urlscan.io logo urlscan.io
SecurityTrails logo

intelligent-money-offers.com Open in urlscan Pro
38.180.18.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ttincoming.traveltraffic.cc/?traffic
Effective URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&int...
Submission: On March 04 via manual from DK — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 13 domains to perform 89 HTTP transactions. The main IP is 38.180.18.154, located in Brussels, Belgium and belongs to M247, RO. The main domain is intelligent-money-offers.com.
TLS certificate: Issued by R3 on January 23rd 2024. Valid for: 3 months.
This is the only time intelligent-money-offers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 7 2a02:6b8::1:119 208398 (TELETECH)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 95.101.54.107 20940 (AKAMAI-ASN1)
4 139.45.195.8 9002 (RETN-AS)
16 172.67.163.48 13335 (CLOUDFLAR...)
11 139.45.197.251 9002 (RETN-AS)
1 1 5.61.54.143 58061 (SCALAXY-AS)
1 1 193.34.166.43 62370 (SNEL)
1 30 38.180.18.154 9009 (M247)
10 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
89 11
1    2606:4700:3034::ac43:dc8c (United States)

ASN13335 (CLOUDFLARENET, US)
ttincoming.traveltraffic.cc
7    2a02:6b8::1:119 (Russian Federation)

ASN208398 (TELETECH, RS)
mc.yandex.ru
mc.yandex.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.yametric.com
1    95.101.54.107 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-107.deploy.static.akamaitechnologies.com
ak.peethach.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
16    172.67.163.48 (United States)

ASN13335 (CLOUDFLARENET, US)
gluxouvauure.com
11    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
1    5.61.54.143 (Dronten, Netherlands)

ASN58061 (SCALAXY-AS, LV)
secureltrk.com
1    193.34.166.43 (Netherlands)

ASN62370 (SNEL, NL)
PTR: donec.domain.com
vipntrcking.com
30    38.180.18.154 (Brussels, Belgium)

ASN9009 (M247, RO)
intelligent-money-offers.com
10    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
30 intelligent-money-offers.com
intelligent-money-offers.com
551 KB
16 gluxouvauure.com
gluxouvauure.com
69 KB
11 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 30771 Failed
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
9 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8664
3 KB
4 gstatic.com
fonts.gstatic.com
58 KB
4 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11818
2 KB
2 yametric.com
www.yametric.com — Cisco Umbrella Rank: 224597
23 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4006
72 KB
1 vipntrcking.com
vipntrcking.com
806 B
1 secureltrk.com
secureltrk.com — Cisco Umbrella Rank: 247272
345 B
1 peethach.com
ak.peethach.com — Cisco Umbrella Rank: 350240
2 KB
1 traveltraffic.cc
ttincoming.traveltraffic.cc
1 KB
89 13
Domain Requested by
30 intelligent-money-offers.com 1 redirects gluxouvauure.com
intelligent-money-offers.com
16 gluxouvauure.com ak.peethach.com
gluxouvauure.com
11 jouteetu.net gluxouvauure.com
10 fonts.googleapis.com intelligent-money-offers.com
5 mc.yandex.com 2 redirects ttincoming.traveltraffic.cc
4 fonts.gstatic.com fonts.googleapis.com
4 my.rtmark.net ak.peethach.com
gluxouvauure.com
2 www.yametric.com ttincoming.traveltraffic.cc
www.yametric.com
2 mc.yandex.ru 1 redirects ttincoming.traveltraffic.cc
1 vipntrcking.com 1 redirects
1 secureltrk.com 1 redirects
1 ak.peethach.com
1 ttincoming.traveltraffic.cc
89 13

This site contains no links.

Subject Issuer Validity Valid
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
ak.hetaruwg.com
R3		 2024-02-22 -
2024-05-22		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
gluxouvauure.com
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
jouteetu.net
R3		 2024-02-24 -
2024-05-24		 3 months crt.sh
intelligent-money-offers.com
R3		 2024-01-23 -
2024-04-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Frame ID: 8DEC5E7C6BE00CBD834966AEB2AB3C4E
Requests: 91 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Amazon Special

Page URL History Show full URLs

  1. http://ttincoming.traveltraffic.cc/?traffic Page URL
  2. https://ak.peethach.com/4/7074037 Page URL
  3. https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z... Page URL
  4. https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z... Page URL
  5. https://secureltrk.com/click?key=7b1326673ca5c6fb79a7&visitor_id=788453139631317246&cost=0.001105&z... HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnipfd1idncc... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9... HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYO... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

