Report - classedenature.fr/47639943-raw-youx-photo-ebony.html

Report Overview

Visited public
2024-10-15 15:36:05
Tags
Submit Tags
URL
classedenature.fr/47639943-raw-youx-photo-ebony.html
Finishing URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
IP / ASN
104.21.78.109
#13335 CLOUDFLARENET
Title
Immediate Edge

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

210

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
optiontwentiethhart.com	unknown	2024-08-15	2024-10-13	2024-10-13	2.4 kB	4.5 kB	172.240.253.132
no-trkk.live	unknown	2024-08-19	2024-10-14	2024-10-14	905 B	525 B	176.97.112.149
ifdtrcking.com	unknown	2023-01-08	2023-01-08	2024-10-14	1.1 kB	9.1 kB	193.34.166.106
intelligentmoneyoffers.com	unknown	2023-11-10	2024-01-23	2024-10-14	84 kB	3.1 MB	77.95.229.40
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-10-13	485 B	98 kB	142.250.74.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-10-13	3.3 kB	102 kB	216.58.207.227
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-10-13	541 B	76 kB	172.67.142.245

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Mnemonic Secure DNS

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-15	medium	ifdtrcking.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	ifdtrcking.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed
2024-10-15	medium	intelligentmoneyoffers.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	intelligentmoneyoffers.com/the-immediate-edge-30d0/polyfills.22e567859223a852.js	ScriptElement	35 kB	2023-05-04	2024-10-25
Pretty URL intelligentmoneyoffers.com/the-immediate-edge-30d0/polyfills.22e567859223a852.js IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-04 13:40 Last Seen2024-10-25 17:46 Times Seen2266 Hash 8a165c8961a0d603b0ee46d4dd223e27 a8b97e01b34dbb2cd82ff9003960eabf344f896e 8570484a108578fc1680984edc4d564d242b1e9442148a766440e196c5f1cc48 Loading...

	intelligentmoneyoffers.com/intgrtn/api/v2/integration/app.js?v=12024915154	ScriptElement	258 kB	2024-09-30	2024-10-25
Pretty URL intelligentmoneyoffers.com/intgrtn/api/v2/integration/app.js?v=12024915154 IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-30 15:36 Last Seen2024-10-25 17:46 Times Seen128 Hash 83bdab2668d404f7113f6e6869bb0d39 46315833158afd906bcfbb52e633a2ec2b094e56 795fd1e1b5627d9f2059671fec24225622d49443b32489ff088ab0253723019d Loading...

	intelligentmoneyoffers.com/exit-popup-im/	ScriptElement	0 B	0001-01-01	2025-07-04
Pretty URL intelligentmoneyoffers.com/exit-popup-im/ IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-04 07:05 Times Seen5271836 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	intelligentmoneyoffers.com/px-mapping/location.js	ScriptElement	671 B	2023-04-18	2025-06-23
Pretty URL intelligentmoneyoffers.com/px-mapping/location.js IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-18 22:44 Last Seen2025-06-23 11:31 Times Seen2298 Hash db75ab7ca0e91970618d692b16f2005a 114d92c1640331d8d38189d94a5c0caa79bedf8a 2f1be024142b29d05600f9a0cd82010e11c5daebf9d6643e0c75bb9b5d4d5238 Loading...

	intelligentmoneyoffers.com/the-immediate-edge-30d0/runtime.f348a9308a6fd1b8.js	ScriptElement	1.1 kB	2024-06-28	2024-10-25
Pretty URL intelligentmoneyoffers.com/the-immediate-edge-30d0/runtime.f348a9308a6fd1b8.js IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-28 15:08 Last Seen2024-10-25 17:46 Times Seen585 Hash 6253871a77deb5ac1abfe82c562ee2a5 cdf60df4b7c6cb28f7b3d2aaffd968e32b2a1f5f 3e8e285e34fac42b04038e893300fc4672beaffdb130a370fe7527e0e53bb2ba Loading...

	intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.js?v=2024915154	ScriptElement	535 kB	2024-09-30	2024-10-25
Pretty URL intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.js?v=2024915154 IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-30 15:36 Last Seen2024-10-25 17:46 Times Seen127 Hash e9fcea9104d7a1414909d0f2103512ca f5daa1cb1003db8a874bfc41ed9c38028b036b48 bb17db8496dc68682b6a04092d4c1173af44dd139533f11c3b373cf64d139575 Loading...

	intelligentmoneyoffers.com/exit-popup-im/js/jquery.min.js	ScriptElement	135 kB	2023-03-10	2024-10-25
Pretty URL intelligentmoneyoffers.com/exit-popup-im/js/jquery.min.js IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:26 Last Seen2024-10-25 17:46 Times Seen2250 Hash 049f756abe05d0fe50872a02e6b79ab3 9f4f135c4efcbf799265d9305a3e4db1e9e60de3 cff299b55aa6ed2728b3d2b51f97f397879e7b9f01443190365d19f35949f97c Loading...

	intelligentmoneyoffers.com/the-immediate-edge-30d0/main.ae0b1d5882e0fb8c.js	ScriptElement	1.2 MB	2024-06-28	2024-10-25
Pretty URL intelligentmoneyoffers.com/the-immediate-edge-30d0/main.ae0b1d5882e0fb8c.js IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-28 15:08 Last Seen2024-10-25 17:46 Times Seen585 Hash 1e838cb334755cb3d3549abe77bcae15 2e279ebed63b08ca74360b7791b724c6135829ef 8e32d6f6715679288b56c0c6454e889cda5a62cbfc1e4b5dd14b40da63af4ca3 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-07-04
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-07-04 07:04 Times Seen69326 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	intelligentmoneyoffers.com/exit-popup-im/	ScriptElement	0 B	0001-01-01	2025-07-04
Pretty URL intelligentmoneyoffers.com/exit-popup-im/ IP 77.95.229.40 ASN #62370 Snel.com B.V. Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-07-04 07:05 Times Seen5271836 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (116)

URL IP Response Size

optiontwentiethhart.com/m03hzj3m?key=3b5beda373977c75aa6dd953b88d3656

172.240.253.132

200 OK

1.3 kB

URL
optiontwentiethhart.com/m03hzj3m?key=3b5beda373977c75aa6dd953b88d3656
IP
172.240.253.132:0
ASN
#7979 SERVERS-COM

File type
JavaScript source, ASCII text, with very long lines (389)
Size
1.3 kB (1272 bytes)
Hash
c28063334c5eaf325ccd9c4d84b671c8
ae318ab7d11042df08522efe32d296263ecfa231
30c321f640fc0b66670b4e8f585dcb5ea5ea0ea1936f60d12ec634d40dad6640

HTTP Headers

GET /m03hzj3m?key=3b5beda373977c75aa6dd953b88d3656 HTTP/1.1
Host: optiontwentiethhart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 15 Oct 2024 15:35:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl19848647=1; expires=Wed, 16 Oct 2024 15:35:34 GMT; path=/
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg0ODY0NywiayI6IjNiNWJlZGEzNzM5NzdjNzVhYTZkZDk1M2I4OGQzNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgyMzU1LCJwaWQiOjU0MjY1MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoibTAzaHpqM20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.dvaCnq50lxjB_lAHA32rUIcuhxBWS7bHumhbf4Lmo6A; expires=Tue, 15 Oct 2024 15:36:34 GMT; path=/
Host: optiontwentiethhart.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f38c322f0cec18633f3e4aa0e3005f35
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

optiontwentiethhart.com/api/users?pii=&in=false&token=L20wM2h6ajNtP2tleT0zYjViZWRhMzczOTc3Yzc1YWE2ZGQ5NTNiODhkMzY1NiZwc3Q9MTcyOTAwNjU5NCZybXRjPXQmc2h1PWJiNjQzMTA0YmFmM2UwM2Y0ZmFhZDRkMjJmZmYzYmEyMTQ3MmFkOWFjZGU2NDk0OWRhMGNlNWNlYmQ2ZmYzYmM0NzIyYTg1ZDIyNGU3NDIxNDkxNTU4ZDllOWFhMjQzNjUxNTczZGI2ZWFkZWVlYTNjOGJmZjdmZjY2N2VhYzdjNTUwMGU1NDI3YjEyNWUwODg0MjcwZTg1ZWM1ODA0NTE4NzJhMWVmNzEzYjBiY2RlOWNmZTMx&uuid=

