1 200
OK style.min5697.css
intelligent-money-offers.com/amazonspecial/css/ 53 KB
8 KB 25ms
23ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-d293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 5680beec2431d14680ace6bc2575345a

GET
H/1.1 200
OK style68b3.css
intelligent-money-offers.com/amazonspecial/css/ 851 B
779 B 44ms
18ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/style68b3.css?ver=1
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-353"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 752a57be10e545b506fecee4d0293cbc

GET
H/1.1 200
OK all.css
intelligent-money-offers.com/amazonspecial/css/ 59 KB
13 KB 76ms
42ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/all.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-eac4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: b1e1951cd8d5ce5395e8c80e407a691e

GET
H/1.1 200
OK avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
intelligent-money-offers.com/amazonspecial/css/ 383 KB
52 KB 85ms
50ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-5faa0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689969 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: ec091f00271811c2f953ea6bcf661cd7

GET
H/1.1 200
OK v4-shims.css
intelligent-money-offers.com/amazonspecial/css/ 26 KB
5 KB 78ms
44ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/v4-shims.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-684e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689969 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 61df663362b4e5a630c303035f0a82a6

GET
H2 200 css
fonts.googleapis.com/ 64 KB
2 KB 50ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08b87e395be8657aae7546e37f3e1f374f9f937d8337a6029c44f353ed5c73aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:34:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 48ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03b42c369450f4dbaff7256e7bed1b9056a6a279f667492e00a8675beaf99da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:13:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H/1.1 200
OK slick.min.css
intelligent-money-offers.com/amazonspecial/css/ 1 KB
988 B 52ms
18ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/slick.min.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689882 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 8bf6f6083f42e0468854d19f54cc616c

GET
H/1.1 200
OK all.min.css
intelligent-money-offers.com/amazonspecial/css/ 56 KB
12 KB 66ms
32ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/all.min.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-de7d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 81fd1168f75f2e47688efedbb3e7de1d

GET
H/1.1 200
OK custom.css
intelligent-money-offers.com/amazonspecial/css/ 11 KB
3 KB 68ms
23ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/custom.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-2ce1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 7f07a68c33ce338350ca176ae825134d

GET
H/1.1 200
OK funnel.css
intelligent-money-offers.com/amazonspecial/css/ 88 KB
14 KB 94ms
42ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/funnel.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-160d1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689882 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 9e1d4ad31afe1b9709c6430b5cc9c4d1

GET
H/1.1 200
OK funnel-additional.css
intelligent-money-offers.com/amazonspecial/css/ 11 KB
3 KB 86ms
19ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/funnel-additional.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-2d29"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 1c6cd29edd82c8b040d86eb0c91c73f7

GET
H/1.1 200
OK bootstrap.min.css
intelligent-money-offers.com/amazonspecial/css/ 138 KB
21 KB 91ms
23ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/bootstrap.min.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-22688"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 5e55722500db9bbe771f7bf8172d34ca

GET
H/1.1 200
OK intgrtn.css
intelligent-money-offers.com/amazonspecial/css/ 3 KB
1 KB 96ms
20ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/css/intgrtn.css
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-d2d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 4dacbecd3b35d7788f3796cf972299e5

GET
H/1.1 200
OK 5fb67d77b617d_v.png
intelligent-money-offers.com/amazonspecial/img/ 5 KB
5 KB 19ms
18ms Image
image/png 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-137e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: b91e83ae44e3bbc5d7fc4fcfb7d6ed2b

GET
H/1.1 200
OK 5fb67d77d9256_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 25 KB
22 KB 20ms
20ms Image
image/jpeg 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-6293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: stavri-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 47d2e5de80c3145c9f23d36ceda37f1f

GET
H/1.1 200
OK 5fb67d78c1ea3_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 17 KB
14 KB 21ms
21ms Image
image/jpeg 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-45f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: stavri-***ko
PX-IPTimestamp: 1706626332 1706689882 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: ea071ba14c50de2e2abcdeaecfee9885

GET
H/1.1 200
OK 5fb67d78cd12b_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 63 KB
61 KB 21ms
21ms Image
image/jpeg 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-fa5a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: stavri-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: b8523e01975d2b03ff260842869dc423