87 %
HTTPS

42 %
IPv6

13
Domains

13
Subdomains

11
IPs

6
Countries

787 kB
Transfer

2536 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ttincoming.traveltraffic.cc/?traffic Page URL
  2. https://ak.peethach.com/4/7074037 Page URL
  3. https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto= Page URL
  4. https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2 Page URL
  5. https://secureltrk.com/click?key=7b1326673ca5c6fb79a7&visitor_id=788453139631317246&cost=0.001105&zoneid=4662728&campaignid=7874057&banner=20181885&zone_type={zone_type}&user_activity=high&subzone_id=0&oaid=80b5a625b709ec2dfabea594bc2ab8e0 HTTP 307
    https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnipfd1idncc73efuv80 HTTP 302
    https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto HTTP 302
    https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10298.j34Feh5rxi9ioCmO1PtkT4FDaTlj6YpGsQ_2wmlhi2n-YCT8xsbRxnMqUE6TW4I8.IQTMT47ToxRuW7wYfUdbiVlDuVU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10298.FEVvV-lDpJc6ark62efif4SbKLoxXuA2dZ9-pHXDHB0sxfn1lGuhOu6fX7pBQjE4-DBuCjsHEQcdburg0lKupC2kdav0TaNgxIJeIQNpkoHSEn0rj8j0mI0NQhlfmtTAyNaO1Zyzn0b9mLzLK9PTvCD4bgCCplv5b_4g58Whi8Bi8qxi7vaBUnRk-gp-e4hZhqqzsHnRWkV8-d-mXsD-ElaUobiWMWSkwSg4N0D0cUg%2C.aV4sDJBjtKKwlZ6Dz84tOOifzHo%2C
Request Chain 6
  • https://mc.yandex.com/watch/96441578?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1161232599189%3Ahid%3A217996800%3Az%3A60%3Ai%3A20240304104315%3Aet%3A1709545395%3Ac%3A1%3Arn%3A509162100%3Arqn%3A1%3Au%3A1709545395410017635%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C36%2C65%2C1%2C%2C0%2C%2C19%2C0%2C%2C%2C%2C138%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1709545394732%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709545395%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96441578/1?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1161232599189%3Ahid%3A217996800%3Az%3A60%3Ai%3A20240304104315%3Aet%3A1709545395%3Ac%3A1%3Arn%3A509162100%3Arqn%3A1%3Au%3A1709545395410017635%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C36%2C65%2C1%2C%2C0%2C%2C19%2C0%2C%2C%2C%2C138%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1709545394732%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709545395%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

89 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ttincoming.traveltraffic.cc/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ttincoming.traveltraffic.cc/?traffic
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:dc8c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2108e4e81f3ff4fba039cc49b20acf38af977362e8c6af76ade7aeaca10bc134

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
85f0ebbd79946eea-CDG
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Mar 2024 09:43:14 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cYFmht1EzKE4MKVqBMMHGJJXLJItGU1z%2FDHT7Wa6H1G%2BzKTM8XeaXD002kTxhzcIJQhBprCJA2FBaIXQHRkp97pmiieitWN5ca74%2F%2Fk0oGZR4bdYypSxSAHNLyDryvlETv3a3TPlEthfJRfvE3s7sK387vMnrrjCfc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
refresh
0;url=https://ak.peethach.com/4/7074037
tag.js
mc.yandex.ru/metrika/ 		204 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ttincoming.traveltraffic.cc
URL: http://ttincoming.traveltraffic.cc/?traffic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
da-DK,da;q=0.9
Referer
http://ttincoming.traveltraffic.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 01 Mar 2024 11:37:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65e1be04-1192e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71982
expires
Mon, 04 Mar 2024 10:43:15 GMT
matomo.js
www.yametric.com/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.yametric.com/matomo.js
Requested by
Host: ttincoming.traveltraffic.cc
URL: http://ttincoming.traveltraffic.cc/?traffic
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