172.240.253.132

302 Found

0 B

URL
optiontwentiethhart.com/api/users?pii=&in=false&token=L20wM2h6ajNtP2tleT0zYjViZWRhMzczOTc3Yzc1YWE2ZGQ5NTNiODhkMzY1NiZwc3Q9MTcyOTAwNjU5NCZybXRjPXQmc2h1PWJiNjQzMTA0YmFmM2UwM2Y0ZmFhZDRkMjJmZmYzYmEyMTQ3MmFkOWFjZGU2NDk0OWRhMGNlNWNlYmQ2ZmYzYmM0NzIyYTg1ZDIyNGU3NDIxNDkxNTU4ZDllOWFhMjQzNjUxNTczZGI2ZWFkZWVlYTNjOGJmZjdmZjY2N2VhYzdjNTUwMGU1NDI3YjEyNWUwODg0MjcwZTg1ZWM1ODA0NTE4NzJhMWVmNzEzYjBiY2RlOWNmZTMx&uuid=
IP
172.240.253.132:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/users?pii=&in=false&token=L20wM2h6ajNtP2tleT0zYjViZWRhMzczOTc3Yzc1YWE2ZGQ5NTNiODhkMzY1NiZwc3Q9MTcyOTAwNjU5NCZybXRjPXQmc2h1PWJiNjQzMTA0YmFmM2UwM2Y0ZmFhZDRkMjJmZmYzYmEyMTQ3MmFkOWFjZGU2NDk0OWRhMGNlNWNlYmQ2ZmYzYmM0NzIyYTg1ZDIyNGU3NDIxNDkxNTU4ZDllOWFhMjQzNjUxNTczZGI2ZWFkZWVlYTNjOGJmZjdmZjY2N2VhYzdjNTUwMGU1NDI3YjEyNWUwODg0MjcwZTg1ZWM1ODA0NTE4NzJhMWVmNzEzYjBiY2RlOWNmZTMx&uuid= HTTP/1.1
Host: optiontwentiethhart.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://optiontwentiethhart.com/api/users?token=L20wM2h6ajNtP2tleT05Y2E2MDFhOWY0N2M3MzVkZjc2ZDVjYTQ2ZmEyNmE2NiZzdWJtZXRyaWM9MTk4NDg2NDc
Cookie: u_pl19848647=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg0ODY0NywiayI6IjNiNWJlZGEzNzM5NzdjNzVhYTZkZDk1M2I4OGQzNjU2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTgyMzU1LCJwaWQiOjU0MjY1MCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoibTAzaHpqM20iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.dvaCnq50lxjB_lAHA32rUIcuhxBWS7bHumhbf4Lmo6A; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Tue, 15 Oct 2024 15:35:36 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://no-trkk.live/click?key=738d3b0a8b38ffeea519&SUB_ID_SHORT=43d8246635b1067d83a148696aeeed87&COST_CPC=0.002050&PLACEMENT_ID=19848647&CAMPAIGN_ID=958413&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2747786&CATEGORY_ALIAS=Adult%20Social
Set-Cookie: iprca192cecffef83e11c9d081fa69abec72=4929250; expires=Wed, 16 Oct 2024 15:35:36 GMT; path=/
pdhtkv=true; expires=Wed, 16 Oct 2024 15:35:36 GMT; path=/
uncs=1; expires=Wed, 16 Oct 2024 15:35:36 GMT; path=/
pdhtkv28=true; expires=Wed, 16 Oct 2024 15:35:36 GMT; path=/
uncs28=1; expires=Wed, 16 Oct 2024 15:35:36 GMT; path=/
Host: optiontwentiethhart.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 373a102349ec9982d5907a80969ffa0e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

no-trkk.live/click?key=738d3b0a8b38ffeea519&SUB_ID_SHORT=43d8246635b1067d83a148696aeeed87&COST_CPC=0.002050&PLACEMENT_ID=19848647&CAMPAIGN_ID=958413&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2747786&CATEGORY_ALIAS=Adult%20Social

176.97.112.149

307 Temporary Redirect

0 B

URL
no-trkk.live/click?key=738d3b0a8b38ffeea519&SUB_ID_SHORT=43d8246635b1067d83a148696aeeed87&COST_CPC=0.002050&PLACEMENT_ID=19848647&CAMPAIGN_ID=958413&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2747786&CATEGORY_ALIAS=Adult%20Social
IP
176.97.112.149:0
ASN
#43180 Virtual Systems LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?key=738d3b0a8b38ffeea519&SUB_ID_SHORT=43d8246635b1067d83a148696aeeed87&COST_CPC=0.002050&PLACEMENT_ID=19848647&CAMPAIGN_ID=958413&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Linux&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28X11%3B%20Linux%20x86_64%3B%20rv%3A96.0%29%20Gecko%2F20100101%20Firefox%2F96.0&REMOTE_LANGUAGE=11&BANNER_ID=2747786&CATEGORY_ALIAS=Adult%20Social HTTP/1.1
Host: no-trkk.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://optiontwentiethhart.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
date: Tue, 15 Oct 2024 15:35:36 GMT
location: https://ifdtrcking.com/click.php?project_id=ju&affiliate_id=79b2b9ace4&custom2=cs78ni5a6vts738c8pog
server: Caddy
set-cookie: uclick=zeyPlVZfMdI117KhYGCYshPKKzoj8LTvo6ZOaKygUDlomQX9p29Ok2lGFr4RzP2wmK07wg==; Max-Age=31536000; SameSite=Lax
bcid=cs78ni5a6vts738c8pog; Max-Age=31536000; SameSite=Lax
cid=cs78ni5a6vts738c8pog; Max-Age=31536000; SameSite=Lax
x-request-id: 74e3c158-280a-41bb-a64a-e9d31d3bf5eb
content-length: 0
X-Firefox-Spdy: h2

GET ifdtrcking.com/click.php?project_id=ju&affiliate_id=79b2b9ace4&custom2=cs78ni5a6vts738c8pog

193.34.166.106

302 Found

20 B

URL User Request GET HTTP/1.1
ifdtrcking.com/click.php?project_id=ju&affiliate_id=79b2b9ace4&custom2=cs78ni5a6vts738c8pog
IP
193.34.166.106:443
ASN
#62370 Snel.com B.V.

Certificate
IssuerLet's Encrypt
Subjectifdtrcking.com
Fingerprint4F:84:08:FA:2F:C8:A2:4B:E3:DA:9B:2E:D9:D1:26:0C:4E:96:5A:49
ValidityThu, 29 Aug 2024 02:06:34 GMT - Wed, 27 Nov 2024 02:06:33 GMT

File type
gzip compressed data, from Unix
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /click.php?project_id=ju&affiliate_id=79b2b9ace4&custom2=cs78ni5a6vts738c8pog HTTP/1.1
Host: ifdtrcking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://optiontwentiethhart.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Tue, 15 Oct 2024 15:35:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; expires=Tue, 22-Oct-2024 15:35:36 GMT; Max-Age=604800; path=/; samesite=None; secure
leadID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; expires=Tue, 22-Oct-2024 15:35:36 GMT; Max-Age=604800; path=/; samesite=None; secure
Location: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: arganto
PX-X-Request-Id: 8acd4d581e0b0943dee6f5a60721f2cd

intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd

77.95.229.40

200 OK

2.3 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
HTML document, ASCII text, with very long lines (6256)
Size
2.3 kB (2302 bytes)
Hash
445b69e0637f67a07819a2471e367b0a
08680bbdb3424bf5f672fc76de92bed2c57ecafb
6ab16c3f088a54cbe8b9a33da57173e5ef8dc53d57f33d5cb32255b3ba15d546

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://optiontwentiethhart.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:07:01 GMT
ETag: W/"667d0f95-2e15"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 4c5a40720f292e56a3864dd4ebca77c6
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/px-mapping/location.js

77.95.229.40

200 OK

333 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/px-mapping/location.js
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
ASCII text
Size
333 B (333 bytes)
Hash
db75ab7ca0e91970618d692b16f2005a
114d92c1640331d8d38189d94a5c0caa79bedf8a
2f1be024142b29d05600f9a0cd82010e11c5daebf9d6643e0c75bb9b5d4d5238

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /px-mapping/location.js HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-29f"
X-Upstream: evlampi-***ko
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: f32975c3e87b9f04b976059e9705749d
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/runtime.f348a9308a6fd1b8.js

77.95.229.40

200 OK

652 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/runtime.f348a9308a6fd1b8.js
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JavaScript source, ASCII text, with very long lines (1109), with no line terminators
Size
652 B (652 bytes)
Hash
6253871a77deb5ac1abfe82c562ee2a5
cdf60df4b7c6cb28f7b3d2aaffd968e32b2a1f5f
3e8e285e34fac42b04038e893300fc4672beaffdb130a370fe7527e0e53bb2ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/runtime.f348a9308a6fd1b8.js HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-455"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-b2c6/runtime.f348a9308a6fd1b8.js
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: f85b62fb730effcd19232f636bc61c05
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/polyfills.22e567859223a852.js

77.95.229.40

200 OK

12 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/polyfills.22e567859223a852.js
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JavaScript source, ASCII text, with very long lines (35223), with no line terminators
Size
12 kB (12516 bytes)
Hash
8a165c8961a0d603b0ee46d4dd223e27
a8b97e01b34dbb2cd82ff9003960eabf344f896e
8570484a108578fc1680984edc4d564d242b1e9442148a766440e196c5f1cc48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/polyfills.22e567859223a852.js HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-8997"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-b2c6/polyfills.22e567859223a852.js
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 7061fc00870799fc2a2d3ffcd82c7ae3
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/main.ae0b1d5882e0fb8c.js

77.95.229.40

200 OK

335 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/main.ae0b1d5882e0fb8c.js
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
335 kB (335114 bytes)
Hash
1e838cb334755cb3d3549abe77bcae15
2e279ebed63b08ca74360b7791b724c6135829ef
8e32d6f6715679288b56c0c6454e889cda5a62cbfc1e4b5dd14b40da63af4ca3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/main.ae0b1d5882e0fb8c.js HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-119c36"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-b2c6/main.ae0b1d5882e0fb8c.js
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: bc8baa690355d94dc6c18d26312c3d7d
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

77.95.229.40

200 OK

0 B

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

HEAD /the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: text/html
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:07:01 GMT
ETag: W/"667d0f95-2e15"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 43d514b4965bf820bd87545d98c64a9f
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137