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
intelligent-money-offers.com/amazonspecial/js/ 94 KB
33 KB 115ms
41ms Script
application/javascript 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-176d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689969 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: b5482f489a24526617fcab72faa57821

GET
H/1.1 200
OK bootstrap.min.js Show response
intelligent-money-offers.com/amazonspecial/js/ 50 KB
14 KB 21ms
21ms Script
application/javascript 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/js/bootstrap.min.js
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-c75f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: evlampi-***ko
PX-IPTimestamp: 1706626332 1706689969 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: f37135b15d30c88001a6ec29f587f42f

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
589 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&display=swap

Requested by

Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39d07e1a05346d776deef0782872351d41ae604622f1f946d71a653683c5c722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jan 2024 08:34:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 08:34:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jan 2024 08:34:38 GMT

GET
H/1.1 200
OK amazon-1-1.jpg
intelligent-money-offers.com/amazonspecial/img/ 101 KB
101 KB 20ms
20ms Image
image/jpeg 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/amazonspecial/img/amazon-1-1.jpg
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"637dce63-195bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: stavri-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: a2711215c8ba4c4ccae6462acc13f191

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 32ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://intelligent-money-offers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:50:58 GMT
x-content-type-options: nosniff
age: 49420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:50:58 GMT

GET
H2 200 uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 9 KB
9 KB 43ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://intelligent-money-offers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 12:15:38 GMT
x-content-type-options: nosniff
age: 159540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 12:15:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 40ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://intelligent-money-offers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:49:13 GMT
x-content-type-options: nosniff
age: 49525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:49:13 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://intelligent-money-offers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:52:14 GMT
x-content-type-options: nosniff
age: 49344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:52:14 GMT

GET
H/1.1 200
OK entypo-fontello.woff2
intelligent-money-offers.com/amazonspecial/fonts/ 38 KB
38 KB 24ms
24ms Font
font/woff2 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Origin: https://intelligent-money-offers.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Last-Modified: Wed, 23 Nov 2022 07:40:19 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: "637dce63-9754"
Content-Type: font/woff2
X-Upstream: stavri-***ko
PX-IPTimestamp: 1706626332 1706689932 1706687232
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: e9c202ffb09542d9eefe2a685c179c51
Accept-Ranges: bytes
Content-Length: 38740

GET
H/1.1 200
OK sdk.js Show response
intelligent-money-offers.com/intgrtn/api/v1/integration/ 489 KB
50 KB 22ms
21ms Script
application/javascript 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1706626332 1706689932 1706687232
Connection: keep-alive
Last-Modified: Tue, 30 Jan 2024 17:04:10 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65b92c0a-7a2f9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Server: egestas
PX-IPCountryISO: DE
PX-X-Request-Id: 5dc3d6b2174d354bd0415d58726ebd2f
Expires: Thu, 30 Jan 2025 01:25:16 GMT

GET
H/1.1 200
OK details.php Show response
intelligent-money-offers.com/intgrtn/api/v1/projects/ 45 KB
7 KB 222ms
222ms XHR
application/json 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/projects/details.php?&clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&custom2=cmt0c71idncc73cl0o50
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 03026544807d27a30aa82ff688d222eb8c54faf065233d21b5a3ed1afddc0f08

Request headers

Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intgrtn-Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Content-Type: application/json

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1706626332 1706689932 1706687232
Vary: Accept-Encoding
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: fafc068070d0a4f853a7b43c5f798e04
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK agreements.php Show response
intelligent-money-offers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 128ms
128ms XHR
application/json 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 34c00acbb86bb3d31995d2c3bc5eed16dac69e060617ce22732344db00055021

Request headers

Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intgrtn-Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Content-Type: application/json

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1706626332 1706689932 1706687232
Vary: Accept-Encoding
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 6868f17387ba8c206591c37dd6b837e2
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK sdk.css
intelligent-money-offers.com/intgrtn/api/v1/integration/ 82 KB
9 KB 20ms
19ms Stylesheet
text/css 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1706626332 1706689932 1706687232
Connection: keep-alive
Last-Modified: Mon, 15 Jan 2024 14:51:47 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65a54683-14923"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Server: egestas
PX-IPCountryISO: DE
PX-X-Request-Id: 4793c0472c55ab75e455793ad31a0edd
Expires: Tue, 14 Jan 2025 15:54:51 GMT