accept-language
da-DK,da;q=0.9
Referer
http://ttincoming.traveltraffic.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:14 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Last-Modified
Tue, 06 Feb 2024 08:52:47 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"65c1f35f-1042f"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PLcGv%2FdkkIVA%2BHhQlbYoRA%2Fce%2BSm%2BbOFSyeUML0ZvqamHMbiPWVhrGKFZJzF5Ydr3jHAOVleyctuS0%2FiCr%2FBab%2BqczQlKdjx53neJVq%2BczK8PdzMYB4E48sgdDJBH7tdJnZz5PS58VUUSK3ISYM"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive
CF-RAY
85f0ebbe4e8a6631-AMS
alt-svc
h3=":443"; ma=86400
matomo.php
www.yametric.com/ 		0
684 B 		Ping
General
Check archive.org
Download Go to
Full URL
http://www.yametric.com/matomo.php?action_name=&idsite=7&rec=1&r=324281&h=10&m=43&s=14&url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&_id=e9da76a7c5ecbff6&_idn=1&send_image=0&_refts=0&pv_id=9iFjVy&pf_net=53&pf_srv=65&pf_tfr=1&pf_dm1=18&uadata=%7B%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: www.yametric.com
URL: http://www.yametric.com/matomo.js
Protocol
HTTP/1.1
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ttincoming.traveltraffic.cc/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Date
Mon, 04 Mar 2024 09:43:15 GMT
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDqL3N%2FOyBcPOx3jVF11vCd0vRd1YgqPD5cmpdUfeDNzPFq4H80o7lkIv30R9%2Fp8%2BjURUdgfCwHtnRNhYQBHoEXq%2BultibOpSCCsB2W1jSGKK5qCSfheydValL2CT%2FFOGab%2BtTlyLTsV8V9yIJAD"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
http://ttincoming.traveltraffic.cc
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-RAY
85f0ebbebf186631-AMS
alt-svc
h3=":443"; ma=86400
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10298.j34Feh5rxi9ioCmO1PtkT4FDaTlj6YpGsQ_2wmlhi2n-YCT8xsbRxnMqUE6TW4I8.IQTMT47ToxRuW7wYfUdbiVlDuVU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10298.FEVvV-lDpJc6ark62efif4SbKLoxXuA2dZ9-pHXDHB0sxfn1lGuhOu6fX7pBQjE4-DBuCjsHEQcdburg0lKupC2kdav0TaNgxIJeIQNpkoHSEn0rj8j0mI0NQhlfmtTAyNaO1Zyzn0...
43 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10298.FEVvV-lDpJc6ark62efif4SbKLoxXuA2dZ9-pHXDHB0sxfn1lGuhOu6fX7pBQjE4-DBuCjsHEQcdburg0lKupC2kdav0TaNgxIJeIQNpkoHSEn0rj8j0mI0NQhlfmtTAyNaO1Zyzn0b9mLzLK9PTvCD4bgCCplv5b_4g58Whi8Bi8qxi7vaBUnRk-gp-e4hZhqqzsHnRWkV8-d-mXsD-ElaUobiWMWSkwSg4N0D0cUg%2C.aV4sDJBjtKKwlZ6Dz84tOOifzHo%2C
Requested by
Host: ttincoming.traveltraffic.cc
URL: http://ttincoming.traveltraffic.cc/?traffic
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
http://ttincoming.traveltraffic.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10298.FEVvV-lDpJc6ark62efif4SbKLoxXuA2dZ9-pHXDHB0sxfn1lGuhOu6fX7pBQjE4-DBuCjsHEQcdburg0lKupC2kdav0TaNgxIJeIQNpkoHSEn0rj8j0mI0NQhlfmtTAyNaO1Zyzn0b9mLzLK9PTvCD4bgCCplv5b_4g58Whi8Bi8qxi7vaBUnRk-gp-e4hZhqqzsHnRWkV8-d-mXsD-ElaUobiWMWSkwSg4N0D0cUg%2C.aV4sDJBjtKKwlZ6Dz84tOOifzHo%2C
date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ttincoming.traveltraffic.cc
URL: http://ttincoming.traveltraffic.cc/?traffic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
da-DK,da;q=0.9
Referer
http://ttincoming.traveltraffic.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 01 Mar 2024 11:37:40 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"65e1be04-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 04 Mar 2024 10:43:15 GMT
1
mc.yandex.com/watch/96441578/
Redirect Chain
  • https://mc.yandex.com/watch/96441578?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3A...
  • https://mc.yandex.com/watch/96441578/1?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%...
447 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96441578/1?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1161232599189%3Ahid%3A217996800%3Az%3A60%3Ai%3A20240304104315%3Aet%3A1709545395%3Ac%3A1%3Arn%3A509162100%3Arqn%3A1%3Au%3A1709545395410017635%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C36%2C65%2C1%2C%2C0%2C%2C19%2C0%2C%2C%2C%2C138%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1709545394732%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709545395%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN208398 (TELETECH, RS),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
da-DK,da;q=0.9
Referer
http://ttincoming.traveltraffic.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 04-Mar-2024 09:43:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ttincoming.traveltraffic.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Mon, 04-Mar-2024 09:43:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 04-Mar-2024 09:43:15 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96441578/1?wmode=7&page-url=http%3A%2F%2Fttincoming.traveltraffic.cc%2F%3Ftraffic&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A1161232599189%3Ahid%3A217996800%3Az%3A60%3Ai%3A20240304104315%3Aet%3A1709545395%3Ac%3A1%3Arn%3A509162100%3Arqn%3A1%3Au%3A1709545395410017635%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A16%2C36%2C65%2C1%2C%2C0%2C%2C19%2C0%2C%2C%2C%2C138%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1709545394732%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1709545395%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
http://ttincoming.traveltraffic.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 04-Mar-2024 09:43:15 GMT
7074037
ak.peethach.com/4/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ak.peethach.com/4/7074037
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-107.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
http://ttincoming.traveltraffic.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods
GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
* *
access-control-max-age
86400
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
728
content-type
text/html; charset=utf8
date
Mon, 04 Mar 2024 09:43:15 GMT
expires
Mon, 04 Mar 2024 09:43:15 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://gluxouvauure.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma
no-cache
timing-allow-origin
*
vary
Accept-Encoding
x-trace-id
1b5500d69a6c7d8d3ed6af6107bb2752
img.gif
my.rtmark.net/ 		43 B
508 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008015d31965464ef944b270eb9bf8c3
Requested by
Host: ak.peethach.com
URL: https://ak.peethach.com/4/7074037
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
https://ak.peethach.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Requested by
Host: ak.peethach.com
URL: https://ak.peethach.com/4/7074037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
abd0ca3743e585d7a8cf2e3938cf217ed7d631347741ae3b3dd8bb364eb68170