GET fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,700&display=swap

142.250.74.42

200 OK

98 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,700&display=swap
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint80:2E:9C:80:BE:20:08:CB:81:6F:92:4C:83:5C:1E:73:D7:6B:F3:27
ValidityTue, 24 Sep 2024 03:17:04 GMT - Tue, 17 Dec 2024 03:17:03 GMT

File type
ASCII text, with very long lines (56167)
Size
98 kB (97699 bytes)
Hash
eaf2473dba15e82411e64765eb5b0f63
20234a8359338053704d31889d70443212b8f707
9fb4a17666aa2848e9a311481d56b18fd5784c4902632db97a8c05e7a0974608

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,300;0,400;0,700;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Oct 2024 15:35:37 GMT
date: Tue, 15 Oct 2024 15:35:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.js?v=2024915154

77.95.229.40

200 OK

55 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.js?v=2024915154
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JavaScript source, ASCII text
Size
55 kB (54743 bytes)
Hash
e9fcea9104d7a1414909d0f2103512ca
f5daa1cb1003db8a874bfc41ed9c38028b036b48
bb17db8496dc68682b6a04092d4c1173af44dd139533f11c3b373cf64d139575

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/integration/sdk.js?v=2024915154 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Oct 2024 12:27:48 GMT
Vary: Accept-Encoding
ETag: W/"670e5fc4-82ace"
Expires: Wed, 15 Oct 2025 12:34:35 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: cf109b493e54dfdc1b5a6f94e1040592
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: HIT

GET intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.70.1

77.95.229.40

200 OK

8.9 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.70.1
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
Unicode text, UTF-8 text
Size
8.9 kB (8892 bytes)
Hash
c5aaef8b4fac38f9516193512d1d3f76
28ff03466bc5813773a977a6bb03c2685fa93c54
823d1157dd47f546625eaae67213f0b0d2ed4aeca5d71b100a289ee3f8aba213

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/integration/sdk.css?v=2.70.1 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 30 Sep 2024 13:22:54 GMT
Vary: Accept-Encoding
ETag: W/"66faa62e-1589d"
Expires: Tue, 30 Sep 2025 13:32:55 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: bb9d869e29ee60ca4ed84b86a8f7315b
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: HIT

GET fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 18:11:53 GMT
expires: Sat, 11 Oct 2025 18:11:53 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
age: 336225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ie-logo-nav-desktop-1step.png

77.95.229.40

200 OK

2.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ie-logo-nav-desktop-1step.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 309 x 52, 8-bit colormap, non-interlaced
Size
2.4 kB (2443 bytes)
Hash
0459b7e26a6ca31cce9a64ebb3487e1c
f396c9d1d79707ad7fcb914ff9ebc5de9f969f7e
201e3f4394c2e234d7a5f94c78bbfc23ff56f269288ebf49560657fc1f1aaf07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/ie-logo-nav-desktop-1step.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-96f"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/ie-logo-nav-desktop-1step.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: ccaeaf5bd98f89db4af30b9b4c28e205
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ie-logo-nav-mobile.png

77.95.229.40

200 OK

2.6 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ie-logo-nav-mobile.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 56 x 56, 8-bit colormap, non-interlaced
Size
2.6 kB (2644 bytes)
Hash
2e5d0fa57b9f3adeade0e421da06a56f
816baaf0c582cf86407640306d199e76c47465a1
3468f8886d887602b10bc1b998d9ea028c75b39c73b9a41350ef6d2747f42c66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/ie-logo-nav-mobile.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-a38"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/ie-logo-nav-mobile.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 1aa207a90c7d6937be6733d8fcc7e244
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ice-logo.svg

77.95.229.40

200 OK

1.9 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ice-logo.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
1.9 kB (1948 bytes)
Hash
71240d2742866919642df08f8d0c312b
d489b8c48e274499a91704ef7873fa34648dcc4d
61a453734473e2989b6479eb160a65fe6e938570e995239eaf1fcab13dc145f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/ice-logo.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 1948
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-79c"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/ice-logo.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: a7ce3cf6f7d82a55d0786e25fd547e7d
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/symantec.png

77.95.229.40

200 OK

7.3 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/symantec.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 654 x 174, 8-bit colormap, non-interlaced
Size
7.3 kB (7251 bytes)
Hash
40548510f3d6f7abeb3f38b28788a4bc
857f0cf462e24a492be1bf9eb195b42756feb51c
487abf0f6e6b4ac3bd7ab1a24da4c55ee983f0b50eb9aeb2602d86c879cbc2fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/symantec.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1c3d"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/symantec.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 59a5439600be9d4653f03ede02643039
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/mcafee.png

77.95.229.40

200 OK

10 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/mcafee.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 654 x 174, 8-bit colormap, non-interlaced
Size
10 kB (10343 bytes)
Hash
24ed5520be3d9917a455ec3dfd633eab
2e3e3a7c6f25af5851baedea7108139e42b61a5d
27c690a67d13f7c17fdd637895b59b433c60ab64a09bd15ff6c9d7d42bb7feb1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/mcafee.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-2850"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/mcafee.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 4cbe1cfa94ecfcf8cbe02537100b073c
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verisign.png

77.95.229.40

200 OK

5.8 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verisign.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 654 x 174, 8-bit colormap, non-interlaced
Size
5.8 kB (5789 bytes)
Hash
6801e3d07e74d1a33ba8874ae026593a
e39818034c35a253f3b0152849efc510cafb4153
b4dead132464e01505ebc95917e44660dfacf176934fb36ac30d7611269977b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/verisign.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1681"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/verisign.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: f7eb6725d04a73c2e6b9f6d89540207a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ssl.png

77.95.229.40

200 OK

6.6 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/ssl.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 654 x 174, 8-bit colormap, non-interlaced
Size
6.6 kB (6586 bytes)
Hash
5c412d96fe0eb382a493850dd19137e3
5d16a1561185950814e4b65aed8c07185621e4f3
f684a91b0416cd83b97d8e07209fc43d94b811c300ee882120f1379f5b54a932

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/ssl.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-19bf"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/ssl.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6749606d69745a7fa303d58793971ccf
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/geotrust.png

77.95.229.40

200 OK

5.6 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/geotrust.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 654 x 174, 8-bit colormap, non-interlaced
Size
5.6 kB (5645 bytes)
Hash
e0dd2dcc9a87aaccc17a0fb2267ea21b
510124dc3ae224e6bd10971694d6baed8351e099
9a018896a61eedb4db0242bd79447cc43d6c04198b7de9ae3a4bc72662fea821

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/geotrust.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-161d"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/geotrust.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: ce38282d719fb0863a8b5f751c6244b0
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/secure.svg

77.95.229.40

200 OK

5.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/secure.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
5.4 kB (5379 bytes)
Hash
a436bdc813017b73bfcb26504a02225b
435ef1e3498f312cf85674412b31b2e4ad7b2178
7ff3f73adf0d771ff7b0f300a6199bc7c67e1d60bc1393034489749b5c4df532

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/secure.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 5379
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-1503"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/secure.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 2794ef6462c5ad561bfd10c9c84f496a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/i18n/default.json

77.95.229.40

200 OK

8.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/i18n/default.json
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
8.1 kB (8102 bytes)
Hash
ab43c887944f5d64669e5ba956dce1b3
22e35b05b2bb931d2809fbb18c180d812b96c55f
c28cbdd8f2ef45f6d713e6c6e793773fd1fad5d32ed5f0855a0338e9fbde856b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/i18n/default.json HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: application/json
Content-Length: 8102
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-1fa6"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/i18n/default.json
Accept-Ranges: bytes
X-Server: gringo
PX-X-Request-Id: f9ce07ae73554754169d34057539c3ce
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-1.svg

77.95.229.40

200 OK

8.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-1.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
8.4 kB (8370 bytes)
Hash
92d19e68f617639a728eb827aaab340a
db44c23ca17239c6998670a48b7148baf851c4dc
66ccb9bc44b65f07fab4d1f05e467272bda8685a31830ef05247ab3051054975

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/verified-1.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 8370
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-20b2"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/verified-1.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: e29b182f69fd681c836ebcc61f3fba8f
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-2.svg

77.95.229.40

200 OK

5.3 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-2.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
5.3 kB (5306 bytes)
Hash
0da60a5c90003c6f911425d84d551f4f
b3923a72581761e336aaf9a2f1f5b9613972b277
63bd1d211265e52cb93edab6cad4f65bf1ba0bde4d27a6e9911cbd82bf607658

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/verified-2.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 5306
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-14ba"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/verified-2.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: c853bec479e693ff6f44767e731266cb
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-3.svg

77.95.229.40

200 OK

3.3 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/verified-3.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
3.3 kB (3299 bytes)
Hash
8af4c607c65bb329c9130764cc178687
141d7f57839513929e9bf19eeb4726fe38af5c2b
f936d77442be2c6207c645cda944212a32a1f503df4486729210bb8cb1f0273f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/verified-3.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 3299
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-ce3"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/verified-3.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 2c5f224fead256a4f4e6d0345257ea92
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/img-pic-3.png