GET
H/1.1 200
OK eye-1a.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 1 KB
2 KB 19ms
18ms Image
image/png 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1706626332 1706689932 1706687232
Connection: keep-alive
Last-Modified: Mon, 15 Jan 2024 14:49:32 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65a545fc-42f"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: egestas
PX-IPCountryISO: DE
PX-X-Request-Id: 80eabaceb05cf0da656a82a21a16f7fc
Expires: Tue, 14 Jan 2025 15:54:51 GMT

GET
H/1.1 200
OK flags32.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 44 KB
45 KB 18ms
18ms Image
image/png 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: 681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1706626332 1706689932 1706687232
Connection: keep-alive
Last-Modified: Mon, 15 Jan 2024 14:49:32 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65a545fc-afed"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: egestas
PX-IPCountryISO: DE
PX-X-Request-Id: bdef2797bab07fcce80b18067d7d65a7
Expires: Tue, 14 Jan 2025 15:54:51 GMT

GET
H/1.1 200
OK agreements.php Show response
intelligent-money-offers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 93ms
92ms XHR
application/json 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&locale=en-US
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: d0f2b6eb0a54abf2a4f81e8372a4d2e3a9ff64228b6d804686d7c01c12701db6

Request headers

Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intgrtn-Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Content-Type: application/json

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1706626332 1706689932 1706687232
Vary: Accept-Encoding
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 71ca3078a9369c86aa9abe574a8a131e
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

POST
H/1.1 200
OK add.php Show response
intelligent-money-offers.com/intgrtn/api/v1/events/ 172 B
758 B 116ms
115ms XHR
application/json 38.180.18.154
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://intelligent-money-offers.com/intgrtn/api/v1/events/add.php
Requested by: Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202403193
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software: nginx /
Resource Hash: ad1091888bc6d4e6fdfe2622a88f3aed9fbfd65ba0980757fc8431d0f71b2084

Request headers

Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intgrtn-Referer: https://intelligent-money-offers.com/amazonspecial/de/index.php?intgrtn_clickID=A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG&intgrtn_custom2=cmt0c71idncc73cl0o50&country=DE&intgrtn_redirectReturningLead=auto
Content-Type: application/json

Response headers

Date: Wed, 31 Jan 2024 08:34:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://intelligent-money-offers.com
PX-IPTimestamp: 1706626332 1706689932 1706687232
Vary: Accept-Encoding
X-Server: egestas
PX-IPCountryISO: DE
Connection: keep-alive
PX-X-Request-Id: 15d8a6cd5dd7537aedfb64d340fdcc9a
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
548981.top/b7395ed6ea53a96cd28d/39c2664af1	1970-01-20 18:06:16	Name: shown1 Value: 0
548981.top/b7395ed6ea53a96cd28d/39c2664af1	1970-01-20 18:06:03	Name: total_impressions Value: 1
intelligent-money-offers.com/amazonspecial/	1970-01-21 02:50:26	Name: intgrtn_clickID Value: A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG
intelligent-money-offers.com/amazonspecial/	1970-01-21 02:50:26	Name: intgrtn_custom2 Value: cmt0c71idncc73cl0o50
intelligent-money-offers.com/amazonspecial/	1970-01-21 02:50:26	Name: intgrtn_redirectReturningLead Value: auto
intelligent-money-offers.com/amazonspecial/	1970-01-21 02:50:26	Name: intgrtn_locale Value: en-US
548981.top/	1970-01-20 18:06:03	Name: used_ad2911498 Value: 1
548981.top/	1970-01-20 18:06:16	Name: used_c_70714 Value: 1
get.contenfordphone.com/	1970-01-21 02:50:26	Name: afclick Value: 65ba061c21e6120001683898
ptaumtee.com/	1970-01-21 02:50:26	Name: OAID Value: c11400e87a1f4cdb8308685cb81b6f92
ptaumtee.com/	1970-01-21 02:50:26	Name: oaidts Value: 1706690076
ptaumtee.com/	1970-01-21 02:50:26	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 02:50:26	Name: ID Value: c11400e87a1f4cdb8308685cb81b6f92
grunoaph.net/	1970-01-21 02:50:26	Name: OAID Value: 8d3a08454bda4d959127694213990ba7
grunoaph.net/	1970-01-21 02:50:26	Name: oaidts Value: 1706690076
ak.deephicy.net/	1970-01-21 02:50:26	Name: oaidts Value: 1706690076
ak.deephicy.net/	1970-01-21 02:50:26	Name: OAID Value: c11400e87a1f4cdb8308685cb81b6f92
ak.deephicy.net/	1970-01-20 18:14:54	Name: syncedCookie Value: true
deftrk.live/	1970-01-21 02:50:26	Name: uclick Value: mL2OwV0OMd4117GnPGCYtF2kcu5IrjxLmlPu/iJvW6sVWMY1UtWmkAJDvQHmHpJG2DIgdQ==
deftrk.live/	1970-01-21 02:50:26	Name: bcid Value: cmt0c71idncc73cl0o50
deftrk.live/	1970-01-21 02:50:26	Name: cid Value: cmt0c71idncc73cl0o50
vipntrcking.com/	1970-01-20 18:14:54	Name: clickID Value: A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG
vipntrcking.com/	1970-01-20 18:14:54	Name: leadID Value: A1gWYeKrzdZb0jxPLDRJ8EGnxngDwam95yv4q3VkoMl6Q2OnG