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f0ebc3790a6f2e-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 09:43:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnSp%2B0AuUR0EgeP5fnp8SmXG0l7Mn7c%2Bsy8p%2BpiGgu5gj7QIS5%2B8RlW%2FTqGqKhoNdLE%2Fp149r%2FhyClbwUItIscFK353g%2F3BbJoMgbnl4mnm9Xc%2F6c1SnIeUxr1AI8YkpomPN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=80b5a625b709ec2dfabea594bc2ab8e0
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2f7f73991358cbb7263d891de6ea68a3e0de7d680933e19fd074fd77c933f756
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 09:43:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIkq1wLf%2BiZ8RfsbT4XIzVrU5LSCLu29%2F4RT2r6UEWnlcIYW7mqmxU41Iq9NPRJL%2FPzRZJdJWz83qYteLPo7n8HPhM8iNCXT1LIEcblfXGCrGOiHY2Cy1yoBWBG7lrBBmvQw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f0ebc41a176f2e-CDG
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/ 		2 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAsTbwGb0MJ%2Fya1atqJMUTJ13DHTWAxN4YsOynlQmVBOZnuy8dj3TRwAdqMSQpNLYZKNVlMtaoIAfdzjoVhoFD%2Fsl7DpdkLXsulLDZuW7yB%2Bwus2ZtXPvbYaI3mXyiKEl2WE"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f0ebc41a1d6f2e-CDG
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=7074037&var3=788453135613174543&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1939901be3b1568609eb6d83e7b37fc9bbdf5785252dde9ea7aaf8d92dd91f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
53d4b2ccbf3dccaefaaf5b94658c5e97
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVpQLEwBlAexw83jHLmizzqPf4iVu8KAJsh0Zm0DEZ0gBVodCqtEz1nzMhhqbkgSqbrELK5%2BxK4VF%2F6ACLxV1kuL%2FAOkXrqZ8RwFTHaccay%2BbzIcoMbzbxCkJGS1Zs8O2%2B3h"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f0ebc42a2a6f2e-CDG
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1001 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=7074037&ymid=788453135613174543&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2B%2FhRKjA5hEWVn2DLlBSmqmyZxwiBZpkSh2ev1LDz97oS3rsvoNeawykCDRR3NZ5yUyhrv6MAysX5LSvwXzbeTXjWuPF3Ejy0uxm1%2ByVpKVmLg1LXDAXxEE6KCAe5TyhnahQ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f0ebc4ae7c6702-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=7074037&ymid=788453135613174543&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=adff528a-7e3c-4df8-b7ee-f2dc7211eae6&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
0a619c27bc290aff940b08c0ec3fdc6d
date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS5dOPlcu07qoZFe8exw0QZiLmqsROZj%2Bo7fGHfCLysF5OIy6zL7Lz%2BzunLbzC8i31YGarRlUoyXH6Sh5TX%2F%2Fnr39zO%2FbsRqZBYmJy%2FPN7tcibXAeJ0HTK5X221P1RTSfnXd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f0ebc4ae826702-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788453135613174543&var=7074037
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2f7f73991358cbb7263d891de6ea68a3e0de7d680933e19fd074fd77c933f756
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
custom
jouteetu.net/ 		0
0
zone
gluxouvauure.com/ 		798 B
979 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=7074037&ymid=788453135613174543&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=adff528a-7e3c-4df8-b7ee-f2dc7211eae6&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:15 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
62a22e419f7271a7362d1530d35ed70a
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7MYl9mVnLtsD5Pi1Igm%2Fqh%2F4tIIiyCj2E0PXFBS4jiVi73BIkhUAH11gXiggnuJSFMzWRh9HlZ1NAxPtgy0CQqqgLhwENcUL9%2FVk6Mb04iJoGuJSqv5Qp6jzTD9UiZEcM5M"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f0ebc4be9f6702-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0
/
gluxouvauure.com/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
bc0b78dc30f1132392ea5242c21b637394cf522d42f3f56eb2cf65388f9caf8b