77.95.229.40

200 OK

39 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/img-pic-3.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 330 x 330, 8-bit colormap, non-interlaced
Size
39 kB (39169 bytes)
Hash
90c5cdcbb48c0b7b8dd7f8c239cd58fb
65ae2133c63942ac245b3caa50d4a73108527de0
b0de93647fee265ea2c4f647c725885d2691d0aa35afbe9345122af900d67a30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/img-pic-3.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-98e0"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/img-pic-3.png
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: ec1cfbf08964a30cd006f9bf8674db85
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/coins.svg

77.95.229.40

200 OK

17 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/coins.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
17 kB (17096 bytes)
Hash
789521547679a35efb666ef40126c05d
7baafbd2d2b502e13deb06bc784dfebf3a15a85d
033ff9d3580bc9fd7ee177b4d8fc9e73f0a5b108d2e844ada9ffaeddc441b8ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/coins.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 17096
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-42c8"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/coins.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: b540d59d10a90396ec56bfd81e46fcad
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/payout-icon2.svg

77.95.229.40

200 OK

919 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/payout-icon2.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
919 B (919 bytes)
Hash
6d4ba68b09ae688a7cb078120d2d67ba
71ab531503aaad9b80b279871173be7db75fd2db
94ec31a79ded1e95c6fc949cfd9b7c980ba05990b8509221c5e1568b695aa55e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/payout-icon2.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 919
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-397"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/payout-icon2.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: a678be29e056757be59d7f83aeca6612
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/plus-blue.svg

77.95.229.40

200 OK

1.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/plus-blue.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1451 bytes)
Hash
d12fc83d41d2779d317f7d2d43286c79
9004f3d264f8db721ce044e137f4f88f4ef3a7d0
47742d80c62698823c75b8abb55ffe045fb3f4b80e5ad9e0f07b1d037d36e407

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/plus-blue.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 1451
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-5ab"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/plus-blue.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6ef7b6e1587c6db6ce45a2d6961645f2
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/plus-green.svg

77.95.229.40

200 OK

1.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/plus-green.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1464 bytes)
Hash
3c34e64de49e6dec6df4f94b3bf85fe5
377fbbbd8a95ae2b3499ca612e6c8f282bc354e3
183a9657082d1764b9e43a43a854153d672db0ac9cd8845387a205668c71b83b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/plus-green.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 1464
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-5b8"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/plus-green.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: ca49da04758757f62fb2604de1d8fa59
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/facebook.png

77.95.229.40

200 OK

9.2 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/facebook.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 618 x 126, 8-bit colormap, non-interlaced
Size
9.2 kB (9195 bytes)
Hash
09ff458d1d25aa6931491304c7c0c9b7
c040576ca8c172672aa22a2a9603e01acd5645af
0d9c57941452873a53ff7d81fe50caa50ca89ead1904eb53935f83c870cab6c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/facebook.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-23ed"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/facebook.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 603fec315b7eb1fd2186f1519e9e5760
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/four-stars.png

77.95.229.40

200 OK

4.3 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/four-stars.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 401 x 95, 8-bit colormap, non-interlaced
Size
4.3 kB (4274 bytes)
Hash
2082d5d6390e872ba5da59a91aba3a57
68f0b016ae9056b17109297b407f8bcc181f0121
626b338e2c7f8e953215dbdb45d6dd8f466c82a48f39e9febfd5e26eec8de1ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/four-stars.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-109b"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/four-stars.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: da19139fa086d7eb70cb1e781cdb2263
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/five-stars.png

77.95.229.40

200 OK

5.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/five-stars.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 500 x 95, 8-bit colormap, non-interlaced
Size
5.5 kB (5457 bytes)
Hash
e7286c47b3b5f9c3a1923a015040641a
cf39a16c1c86f73685334520505145142dfc9fd2
f021fe8757aa16e7b7be4bf722a4e8ca0a20fc9b00e997c1e62c3ac76019a943

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/five-stars.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1535"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/five-stars.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 063da2dd170803533a08c81feaff24a3
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/stop.png

77.95.229.40

200 OK

5.0 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/stop.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Size
5.0 kB (5046 bytes)
Hash
dc00ec155d13ead977b78ed4a15dff43
8849b2d3ce65aaf398f093f90f4a2d5af371b66b
5e4b7d13b0771dc1ef3266ff906022c74b05a7baf949646cfea3b462009302ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/stop.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-13cc"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/stop.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: b4d42848e5a872aca08733614b55d955
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/icon-blue.svg

77.95.229.40

200 OK

3.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/icon-blue.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
3.1 kB (3108 bytes)
Hash
02ab5dafbcef9af2e3a82a47abfda205
52b0aadba99bf1c047aeb9a15a19fc99f462ac18
5f1372626e4f0ad44e710dccbfc89d9f04faa66eeaf1d0f97414acd39f08f293

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/icon-blue.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 3108
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-c24"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/icon-blue.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 635d644b8dbe94c3c68f4ba4cc51188d
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/winkle.png

77.95.229.40

200 OK

37 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/winkle.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 330 x 330, 8-bit colormap, non-interlaced
Size
37 kB (37390 bytes)
Hash
86d347ceb23446481bcd798db9bc8705
4d8064a25a40fc505f4adf5c64a362e8c68a38a2
ae6ef56d6ca864c4e8ddb849d2a261b3c1e0bed29c66a24e3a7d427c2ceb1945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/winkle.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-91f2"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/winkle.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 76b852cceb85e2f6c2110a9039590b25
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/exchanges.png

77.95.229.40

200 OK

138 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/exchanges.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 450 x 450, 8-bit colormap, non-interlaced
Size
138 kB (138495 bytes)
Hash
478f18318e39b0b1e94c35b3d0034837
f9fc40703c8d14a875f009a67e15c4494eee04c5
70a9380f754ad55314606f9fd1d58d2d9b612cf7ff54b167e8e720b550094b3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/exchanges.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-21cc0"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/exchanges.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: e7e21d692ca903def6587e1e45ba52ea
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
Size
19 kB (18596 bytes)
Hash
c83e4437a53d7f849f9d32df3d6b68f3
fabea5ad92ed3e2431659b02e7624df30d0c6bbc
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 07:17:55 GMT
expires: Sun, 12 Oct 2025 07:17:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
age: 289063
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi2.png

77.95.229.40

200 OK

47 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi2.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 327 x 328, 8-bit colormap, non-interlaced
Size
47 kB (46613 bytes)
Hash
856a9dd056004ce56b9b0585dab64084
a03d2c17c9e4bba8909d510893a1a4d7127ea71f
fa192da21d32713a7d21b556348122fb5d02bf755fe83391e39f508f29d02c28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi2.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-b5f4"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi2.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6e3fe6fb2a5557cceea470dad01f5ea6
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

216.58.207.227

200 OK

20 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19780, version 1.0
Size
20 kB (19780 bytes)
Hash
608471849f9473adb650b0bdad1f52cc
9abf0be47629f6f8be140847242b37e647bf60aa
0e100b86870ec5caaa887e0fe743b177d57e02242812a0cd4675781dfffea440

HTTP Headers

GET /s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 02:52:13 GMT
expires: Sun, 12 Oct 2025 02:52:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
content-type: font/woff2
age: 305005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi5.png

77.95.229.40

200 OK

162 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi5.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 328 x 327, 8-bit/color RGB, non-interlaced
Size
162 kB (162352 bytes)
Hash
b47855df34228416fb2377110fde2cc9
b56c43ff788921f5f3cee508f898189b28969c9c
9d2a2dbc11bc80daa20312c293bbe21376cfaa099a67163e7afbdf4615a14ea6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi5.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-27c84"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi5.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 3fdbafce8ba9a58afee7d74b861d017f
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi1.png

77.95.229.40

200 OK

52 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi1.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 328 x 327, 8-bit colormap, non-interlaced
Size
52 kB (52461 bytes)
Hash
09c2664d24e95652df66165cc6e211d3
1ba6fcaaced1d3dd518018be909039b6a2464380
fec6c16dcae3ff5fce21d5e3437eea87d882885ef9a12ae0e3c6ce5adce0d886

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi1.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-ccc7"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi1.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 9fbd743da18d00ce1ae560d115ea48e2
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/quotes-api-wrapper/

77.95.229.40

200 OK

5.2 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/quotes-api-wrapper/
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
5.2 kB (5246 bytes)
Hash
5f148a5d554068834cf444cd45c3c6a2
22a7b741fa0028c5c9adb923adee76ffa4208ed0
245dcfe7daa42d4d4a314506b4d0157e04b97b8aae9ae932f75efabd2ac1ffcf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /quotes-api-wrapper/ HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS,GET,POST,PUT,DELETE
Access-Control-Max-Age: 3600
Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
X-Upstream: evlampi-***ko
X-Server: gringo
PX-X-Request-Id: 352a11f2dcc461b6a8cbb722b470193a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi3.png

77.95.229.40

200 OK

42 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi3.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 327 x 328, 8-bit colormap, non-interlaced
Size
42 kB (42036 bytes)
Hash
b69af598997b5dbba19eda0c09a6e3ea
f12421633a2c0712d6cc6bb786b31e3e975050f1
5b90c8c9c42358893e3e4e85d6ded65052dcc95818be6ef2a2735c2d0bd1860f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi3.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-a419"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi3.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: a782c256dd871ff5657017e647ff2ce7
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi4.png