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

548981.top
ak.deephicy.net
datatechone.com
deftrk.live
fonts.googleapis.com
fonts.gstatic.com
get.contenfordphone.com
grunoaph.net
i-i-i.world
intelligent-money-offers.com
my.rtmark.net
ptaumtee.com
vipntrcking.com
139.45.195.253
139.45.195.8
139.45.196.64
139.45.197.238
185.66.201.43
185.66.201.8
193.34.166.43
2.16.202.16
2a00:1450:4001:813::2003
2a00:1450:4001:830::200a
34.90.81.51
38.180.18.154
5.61.54.143
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
029bb5d248019deb70476021d41809a4922c550bd730d66cfa1c3f6840bbee75
03026544807d27a30aa82ff688d222eb8c54faf065233d21b5a3ed1afddc0f08
03b42c369450f4dbaff7256e7bed1b9056a6a279f667492e00a8675beaf99da7
08b87e395be8657aae7546e37f3e1f374f9f937d8337a6029c44f353ed5c73aa
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2c896f0ee5d579e59d56254d0b0fad3dcd0a4e85c67e6c97c1830ec7222f9cdd
34c00acbb86bb3d31995d2c3bc5eed16dac69e060617ce22732344db00055021
34eac3c742d773c06bba433b0f28e7f37e5b18bce3a3c5f2882a040f7922c698
35fd5a6b778f63f85af3ea2942eaa74fdf8e014b3d7a159c58d31c9163dce67c
39d07e1a05346d776deef0782872351d41ae604622f1f946d71a653683c5c722
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5c455bd6ebceda276c47696f41c77f926cf6a0d5bf64dc1d38c77860bf0fd1d6
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
a0b5040188b87d5fbf5bea8f2917a8974044d1c3bf4b54addf32b6108f27b4df
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
ad1091888bc6d4e6fdfe2622a88f3aed9fbfd65ba0980757fc8431d0f71b2084
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
cd9a11ca1953fa8496e162a862524599ddbe0272bffcc08131570bba7c816d3c
d0f2b6eb0a54abf2a4f81e8372a4d2e3a9ff64228b6d804686d7c01c12701db6
d2909edf30b16f7de68ac1337efa233d86638574e6cfa9f6cdc864209c04bdd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

intelligent-money-offers.com Open in urlscan Pro 38.180.18.154 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

15 %IPv6

13 Domains

13 Subdomains

10 IPs

5 Countries

649 kBTransfer

2162 kBSize

23 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

intelligent-money-offers.com Open in urlscan Pro
38.180.18.154 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

15 %
IPv6

13
Domains

13
Subdomains

10
IPs

5
Countries

649 kB
Transfer

2162 kB
Size

23
Cookies

53 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!