Request headers

Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85f0ebc4eeef6702-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 09:43:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDhqyWNckHHNecnqtd3wO2swFMgv8BhydfjftQ%2BJiwcOGvUwpEIHj8xX8zlnQo%2FP2PzQDmNgjSmfxC841W7fCtuBWyk8RULHRTkQo5zRsVzmiw07mvHrEXijC6sXEDQeD77B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.27
custom
jouteetu.net/ 		0
0
micro.tag.min.js
gluxouvauure.com/pfe/current/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 09:43:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 01 Mar 2024 14:04:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e1e065-8a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY8p46CYAmyUvTMpAqzjVrVq34wZ%2BPEBK%2BXOntUr9uzE%2BNd9fttmRjTAHVTvd5w1PGqOqs9H6OFOlnj9gRYkcSYW5I1bO46AmRDSk1cJLpBmqJPvWnPbER%2FhFw74edXb2N0f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
85f0ebc58fe36702-AMS
alt-svc
h3=":443"; ma=86400
truncated
/ 		327 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language
da-DK,da;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
gluxouvauure.com/19/4662728/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/19/4662728/?abt_opts=1&var=7074037&var3=788453135613174543&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ec6775e6e6c66843dcf336b5924211ea2e3caabc991877cd1fa13c938454b2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
49451b2c5d007a52954bfd93d5d9f7b0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAhX3%2FTmHmbRXCSsW6lDtzDqC5X9oPagUgtCEudscGW8u9w%2FYllHujeC000jpYpxWCqxHqv3kGdvuD1JDoHenQ4UzjEhimY7mpcppJZZSIrfM34F6sGaBmaYLmRcriomo34V"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f0ebc58fe76702-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
gluxouvauure.com/ 		2 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2&mprtr=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4eZXS8V5l%2FHCWz%2B5XblxPLH5ZStlVsv16MhXcOdr4cxzHhuwyQ6TZDaimG6qhRA5I0cjWGhuQZkodwiAwbWiR9jfEuI2A3pCCLdH%2BRGY8aNAJalOEQG2t6AgPX6HoRjUu1%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
85f0ebc5b8336702-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
rhd
gluxouvauure.com/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/rhd?rb=32TAjhNz9o-dS45pB9-04oM5mTXokSLxIQGCopoYIrJbKXE2ENpcz2NZh1TAJmd9MkgyWNVGsYRn7yQavzY3Zwupcg834NB5OCePf8vytjBeN3BeF5MfkBhrcb-rQ0EogmikmEWPG4Z5XDXoIQ52H_xM_tjy8aWNG3LUcOrZ7eEsrtLLlZcJmS5caiMIYr99LkfIqq5CqMLpuXcrEGZTKCRQzSfuWg5kFAKVMk-LjCwZbzBR7vooxXf1BRkdPt0y_PMGESCnkY47lh_zzJRF3gKtggd-chaZry5XQpQAUZF6ZLO77wVJb9cFV7Lu2e6T-m8v3QoPYzg6p4dkT4Bk0xO2lO4Cc8ZTrDn8k9joQ9R1m-Yt8DFtuN2W7IVJH7tdQQRUdngj7kiQGiMAbyIjPqgPeSfgIKcKw-XFYwijBcXIVtvx6GRufuNCG9-WLZYWcRPOOQT3YRYFS6iMTY1EAV_5SRYmWryqskeIZ5pFaR1w890ITbjB40WsZC5V-IXzNXC5C8-XvRBI0f9oT-Ne-m9T8fNQp3rQyWEGfvg5bmE%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788453135613174543%26ssk%3Da22b0f8e7c1ef40756e120ee0e4a3a3c%26svar%3D1709545395%26z%3D7074037%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D%26rdc%3D2&drf=https%3A%2F%2Fgluxouvauure.com%2F%3Fs%3D788453135613174543%26ssk%3Da22b0f8e7c1ef40756e120ee0e4a3a3c%26svar%3D1709545395%26z%3D7074037%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb%26btz%3D%26bto%3D&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-unknown&var=7074037&var3=788453135613174543&ymid=&rhd=1&m=link
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340942fd966f1101c41d020e7c8dbab16501a3f7e5962fdd843a51c0ceaae6e3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
e0ec0d854a09360402efa74c7c60ef5b
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFhkYxYa%2FtFdeiOptbg47fwjbTXU0K9UHbXaJq7FJjDMxGThohbqMbdkd1x6zl0GA2XB74LLevuD5IOblxz8OPBbxvSNHB1sUj5etXEl6Oc%2BCfYJmsIeGY6CRr1AEVNURQZF"}],"group":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f0ebc5d8536702-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
4662709
gluxouvauure.com/sw-check-permissions/ 		0
1006 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/sw-check-permissions/4662709?var=7074037&ymid=788453135613174543&uhd=1&zoneId=4662709
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.27
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CH%2FpL2QSfAFc%2BBVpkeIrdEPE3R8EUZxWTUWEW6ZV3u%2BjCxJJyN%2BJ5gJuyFaKH8OLV4%2BjP1RL6JkQf1XQ1R%2BeUzTtJQJxd8CKii6%2BDDoOq4ue0lh0fvMaa0E4TSLjtgLYT90r"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
85f0ebc618aa6702-AMS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		0
486 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=7074037&ymid=788453135613174543&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=2e700e57-6649-4789-8f13-b63b647cf4ff&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-trace-id
c6684e95cf9dae1a6542bcec9eeb0022
date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAFNSEYnSFeeQFXL0trqansNvGQRG4GgTdV%2Bxmh04rAwcM1kxF1ord9WrfooM7a0oABw5U%2F0Cqxd2KfOZCJ02Ar7zsrjjY4N8RYYd%2BOGxjUND7owDCLG94lUXWZwZNL6OrpK"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
access-control-allow-credentials
true
cf-ray
85f0ebc618b06702-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=4662709&checkDuplicate=true&ymid=788453135613174543&var=7074037
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
2f7f73991358cbb7263d891de6ea68a3e0de7d680933e19fd074fd77c933f756
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gluxouvauure.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
gluxouvauure.com/ 		798 B
977 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=gluxouvauure.com&var=7074037&ymid=788453135613174543&var_3=&var_4=&dsig=&tg=1&sw=3.1.494&trace_id=2e700e57-6649-4789-8f13-b63b647cf4ff&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c2cbd977d84300563262d5793a07bd1d7b4dcbb3da467102142f14ec2a2001
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-trace-id
7c532990ff9e10338fe13d558d676207
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oukdsT8IJdi9csbfjGGE94RooHyZ7I%2BE8QXGS6lH1t2yfnVRdqinkodH5E%2BMSLFBb9oR2tqnx7mlXKloyQSmucJHpiHBp68BQVXC0auRoNI8XYHWyIMkEGaGM942JoLDpTPH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
85f0ebc628bf6702-AMS
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/pfe/current/micro.tag.min.js?z=4662709&ymid=788453135613174543&var=7074037&sw=/sw-check-permissions/4662709&uhd=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gluxouvauure.com/
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Primary Request index.php
intelligent-money-offers.com/amazonspecial/en/
Redirect Chain
  • https://secureltrk.com/click?key=7b1326673ca5c6fb79a7&visitor_id=788453139631317246&cost=0.001105&zoneid=4662728&campaignid=7874057&banner=20181885&zone_type={zone_type}&user_activity=high&subzone_...
  • https://vipntrcking.com/click.php?project_id=7740be9867&affiliate_id=79b2b9ace4&custom2=cnipfd1idncc73efuv80
  • https://intelligent-money-offers.com/amazonspecial/?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
  • https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectRet...
32 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
da-DK,da;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Mar 2024 09:43:17 GMT
PX-IPCountryISO
DK
PX-IPTimestamp
1709302818 1709545150 1709538396
PX-X-Request-Id
5c7b0733133ea713dcffb30b4bdb1798
Server
nginx
Transfer-Encoding
chunked
X-Server
egestas
X-Upstream
evlampi-***ko