77.95.229.40

200 OK

163 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi4.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 328 x 327, 8-bit/color RGB, non-interlaced
Size
163 kB (162899 bytes)
Hash
4e5f8e0d00d58f47434831e829203a90
7ea43cd6c527cbbddb690380bf2eaeb183afd7e8
7dd6dca15fae183d2e2498fe87ca0c49dd0d945d2313c84b92940190144f908b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi4.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-27e87"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi4.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: b66b414f98e4b088c13346c0511cc4e8
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi6.png

77.95.229.40

200 OK

108 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/testi6.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 328 x 327, 8-bit/color RGB, non-interlaced
Size
108 kB (107703 bytes)
Hash
16aaf7243ec71906ce1077a2ea6f6e63
40c46905e9960a6733d84f64a63a226dd845d907
9c8fed4839aecc826d77dcdf60279252fd7877e291ec340a817ae3ed22faa812

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/testi6.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1a714"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/testi6.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: b90c94fb7f75953d8bd5f24b3806df04
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-1.jpg

77.95.229.40

200 OK

3.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-1.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 128x128, components 3
Size
3.5 kB (3517 bytes)
Hash
f1ea71af0ca2ac433bcdf2f855ae7d64
e0887886da1a4551266e66af8d4e27ad8965628e
14041ae6a43aa7248486a5207765c67f4b970b67db24031b3bed2f52163aabf5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/fb-user-1.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-e08"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/fb-user-1.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 3f2ac4f74f9adb20aa54424832486f12
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user.jpg

77.95.229.40

200 OK

2.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
2.8 kB (2804 bytes)
Hash
a7744050118401d7afc0d05e78cddeb2
7d6cc54f6b53349482391c71553741cd261495e6
3fff7c77ac4d967f819d6c3754aaace800f8d519b581eafcbdca01ec8b3a6ebb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/fb-user.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-b01"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/fb-user.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: c9206121e3b5588037b82da668f6d959
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-3.jpg

77.95.229.40

200 OK

5.2 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-3.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
5.2 kB (5247 bytes)
Hash
8718c9a5a5684c00f7bb875d77196856
ce7217096c7e0a53c7f0899a09df8ec94c121467
35a0b259ed4f25999478cf047eddb8453afa34afa7b1d11fa2fafe44c78e3385

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/fb-user-3.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1486"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/fb-user-3.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 7ef70c296b90d290bb323671183d44b9
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-4.jpg

77.95.229.40

200 OK

4.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/fb-user-4.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3
Size
4.4 kB (4400 bytes)
Hash
996bcb2a310bfdecbc87ea15a3d1920e
eba25840edd2318b7f20ce9406df11d0132f3028
911a38ecaac53bad168ca8e0086405365c2f4424979e32f0974246f8aecdb958

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/fb-user-4.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1152"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/fb-user-4.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6e001c1c05326baadff2ad1c1302204e
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/7.jpg

77.95.229.40

200 OK

4.7 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/7.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.7 kB (4692 bytes)
Hash
605af7fa51e2abb4df27027909bf7c4a
d08645e62b586a65649504745645178b41525999
f25b1b7a6a351c0f748d81bf4fcaf8c5a2f8ed036563c2693d4c1ca3718d9d5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/7.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-137c"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/7.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: c00c36c13f272651209fcb85c658083a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/54.jpg

77.95.229.40

200 OK

5.6 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/54.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
5.6 kB (5615 bytes)
Hash
ba3a7a02107e8655d89eb6ed3fbf2398
fb8858080a6e7510da4538f237f27dfd9812c6d4
d4885b6c62fec6a9ddc0450843dbf6e81ee9d8b412c1b8f74b8edae87c3304cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/54.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1713"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/54.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 63aa9867a24d3b1e769bb2e6f1bef943
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/80.jpg

77.95.229.40

200 OK

3.7 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/80.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.7 kB (3695 bytes)
Hash
18c2bc7fcf2f432829d42981a8e18ad5
420ffaee6161ffda7cc1a8e46985dfc7d06e34af
29eebfa854e576bf7a03854062fca29586a3feb8795a9239fb40232c7988df9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/80.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-e76"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/80.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 5671f63cba4c0e0bb06cab448e20fce4
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/69.jpg

77.95.229.40

200 OK

4.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/69.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.8 kB (4785 bytes)
Hash
1c4fba8570c0f73d3e1ce297ffce0ddb
a517bd5f169eefe4681908aedcc941af79ebfa39
ecda74904047c8da6fda1df1167b908c46041459436f6b80eaf5cd70a0658337

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/69.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-13d8"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/69.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 3dea4ee1637abbded3d74a71f6401cb4
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/58.jpg

77.95.229.40

200 OK

3.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/58.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.8 kB (3845 bytes)
Hash
a5c40b5ecd0a3fd38a97bcfa2117bc81
0f2d01ceeb5791c242513cd7a483c9a1616eb179
ae826b091273e6ec9a7508d7f8a22567a240c4481a53763d654f12ac411464ad

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/58.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1033"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/58.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 8f9ae30b283309049b40a7fa2ca0c890
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/80.jpg

77.95.229.40

200 OK

4.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/80.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.8 kB (4808 bytes)
Hash
5a2aefa4590203ec3d78c97cb0d2da83
80d1ed05cd342cee1777d769b33f4642bb7e8c45
43afb23ac31ecd105f2cb1d72f18aea9def12050c10d70fa02f07814dde008cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/80.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-12d1"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/80.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 0c459dc2ab656348c13ad059160d6acd
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/75.jpg

77.95.229.40

200 OK

5.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/75.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
5.5 kB (5543 bytes)
Hash
7004fabbdb67e146f09a72497c6a75cb
5f2a8a7379c2b598d8f5ed4fdf9f3d31b612649f
c7e8aa07f59ba44ea6a7fc86d84f35eb97e54d4154f2dc63143952ea26a72104

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/75.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-16cc"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/75.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 133c3f7f6ecbb42577c7b4eff8f92cb0
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/77.jpg

77.95.229.40

200 OK

4.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/77.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.1 kB (4069 bytes)
Hash
2f04cabbfb0db0491ce65cbfe2610a93
59891fc758cb90f438350729fdaf4a60878d8ff3
2b60a52f98219bd878af04c6c7a7cbbd291bae76598bbdf3c1148ce294256869

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/77.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-ff2"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/77.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 804f55fecfb57388c3e3998760d0cd71
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/56.jpg

77.95.229.40

200 OK

4.9 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/56.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.9 kB (4868 bytes)
Hash
aa74824e8dcbdfa396d34fcba51ec424
ef6aa223f2d83bbca0d8dca253752ed0d00f9bb0
1468690451b81be74fdf90ee11d190bb1d226560f532cf4a883b50fc5dfaebcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/56.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1428"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/56.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 2e2eb36e0b90b82c14cdbbbf50a6642a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/36.jpg

77.95.229.40

200 OK

4.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/36.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.4 kB (4449 bytes)
Hash
98a89f410bf09c54acc1e100ab25d03e
409639a555689a5d9f4f7a39d0234cbfca02c21b
a9401e55315197e2e17043ce3219e23178f718cee2fab13579b4f3fc5906eb5b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/36.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1287"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/36.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: d2c0aea405b523e8532a0ffe24d3bfdd
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/31.jpg

77.95.229.40

200 OK

6.4 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/31.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
6.4 kB (6366 bytes)
Hash
36236f25631fb18a4931836b4446d686
5469f02932d8e06ea11bc3898032699476c6550f
ab391f0ae1611fc32c31fbe5663bde5bba7a80efa851ceeec4b58eeab6931f4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/31.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-18ec"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/31.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 21c1811ef1ff99ff0a55dbe8a2f0d2c2
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/33.jpg

77.95.229.40

200 OK

4.8 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/33.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.8 kB (4809 bytes)
Hash
1121ddf517575b4a1249721ede9db926
a8deb0806ecb230ed941d771dd185bcb77ae8017
ae1d49872fdd6f8d9aa933f6ca8bce8cb1ba7e87dfb9d2926661184cb7bfe26d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/33.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-13f5"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/33.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: c663738326d6778e5b90b9f3b61203aa
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/19.jpg

77.95.229.40

200 OK

6.9 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/19.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 128x128, components 3
Size
6.9 kB (6942 bytes)
Hash
885eb8b494ed32c5d00911aaf8752db3
603ba8730a70028bb9a8232da309a154c36ca91e
c493b0a6d9a42ed0a102bcd31360d00491e23ac5cb4f7cbf8ae9c61f577ccccc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/19.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1b23"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/19.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 41cb2e65263091453fbab41d85f9ad72
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/76.jpg

77.95.229.40

200 OK

6.3 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/76.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
6.3 kB (6279 bytes)
Hash
72d2e8c2cfb589a8791ff2bb3625cf34
082ce6ef5a6fe7f464d6ffb5ed4d0feb99bb21db
2a0f9df9f842b1b4aea854a1cd77be199011a6a71d228df03335b527b2c91f66

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/76.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1894"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/76.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 110f842a0469463eca0822db059ada6c
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/41.jpg

77.95.229.40

200 OK

4.0 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/41.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.0 kB (3951 bytes)
Hash
0f4246ee8b6dd185af6607d249a29efe
db09f7cd338607cb3c5e680a0efc410a2af1ed0f
8c7df7267d485c5d3e33644f059c1a25940056d6c4eef9e89d7091eaf250fa2e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/41.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-109e"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/41.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 4ea8121e17f5454af2558b6d856413db
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/88.jpg

77.95.229.40

200 OK

3.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/88.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.5 kB (3538 bytes)
Hash
5e91b89e1853920bb0069e48726f4f7d
39a6f4541da5019196560567be1b1f809ad4320f
1b3bb15506d4e4378f8c31f163859bba7155263c02d06221e3b376285498764e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/88.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-f04"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/88.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: f7da9b3f44ffebfc64a3ef1469705701
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/28.jpg

77.95.229.40

200 OK

4.7 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/28.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.7 kB (4729 bytes)
Hash
fcbe852df16aa4673ee3774c52e8a4d6
e18d7a00782c70aeae6496dbb11e569069082a2c
421ebb300c84634c3d9d7ba92a2780264a4e333b0cc4c1da8d8b98f9830fc420

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/28.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-13a0"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/28.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: d752ee5c43377f35b4c43274229a1dc8
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/48.jpg

77.95.229.40

200 OK

3.7 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/48.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.7 kB (3743 bytes)
Hash
a7a84d5e4d090723fe7ab59e45d387cd
7dbfe519d334d518b6f8c8e3afcafec5e758112e
ac4b943b43fea60f3a33c1069444b3e287daac2a9d435b2b58206a805b6ceb4a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/48.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-eb7"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/48.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6cc9e10ea82d3f83a5a440439d7ff98b
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/85.jpg

77.95.229.40

200 OK

5.2 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/85.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
5.2 kB (5204 bytes)
Hash
333b7d239936731c61f71e46dbf9d56d
63b1844c73cfb06c4541d968f3b06852995bb7d4
e55f3cdab57eb4084f7006cfe9f7f047e638e1b257a53498aaed14b83087152a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/85.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1570"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/85.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: ab9ff83045867d30f5ca04a6d04e8a2e
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/94.jpg

77.95.229.40

200 OK

5.6 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/94.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
5.6 kB (5604 bytes)
Hash
24195ba1d62626c4289f21237387811c
be2a79acb8d5e4a70ac2e4b58be0dfd6f5c34ebf
ccb8bb5abc7700fec0145db49ddf0cca3724ffbab0ea349dd70a4c7b0ef71e3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/94.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1709"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/94.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 090e55fb49d4c9fbb025069156f3c891
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/10.jpg

77.95.229.40

200 OK

3.6 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/10.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
3.6 kB (3642 bytes)
Hash
183bbe6f05cddf589a7b0afac3886683
45ccc077657e5d4afe3eaef0e3aec84d361b3642
54ebea0e1cad66565de28318ff2f512398bf5732f6f3f3fecea8ad4338b78778

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/10.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-f5f"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/10.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: b4478754e6178ffb914ae2b06c95a632
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/38.jpg

77.95.229.40

200 OK

4.5 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/men/38.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
4.5 kB (4469 bytes)
Hash
bb8309a5630a80a152cff9806ba2f9b0
78b5dfedaa966194a16b79479ee9e09e92ccbcb2
de6b3a986b674221f52f37cf8941d2aad5e0c4100f18378bc132bc4d00356140

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/men/38.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-12a2"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/men/38.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 707148913df9ae596a63dce60927d274
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/3.jpg

77.95.229.40

200 OK

6.0 kB

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/portraits/women/3.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3
Size
6.0 kB (6027 bytes)
Hash
1d63b743a132ff642ee847bdbaaf6898
6c9541e39119d72b2a5707076f90f7f3eab3ea32
7ae9db9990bb424cc1cf68b6af248e7b88e7add27109a6d951eb5b4f881eda98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/portraits/women/3.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-18b2"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/portraits/women/3.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 6e6916e6ec8c2c490f46d904e99c1aed
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/img-xl-2.d08549fc70bd02fa.png

77.95.229.40

200 OK

180 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/img-xl-2.d08549fc70bd02fa.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 1920 x 550, 8-bit colormap, non-interlaced
Size
180 kB (179811 bytes)
Hash
59cbad209290ed27812352bf7c7b6180
f829d53b6da8752b2c70c62d73b1f30d172519c8
603dc3ed7897d83c3d6132ed8b6c3d477000907cc12015bf1a62b9ed8b82b0fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/img-xl-2.d08549fc70bd02fa.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-2beda"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/img-xl-2.d08549fc70bd02fa.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: bfaba48e70013102b8e474d3276b5d41
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/device.10dd5c3c367bf1a2.png

77.95.229.40

200 OK

156 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/device.10dd5c3c367bf1a2.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 1920 x 934, 8-bit colormap, non-interlaced
Size
156 kB (156156 bytes)
Hash
800f41e830cde76a8d7d818e14248558
862d2128ddc2e093bf3ec9189f11f642c119abac
5f2b94bcba24f3ebd649cefb91a227680b9649ca171f7383dccc339e45aa72ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/device.10dd5c3c367bf1a2.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-262ff"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/device.10dd5c3c367bf1a2.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 412be75e4442c175d7097ef7b9d0358f
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/oval.e07d671fa4c0fabc.png

77.95.229.40

200 OK

432 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/oval.e07d671fa4c0fabc.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 70 x 70, 8-bit colormap, non-interlaced
Size
432 B (432 bytes)
Hash
b6af3e352ca17ba354597b8dc952bad2
db43dfa2484d0536eb497e90fb1394e998a1df19
2183b8ceeb933af3a62303d83e623861341c7e9badce4c3614dd76a1c95747dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/oval.e07d671fa4c0fabc.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-1ce"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/oval.e07d671fa4c0fabc.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: be94eb3c578df889d0a66341d00c0c79
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/ic-arrw-r-lrg.721996b360bd9c65.png

77.95.229.40

200 OK

883 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/ic-arrw-r-lrg.721996b360bd9c65.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Size
883 B (883 bytes)
Hash
49d18e6b493ff260538f36f3f12c068c
5db0a75129d2fb5d217084976f4dbf0dba4ce0f5
038fdc7dcc3a0bc27430ff04535d33166e65ff44e8b46bd4192535e7a69f2b15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/ic-arrw-r-lrg.721996b360bd9c65.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-3a2"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/ic-arrw-r-lrg.721996b360bd9c65.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: aa69ab5032d32361f6aa7d18b03a3516
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18492, version 1.0
Size
18 kB (18492 bytes)
Hash
7fda4c62c1bdeae7a08e6fd438104bac
b1f626e78f5f6d7be993303a49eb81f0fa4ce57c
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Oct 2024 04:07:13 GMT
expires: Sun, 12 Oct 2025 04:07:13 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
content-type: font/woff2
age: 300505
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/img-xl-1.57f335a93371b2e2.png

77.95.229.40

200 OK

260 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/img-xl-1.57f335a93371b2e2.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 1920 x 910, 8-bit colormap, non-interlaced
Size
260 kB (259870 bytes)
Hash
a85aeba78558de37eb84bfefd0cd0b49
9b1f950e26b0ccca671ded213cde7062e7af3d28
2d629a5028c0dac0c91d8da536edeeb5a6845fb210e70013f472369656a00ad6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/img-xl-1.57f335a93371b2e2.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-40668"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/img-xl-1.57f335a93371b2e2.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: fb4b084bb9d89daa6ce538acab3cfad7
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/intgrtn/api/v1/projects/details.php?&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&custom2=cs78ni5a6vts738c8pog&locale=en-US&language=location

77.95.229.40

200 OK

11 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/projects/details.php?&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&custom2=cs78ni5a6vts738c8pog&locale=en-US&language=location
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
11 kB (11026 bytes)
Hash
b56f9f0e679068fd036fe42ee08c3df3
beef49cf7af7ff6c83161f3888f8428d119fa6e0
208c77a722bf20eecf38b721aa091dacf5526a2c622e61dff928bcafcdfa0fb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/projects/details.php?&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&custom2=cs78ni5a6vts738c8pog&locale=en-US&language=location HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gringo
PX-X-Request-Id: 97ddc9c06e6a89a83d1149972131bba2
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137

intelligentmoneyoffers.com/the-immediate-edge-30d0/ic-arrw-l-lrg.1c4a83457afefca7.png

77.95.229.40

200 OK

872 B

URL
intelligentmoneyoffers.com/the-immediate-edge-30d0/ic-arrw-l-lrg.1c4a83457afefca7.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 50 x 50, 8-bit colormap, non-interlaced
Size
872 B (872 bytes)
Hash
a8ef51f3028a3a9251bf1cfdd3844426
1c50cd39aa7c85cfe8b77b440cf9c0435afe6c7c
a7340622c6ba463a729c01eebe2459f927ff63352db547fc37779555c495cef7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/ic-arrw-l-lrg.1c4a83457afefca7.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-397"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/ic-arrw-l-lrg.1c4a83457afefca7.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: cc31236c790dfc6c02c9df9e5d09466c
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/icon-blue.3f406497bc234cd0.svg

77.95.229.40

200 OK

3.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/icon-blue.3f406497bc234cd0.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
3.1 kB (3108 bytes)
Hash
02ab5dafbcef9af2e3a82a47abfda205
52b0aadba99bf1c047aeb9a15a19fc99f462ac18
5f1372626e4f0ad44e710dccbfc89d9f04faa66eeaf1d0f97414acd39f08f293

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/icon-blue.3f406497bc234cd0.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:38 GMT
Content-Type: image/svg+xml
Content-Length: 3108
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-c24"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/icon-blue.3f406497bc234cd0.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 174329c3f67b152d3eefe2632575a269
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Accept-Ranges: bytes