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Mar 2024 09:43:17 GMT
Location
en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
PX-IPCountryISO
DK
PX-IPTimestamp
1709302818 1709545150 1709538396
PX-X-Request-Id
b6bd881b7258579ae895bc9a00e6fbc3
Server
nginx
Transfer-Encoding
chunked
X-Server
egestas
X-Upstream
evlampi-***ko
cat.php
gluxouvauure.com/ 		0
758 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gluxouvauure.com/cat.php?userId=80b5a625b709ec2dfabea594bc2ab8e0&zoneid=4662728&rb=32TAjhNz9o-dS45pB9-04oM5mTXokSLxIQGCopoYIrJbKXE2ENpcz2NZh1TAJmd9MkgyWNVGsYRn7yQavzY3Zwupcg834NB5OCePf8vytjBeN3BeF5MfkBhrcb-rQ0EogmikmEWPG4Z5XDXoIQ52H_xM_tjy8aWNG3LUcOrZ7eEsrtLLlZcJmS5caiMIYr99LkfIqq5CqMLpuXcrEGZTKCRQzSfuWg5kFAKVMk-LjCwZbzBR7vooxXf1BRkdPt0y_PMGESCnkY47lh_zzJRF3gKtggd-chaZry5XQpQAUZF6ZLO77wVJb9cFV7Lu2e6T-m8v3QoPYzg6p4dkT4Bk0xO2lO4Cc8ZTrDn8k9joQ9R1m-Yt8DFtuN2W7IVJH7tdQQRUdngj7kiQGiMAbyIjPqgPeSfgIKcKw-XFYwijBcXIVtvx6GRufuNCG9-WLZYWcRPOOQT3YRYFS6iMTY1EAV_5SRYmWryqskeIZ5pFaR1w890ITbjB40WsZC5V-IXzNXC5C8-XvRBI0f9oT-Ne-m9T8fNQp3rQyWEGfvg5bmE=&var=7074037&var3=788453135613174543&ymid=&rhd=1
Requested by
Host: gluxouvauure.com
URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Mar 2024 09:43:16 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
x-trace-id
703fda6fad1cdbca5037f6f6b93ce59c
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvvSdSBlX5G%2BjO1iVf90UsYumS2GRavDScBDjicAiEbYX55zUSoYvYhlA3dDhFTPtZ%2FCH%2BWedMohgbF%2BFxhmUcmlhscwkbqMJwR5k5N5olvokJXdSDbK8xFUGBFDxBIvIU%2F3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://gluxouvauure.com
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
85f0ebc98ea56702-AMS
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ 		7 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:37:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		2 KB
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:43:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		6 KB
743 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:41:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		3 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:37:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		10 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:14:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		8 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:13:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		9 KB
864 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:37:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
style.min5697.css
intelligent-money-offers.com/amazonspecial/css/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
0ffab24d1b2776c22d3f78d4b7bc2c31
style68b3.css
intelligent-money-offers.com/amazonspecial/css/ 		851 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/style68b3.css?ver=1
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-353"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
c0c264e5a54fa4acecefec756ce8a340
all.css
intelligent-money-offers.com/amazonspecial/css/ 		59 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-eac4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
e125c9c801e04d349ebc290169b6ab7a
avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
intelligent-money-offers.com/amazonspecial/css/ 		383 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-5faa0"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
975a46070637843a731296b006dacb1f
v4-shims.css
intelligent-money-offers.com/amazonspecial/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/v4-shims.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-684e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
08aac260158a6d832f5d37a7e272ff8e
css
fonts.googleapis.com/ 		66 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:43:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 07:54:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
slick.min.css
intelligent-money-offers.com/amazonspecial/css/ 		1 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/slick.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-559"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
3f253fb258b729187cfbf2e007a356f4
all.min.css
intelligent-money-offers.com/amazonspecial/css/ 		56 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/all.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-de7d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
27f0ef1acf2fe87587aaa486a001d342
custom.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/custom.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2ce1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
f17bccdb9d98449b3f4fd2ec95162585
funnel.css
intelligent-money-offers.com/amazonspecial/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-160d1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
ba56c0377d4d5a6b9b1543e36d9e9f17
funnel-additional.css
intelligent-money-offers.com/amazonspecial/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/funnel-additional.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-2d29"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
9c9e5a39bc8c2d6b71d1478e691fc8b3
bootstrap.min.css
intelligent-money-offers.com/amazonspecial/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/bootstrap.min.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-22688"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
1418321588cfd475c356990ee98cb15a
intgrtn.css
intelligent-money-offers.com/amazonspecial/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/css/intgrtn.css
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-d2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
86d2ba129aa19f0d17bea50879b70b03
5fb67d77b617d_v.png
intelligent-money-offers.com/amazonspecial/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-137e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
e1fb03ac396d32c63a22a8e732d9f2dd
5fb67d77d9256_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		25 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-6293"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
1be9d7f3bc78b2e98f306e2e5e8bf1b5
5fb67d78c1ea3_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		17 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-45f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
c259caf23f4beb115a1687d4f2d781dd
5fb67d78cd12b_v.jpg
intelligent-money-offers.com/amazonspecial/img/ 		63 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-fa5a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
6e8a9302d09c5514704ea26c18b88d70
jquery-1.11.3.min.js
intelligent-money-offers.com/amazonspecial/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-176d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
d1f8b43e4362840fc3677a0623889d3f
bootstrap.min.js
intelligent-money-offers.com/amazonspecial/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/js/bootstrap.min.js
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-c75f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Upstream
evlampi-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
f39ba7addd781ef92225085e086a1b2f
css2
fonts.googleapis.com/ 		5 KB
589 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&amp;display=swap
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 09:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 09:43:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 09:43:17 GMT
amazon-1-1.jpg
intelligent-money-offers.com/amazonspecial/img/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/amazonspecial/img/amazon-1-1.jpg
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"637dce63-195bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/jpeg
X-Upstream
stavri-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
0ab28264ffc17de475c27940a125d294
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:02:32 GMT
x-content-type-options
nosniff
age
448846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 05:02:32 GMT
uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:51:12 GMT
x-content-type-options
nosniff
age
521526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:28:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:51:12 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:56 GMT
x-content-type-options
nosniff
age
521662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:48:56 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://intelligent-money-offers.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 04:21:49 GMT
x-content-type-options
nosniff
age
278489
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Mar 2025 04:21:49 GMT
entypo-fontello.woff2
intelligent-money-offers.com/amazonspecial/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Origin
https://intelligent-money-offers.com
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Last-Modified
Wed, 23 Nov 2022 07:40:19 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
"637dce63-9754"
Content-Type
font/woff2
X-Upstream
stavri-***ko
PX-IPTimestamp
1709302818 1709545150 1709538396
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
efa3e00cde7ea8955ae97c886ca983b0
Accept-Ranges
bytes
Content-Length
38740
sdk.js
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		489 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709302818 1709545150 1709538396
Connection
keep-alive
Last-Modified
Fri, 01 Mar 2024 13:04:00 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65e1d240-7a2f9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
DK
PX-X-Request-Id
154ae94b1bcbc0fbc455dc9dafe398af
Expires
Tue, 04 Mar 2025 01:39:50 GMT
details.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		45 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/details.php?&clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&custom2=cnipfd1idncc73efuv80
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
1ccab9724b4431c7ae3ef72533b59bd2b0247fae9e9ce64e94d113795ea08f07