GET use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

75 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint1F:CF:A5:6E:0D:27:D7:21:A7:EA:06:61:45:FF:37:40:1C:7D:5B:36
ValidityMon, 09 Sep 2024 23:18:38 GMT - Mon, 09 Dec 2024 00:18:34 GMT

File type
Web Open Font Format (Version 2), TrueType, length 75440, version 329.-1049
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

HTTP Headers

GET /releases/v5.9.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Oct 2024 15:35:38 GMT
content-type: font/woff2
content-length: 75440
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
last-modified: Fri, 22 Sep 2023 01:46:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 2536371
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yrQp7a25bFSz3wqdBVx4bhTYPwOZgb2EA3LHVqMZQHgroVmagL0OfVbpcYarfPHDKA7yLW%2BLY7h5GiXLlwbAlgtDBJwbzoCD%2FECcUNB2Mtvlr%2BzwlV46ScvHxw8b5u7W7HX2X8V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8d30e15439f10b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/favicon.ico

77.95.229.40

200 OK

948 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/favicon.ico
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 28 x 30, 8-bit/color RGBA, non-interlaced
Size
948 B (948 bytes)
Hash
1fbdf735a0dd3e8321c5e0828a45a4d5
22f6a4a3bcaafafb0254e0f2fa4ceb89e505e8b2
2d0a4f5a77c788b084919b1b8cad5713d9dfc3388ef29969c4cb66c28092e683

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/favicon.ico HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=location
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/x-icon
Content-Length: 948
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-3b4"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/favicon.ico
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: a69f2d8114a3c54c7ff8f67bed03d9e7
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/exit-popup-im/

77.95.229.40

200 OK

2.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/exit-popup-im/
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
2.1 kB (2133 bytes)
Hash
793f81dd355e21cd11946699e3ae7b41
a6ea2219e02a7d0b589a3de0434097827419a57f
ec25229e94fede06ff04670ae6a9804348ad6cc98d5d94973a400c4026562bbe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/ HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Upstream: evlampi-***ko
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 64cc5fe9840d09ae29d9b1b70332333b
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/uinames/api/?amount=50&ext&region=Norway

77.95.229.40

200 OK

21 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/uinames/api/?amount=50&ext&region=Norway
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
21 kB (21296 bytes)
Hash
9e64d28aa364fc065f376350829385f9
dbebf580c55f6fdc6d3c6d02c273b2d50c903d41
17439522ad13df3232ea43803a6a2d012b268dd03fbb67c7074374144c5bd0a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/?amount=50&ext&region=Norway HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-Upstream: evlampi-***ko
X-Server: gringo
PX-X-Request-Id: 7892dbf487ed7b02ed171cc40a9d374e
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/i18n/no.json

77.95.229.40

200 OK

8.1 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/i18n/no.json
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
8.1 kB (8107 bytes)
Hash
568892ab8a9b5fe20568d01e7f2403ac
c3a6440e3f651033dcd7c5d90bf3e99a2efc6776
05d340198973672901e8a584db624cb8ebdbffec8fc3aeb232b1465bc75d12c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/i18n/no.json HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/json
Content-Length: 8107
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-1fab"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/i18n/no.json
Accept-Ranges: bytes
X-Server: gringo
PX-X-Request-Id: 66343b83542ef3c2be89e0653ebd0a2b
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/flags/special/no.png

77.95.229.40

200 OK

191 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/flags/special/no.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 550 x 400, 2-bit colormap, non-interlaced
Size
191 B (191 bytes)
Hash
9f077e747533059d00c35952bc10c16e
48de0e4b21d23536986e504f61c654497f14380f
e4af81ba6f48264046e86f2951e292786a47828da3e6199937711949d053b973

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/flags/special/no.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-157"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/flags/special/no.png
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 4fac1b4433b7d36de7ac1e10cb20025e
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/uinames/api/?amount=50&ext&region=Norway

77.95.229.40

200 OK

21 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/uinames/api/?amount=50&ext&region=Norway
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
21 kB (21240 bytes)
Hash
2697537de10ee0b2b403ae616922f9b8
45e6b3659be958abc8b27f40f1ed8954eb3c5a02
aa838e9e4895f7497fb2133d8fead2d29fe6fb1fa88ca1b56aff5f8abe07dd4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/?amount=50&ext&region=Norway HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
X-Upstream: evlampi-***ko
X-Server: gringo
PX-X-Request-Id: 557d3c09d5246dabd4f2d30b28da7a79
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/videothumbnail-no.jpg

77.95.229.40

200 OK

155 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/assets/img/videothumbnail-no.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3
Size
155 kB (155430 bytes)
Hash
d5459aa3b2bed77b4c1edcfe21cd53d2
ef674a9c6bb2b9356d3bf2bdedd0949e06fef08f
ca33559901e487bccf7bc2366e6291ecefc1a8b28bdf9ac332c06da6af329330

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/assets/img/videothumbnail-no.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-261f4"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/assets/img/videothumbnail-no.jpg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 7fe4b7fa8322817343787a3bf7d31c11
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/intgrtn/uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png

77.95.229.40

200 OK

7.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 380 x 52, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7820 bytes)
Hash
1b2a9bef3a77079ff49408406be31b90
8cfb1ae0c25426ab3150f84b4f21abfde419d322
08dedbe39f63b6f4ed6f208855d2c6232a88a26ebb3ebc8a3767878c1fb4b34c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 22:58:56 GMT
Vary: Accept-Encoding
ETag: W/"620598b0-1e70"
Expires: Thu, 28 Aug 2025 16:57:35 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: a7050ea6db43807c29164c6db676fbfe
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: HIT

GET intelligentmoneyoffers.com/intgrtn/api/v1/integration/assets/img/flags32.png

77.95.229.40

200 OK

45 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/integration/assets/img/flags32.png
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
PNG image data, 32 x 8352, 8-bit colormap, non-interlaced
Size
45 kB (45070 bytes)
Hash
d9783e9c947c7184442c2111424ec896
b6ba479c15af54364e09af6230239c9746a5deae
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/integration/assets/img/flags32.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.70.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Apr 2024 07:24:03 GMT
Vary: Accept-Encoding
ETag: W/"661f7913-afed"
Expires: Thu, 17 Apr 2025 09:23:48 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 3eb2689bd23a887e9c705808bd9c6b4d
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: HIT

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/claim-btn-arrow-right.d4d044128590a38e.svg

77.95.229.40

200 OK

2.0 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/claim-btn-arrow-right.d4d044128590a38e.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
2.0 kB (1994 bytes)
Hash
9d1f2c869eb3ac5943975fef0eb233e0
e9cf70481f0e58faf1ad2021bb5dfbf990114f31
f1838e03d439b71fb67ee3aa361776593497d13b439f63af8847ef70b0c6df57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/claim-btn-arrow-right.d4d044128590a38e.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/svg+xml
Content-Length: 1994
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-7ca"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/claim-btn-arrow-right.d4d044128590a38e.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 02a71041cb688681d1fb4c078447a392
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/claim-btn-arrow-left.5b36f7b4a0b7dfd6.svg

77.95.229.40

200 OK

2.0 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/claim-btn-arrow-left.5b36f7b4a0b7dfd6.svg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
SVG Scalable Vector Graphics image
Size
2.0 kB (2008 bytes)
Hash
b9a188462a5b84d97aba7320035c016b
2bc66de756dbcc2708b432150e531d27eedb7d7a
2f4c006a1fe12832c3ff190fdf180ec7e60aba3a92b789682fe4e9df3a31a57a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/claim-btn-arrow-left.5b36f7b4a0b7dfd6.svg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/svg+xml
Content-Length: 2008
Connection: keep-alive
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: "667d0f93-7d8"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/claim-btn-arrow-left.5b36f7b4a0b7dfd6.svg
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: bcba1b8759c7fae6ab15eaa91609a52a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Accept-Ranges: bytes

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

216.58.207.227

200 OK

11 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11072, version 1.0
Size
11 kB (11072 bytes)
Hash
e7df3d0942815909add8f9d0c40d00d9
cf5032eea3399a58870e8a05e629b006a8c7c3c7
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 23:45:30 GMT
expires: Sat, 11 Oct 2025 23:45:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/woff2
age: 316209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET intelligentmoneyoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&locale=en-US

77.95.229.40

200 OK

1.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&locale=en-US
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
1.8 kB (1841 bytes)
Hash
328306291ba645537b2c5e2be11ce62b
c3654d1b67b63985d17b93c71990e4c718899266
5dc2cf01a581e5d765734ba0cb6d0a289b5118ded34a6dc1f2ce69fac0f27d03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/projects/agreements.php?type=4&clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&locale=en-US HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gringo
PX-X-Request-Id: eb08ca89776a92fe199d69fe6dc82f76
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2

216.58.207.227

200 OK

10 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint68:2C:2F:8B:6E:2C:E2:87:F4:B9:78:87:69:F9:2B:25:59:0D:2D:5B
ValidityTue, 24 Sep 2024 03:16:33 GMT - Tue, 17 Dec 2024 03:16:32 GMT

File type
Web Open Font Format (Version 2), TrueType, length 10356, version 1.0
Size
10 kB (10356 bytes)
Hash
4efa902248ce0cf24b43a3c425c087e1
7e6debe3f3c306c474bb430fe978015a1f3f9f90
f54e327fe0216b69098f40bd76efc355b5e053fc521602092bb1118cde99e364