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709302818 1709545150 1709538396
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
1481ed2e90c4a0560b6971ff665be19f
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
c5018bbfb7054085749bad406434e9295e26f8e59c08b8c5d53cb8b7206853ce

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709302818 1709545150 1709538396
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
0455bbdad10f4122d2c578f9225f562c
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
sdk.css
intelligent-money-offers.com/intgrtn/api/v1/integration/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709302818 1709545150 1709538396
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:51:47 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a54683-14923"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
DK
PX-X-Request-Id
ba38314a4f71731cf3708f9372e10308
Expires
Tue, 14 Jan 2025 15:54:51 GMT
eye-1a.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709302818 1709545150 1709538396
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:49:32 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a545fc-42f"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
DK
PX-X-Request-Id
d5eec539ae92c676d42cbe9c8dbb4181
Expires
Tue, 14 Jan 2025 15:54:51 GMT
flags32.png
intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

accept-language
da-DK,da;q=0.9
Referer
https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
PX-IPTimestamp
1709302818 1709545150 1709538396
Connection
keep-alive
Last-Modified
Mon, 15 Jan 2024 14:49:32 GMT
Server
nginx
PX-Cache-Status
HIT
ETag
W/"65a545fc-afed"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
X-Server
egestas
PX-IPCountryISO
DK
PX-X-Request-Id
73acbe79b1b137709871bc2466fda98b
Expires
Tue, 14 Jan 2025 15:54:51 GMT
agreements.php
intelligent-money-offers.com/intgrtn/api/v1/projects/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&locale=en-US
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
fcd502d46513e9ae1b9a0a6e5ec90e83e17112c433e11009925e43a695a0ec6b

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
PX-IPTimestamp
1709302818 1709545150 1709538396
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
8a8bf379998229b44a31c22cda456f48
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
add.php
intelligent-money-offers.com/intgrtn/api/v1/events/ 		172 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://intelligent-money-offers.com/intgrtn/api/v1/events/add.php
Requested by
Host: intelligent-money-offers.com
URL: https://intelligent-money-offers.com/intgrtn/api/v1/integration/sdk.js?v=1202424104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.180.18.154 Brussels, Belgium, ASN9009 (M247, RO),
Reverse DNS
Software
nginx /
Resource Hash
b2b6d3e81b4b17e369bb06b9a65e5df6d736b21c002681b6e7f3db778a6ceba8

Request headers

Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
accept-language
da-DK,da;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Intgrtn-Referer
https://intelligent-money-offers.com/amazonspecial/en/index.php?intgrtn_clickID=VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP&intgrtn_custom2=cnipfd1idncc73efuv80&country=DK&intgrtn_redirectReturningLead=auto
Content-Type
application/json

Response headers

Date
Mon, 04 Mar 2024 09:43:18 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://intelligent-money-offers.com
PX-IPTimestamp
1709302818 1709545150 1709538396
Vary
Accept-Encoding
X-Server
egestas
PX-IPCountryISO
DK
Connection
keep-alive
PX-X-Request-Id
7b8ed990963f4cab525b583a25dc512b
Access-Control-Allow-Headers
accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom
Domain
jouteetu.net
URL
https://jouteetu.net/custom

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery object| bootstrap object| jQuery111303845251532003624 function| intgrtnInit object| intgrtn

34 Cookies

Domain/Path Name / Value
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_clickID
Value: VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_custom2
Value: cnipfd1idncc73efuv80
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_redirectReturningLead
Value: auto
intelligent-money-offers.com/amazonspecial/ Name: intgrtn_locale
Value: en-US
ttincoming.traveltraffic.cc/ Name: _pk_id.7.a085
Value: e9da76a7c5ecbff6.1709545395.
ttincoming.traveltraffic.cc/ Name: _pk_ses.7.a085
Value: 1
.yandex.ru/ Name: i
Value: SEJKzDwdGbj0ljVZAS8oJYFX/8FQAz2fe8AL3MWYVMxAo7jncP8m5WC8O3REGZR6zlGWUNK/y/6BKaqMv8xw8DtGo1s=
.yandex.ru/ Name: yandexuid
Value: 831467951709545394
.traveltraffic.cc/ Name: _ym_uid
Value: 1709545395410017635
.traveltraffic.cc/ Name: _ym_d
Value: 1709545395
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1024167459fake
.traveltraffic.cc/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2643596141fake
.yandex.com/ Name: yandexuid
Value: 831467951709545394
.yandex.com/ Name: yuidss
Value: 831467951709545394
.yandex.com/ Name: i
Value: SEJKzDwdGbj0ljVZAS8oJYFX/8FQAz2fe8AL3MWYVMxAo7jncP8m5WC8O3REGZR6zlGWUNK/y/6BKaqMv8xw8DtGo1s=
.yandex.com/ Name: yp
Value: 1709631795.yu.2048262671709545395
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1864082131709545395
.yandex.com/ Name: ymex
Value: 1712137395.oyu.2048262671709545395#1741081395.yrts.1709545395
.traveltraffic.cc/ Name: _ym_visorc
Value: b
ak.peethach.com/ Name: OAID
Value: 008015d31965464ef944b270eb9bf8c3
ak.peethach.com/ Name: oaidts
Value: 1709545395
my.rtmark.net/ Name: ID
Value: 008015d31965464ef944b270eb9bf8c3
gluxouvauure.com/ Name: oaidts
Value: 1709545395
gluxouvauure.com/ Name: syncedCookie
Value: true
gluxouvauure.com/ Name: OAID
Value: 80b5a625b709ec2dfabea594bc2ab8e0
gluxouvauure.com/ Name: reverse
Value: -MTHpehjXoeGXJ-_IkuVz7Wmc2BjMgkSvVI5kcEifIU
gluxouvauure.com/ Name: prefetchAd_4662728
Value: true
secureltrk.com/ Name: uclick
Value: ze/fwFgKO9413uHzamCYt75UeOsuhwZEvQkT7gO8R+5LsZcXQWv0PDfZBdrtAkRly+VPcw==
secureltrk.com/ Name: bcid
Value: cnipfd1idncc73efuv80
secureltrk.com/ Name: cid
Value: cnipfd1idncc73efuv80
vipntrcking.com/ Name: clickID
Value: VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP
vipntrcking.com/ Name: leadID
Value: VGb3reBm7aD5xAKL1zZkXkRbBOWRwnJYOd6j4oyl02Wq9RgEP

43 Console Messages

Source Level URL
Text
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: http://ttincoming.traveltraffic.cc/?traffic
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://ak.peethach.com/partitial/5117837/?var=7074037&ab2r=0&prfrev=false&rhd=false&sf=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gluxouvauure.com/?s=788453135613174543&ssk=a22b0f8e7c1ef40756e120ee0e4a3a3c&svar=1709545395&z=7074037&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&btz=&bto=&rdc=2
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.peethach.com
fonts.googleapis.com
fonts.gstatic.com
gluxouvauure.com
intelligent-money-offers.com
jouteetu.net
mc.yandex.com
mc.yandex.ru
my.rtmark.net
secureltrk.com
ttincoming.traveltraffic.cc
vipntrcking.com
www.yametric.com
jouteetu.net
139.45.195.8
139.45.197.251
172.67.163.48
193.34.166.43
2606:4700:3034::ac43:dc8c
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::200a
2a02:6b8::1:119
2a06:98c1:3120::3
38.180.18.154
5.61.54.143
95.101.54.107
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
12ec6775e6e6c66843dcf336b5924211ea2e3caabc991877cd1fa13c938454b2
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
1ccab9724b4431c7ae3ef72533b59bd2b0247fae9e9ce64e94d113795ea08f07
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
2108e4e81f3ff4fba039cc49b20acf38af977362e8c6af76ade7aeaca10bc134
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2f7f73991358cbb7263d891de6ea68a3e0de7d680933e19fd074fd77c933f756
340942fd966f1101c41d020e7c8dbab16501a3f7e5962fdd843a51c0ceaae6e3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47
6298f0a9a101a54afa0ed7e7ccd9bb8f6583638f84082c69f5e0e5a2c9961f2e
65c2cbd977d84300563262d5793a07bd1d7b4dcbb3da467102142f14ec2a2001
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
abd0ca3743e585d7a8cf2e3938cf217ed7d631347741ae3b3dd8bb364eb68170
af8993702bec0c70c0751ab8671b149e289062aea89ac2813fc9557d7acca03f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b2b6d3e81b4b17e369bb06b9a65e5df6d736b21c002681b6e7f3db778a6ceba8
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
bc0b78dc30f1132392ea5242c21b637394cf522d42f3f56eb2cf65388f9caf8b
bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
c5018bbfb7054085749bad406434e9295e26f8e59c08b8c5d53cb8b7206853ce
c554fc3b6609c6d9e21b8ee71711c5876f345c85f68b7af05709b606af709e3d
cb1939901be3b1568609eb6d83e7b37fc9bbdf5785252dde9ea7aaf8d92dd91f
d0c7a4e9bbb7f6a33554769805c92064ea198f39778cdeda6840d9e04bc346e9
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
fcd502d46513e9ae1b9a0a6e5ec90e83e17112c433e11009925e43a695a0ec6b
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93