HTTP Headers

GET /s/roboto/v32/KFOjCnqEu92Fr1Mu51TzBic-CsTKlA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10356
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Oct 2024 16:50:04 GMT
expires: Sat, 11 Oct 2025 16:50:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Aug 2024 20:41:25 GMT
content-type: font/woff2
age: 341135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST intelligentmoneyoffers.com/intgrtn/api/v1/events/add.php

77.95.229.40

200 OK

163 B

URL POST HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/events/add.php
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
163 B (163 bytes)
Hash
a379dbe1870cda8dfb12b0e3eeea0ec9
0c4f32c1c92fd68457427c6e30b793503a4a94e1
d0c3587d9c73ebe324145358fe00e2b07e6abeccd6c16c4704fca4ac651e3170

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /intgrtn/api/v1/events/add.php HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Content-Length: 92
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://intelligentmoneyoffers.com
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gringo
PX-X-Request-Id: e100b3e8ace31174f321c002d8298d7b
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137

GET intelligentmoneyoffers.com/exit-popup-im/css/intgrtn-modal.css?v=1727447283

77.95.229.40

200 OK

828 B

URL GET HTTP/1.1
intelligentmoneyoffers.com/exit-popup-im/css/intgrtn-modal.css?v=1727447283
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
ASCII text, with very long lines (524)
Size
828 B (828 bytes)
Hash
c74fb14cfa8f9d422d09a5f812b59f37
ced3ede92290a6c4a4b586b21504ac0050da99f5
40ea4bb950759b857f790efd2700b9f1b605cdce854469a62c37ee4ca78fdd52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/css/intgrtn-modal.css?v=1727447283 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-1d89"
X-Upstream: stavri-***ko
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: c77a6b5057ecce4f4a3b8ac33ff21315
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/exit-popup-im/css/bootstrap.css

77.95.229.40

200 OK

25 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/exit-popup-im/css/bootstrap.css
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
ASCII text, with very long lines (570)
Size
25 kB (25198 bytes)
Hash
ebc6974f342b0cd34ce48d7398b4cba4
d7d550a5508af454062575f421df142a7c4df8cd
eb8937db42c9ebf8e00f8e2e5cbc14a4a148058a165cdf3a0519aa344f258242

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/css/bootstrap.css HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-2ef5d"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: de4a7eabcf416a7b351b698a15befa0e
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/exit-popup-im/css/style.css

77.95.229.40

200 OK

642 B

URL
intelligentmoneyoffers.com/exit-popup-im/css/style.css
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
ASCII text
Size
642 B (642 bytes)
Hash
4bd48cfdaab4e073c4a7b0239e00fa5a
8ef869404d08a065de7516f0cabe775d24839d50
2f2b7db1dae377202f4e3a9d16287ec62d5d7cb3cffa8b22995fdc655d19e99d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/css/style.css HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-62b"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: 2989b07b1f0ec97daaf34258f2555dd6
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/exit-popup-im/js/jquery.min.js

77.95.229.40

200 OK

35 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/exit-popup-im/js/jquery.min.js
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JavaScript source, ASCII text, with very long lines (522)
Size
35 kB (34932 bytes)
Hash
049f756abe05d0fe50872a02e6b79ab3
9f4f135c4efcbf799265d9305a3e4db1e9e60de3
cff299b55aa6ed2728b3d2b51f97f397879e7b9f01443190365d19f35949f97c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/js/jquery.min.js HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-21041"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: cfdbea241014e53c34f6d9b1b8718c14
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/exit-popup-im/img/stop.png

77.95.229.40

200 OK

5.0 kB

URL
intelligentmoneyoffers.com/exit-popup-im/img/stop.png
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
PNG image data, 200 x 200, 8-bit colormap, non-interlaced
Size
5.0 kB (5046 bytes)
Hash
dc00ec155d13ead977b78ed4a15dff43
8849b2d3ce65aaf398f093f90f4a2d5af371b66b
5e4b7d13b0771dc1ef3266ff906022c74b05a7baf949646cfea3b462009302ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /exit-popup-im/img/stop.png HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 27 Sep 2024 14:28:03 GMT
ETag: W/"66f6c0f3-13cc"
X-Upstream: evlampi-***ko
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: a4a73011504de891808c54a5cd09e4f5
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/intgrtn/api/v2/integration/app.js?v=12024915154

77.95.229.40

200 OK

34 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v2/integration/app.js?v=12024915154
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33775 bytes)
Hash
83bdab2668d404f7113f6e6869bb0d39
46315833158afd906bcfbb52e633a2ec2b094e56
795fd1e1b5627d9f2059671fec24225622d49443b32489ff088ab0253723019d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v2/integration/app.js?v=12024915154 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Oct 2024 14:13:14 GMT
Vary: Accept-Encoding
ETag: W/"670e787a-3ef5d"
Expires: Wed, 15 Oct 2025 15:35:39 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 1a6d3a47ba9ba0700dda2c207bfb173c
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: MISS

GET intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.70.1

77.95.229.40

200 OK

8.9 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.70.1
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
Unicode text, UTF-8 text
Size
8.9 kB (8892 bytes)
Hash
c5aaef8b4fac38f9516193512d1d3f76
28ff03466bc5813773a977a6bb03c2685fa93c54
823d1157dd47f546625eaae67213f0b0d2ed4aeca5d71b100a289ee3f8aba213

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/integration/sdk.css?v=2.70.1 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:40 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 30 Sep 2024 13:22:54 GMT
Vary: Accept-Encoding
ETag: W/"66faa62e-1589d"
Expires: Tue, 30 Sep 2025 13:32:55 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
X-Server: gringo
PX-X-Request-Id: 177003662571ea8b0c63ee8765290e7f
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
PX-Cache-Status: HIT

ifdtrcking.com/uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png

193.34.166.106

200 OK

7.8 kB

URL
ifdtrcking.com/uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png
IP
193.34.166.106:0
ASN
#62370 Snel.com B.V.

Certificate
IssuerLet's Encrypt
Subjectifdtrcking.com
Fingerprint4F:84:08:FA:2F:C8:A2:4B:E3:DA:9B:2E:D9:D1:26:0C:4E:96:5A:49
ValidityThu, 29 Aug 2024 02:06:34 GMT - Wed, 27 Nov 2024 02:06:33 GMT

File type
PNG image data, 380 x 52, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7820 bytes)
Hash
1b2a9bef3a77079ff49408406be31b90
8cfb1ae0c25426ab3150f84b4f21abfde419d322
08dedbe39f63b6f4ed6f208855d2c6232a88a26ebb3ebc8a3767878c1fb4b34c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/project_banners/1b2a9bef3a77079ff49408406be31b90.png HTTP/1.1
Host: ifdtrcking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:40 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Feb 2022 22:58:56 GMT
Vary: Accept-Encoding
ETag: W/"620598b0-1e70"
Expires: Tue, 02 Sep 2025 07:05:46 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
PX-Cache-Status: HIT
X-Server: arganto
PX-X-Request-Id: 122daa1d02725a963d42ef2a13382a18

GET intelligentmoneyoffers.com/intgrtn/api/v1/projects/details.php?

77.95.229.40

200 OK

7.8 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/projects/details.php?
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
7.8 kB (7778 bytes)
Hash
441e2beac86609b78c5230ecb9a91b83
ee268d868216658196f38f2b63a17652922354b9
279681db6848bd0292e190fbe389422fc129d4db1a78c2c6718a7ffb928648e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /intgrtn/api/v1/projects/details.php? HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://intelligentmoneyoffers.com/exit-popup-im/
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:40 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gringo
PX-X-Request-Id: 37ab5cbb37313307ca4e1195111346ad
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

POST intelligentmoneyoffers.com/intgrtn/api/v1/events/add.php

77.95.229.40

200 OK

162 B

URL POST HTTP/1.1
intelligentmoneyoffers.com/intgrtn/api/v1/events/add.php
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/exit-popup-im/
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JSON text data
Size
162 B (162 bytes)
Hash
170f7fd0287997a7fddc873cc5792692
63ad2cbfb4146606dff747f3f26952efcf758a6c
1f0dd5a30bb46fa76f00c5814133e520a6510ef1108dded965887ef365e6f95f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /intgrtn/api/v1/events/add.php HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Intgrtn-Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Content-Length: 30
Origin: https://intelligentmoneyoffers.com
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/exit-popup-im/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:40 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://intelligentmoneyoffers.com
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Encoding: gzip
Vary: Accept-Encoding
X-Server: gringo
PX-X-Request-Id: 689fd4346f2b94f5e2be289d1b4b4e45
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137

GET intelligentmoneyoffers.com/uinames/api/photos/male/18.jpg

77.95.229.40

200 OK

8.0 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/uinames/api/photos/male/18.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x240, components 3
Size
8.0 kB (7971 bytes)
Hash
557c1c2fb2a946bb522ffded72f42062
c3aaa84414d9ac40e325133dcadc267c5f3c33e6
cfd51d9be71ff878d52a62e570af1abe336f829c4d56bfc794c5c38c1dc00c23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/photos/male/18.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:44 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 28 Mar 2021 11:21:25 GMT
ETag: W/"606066b5-1f18"
X-Upstream: evlampi-***ko
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 14199f4e3d10f00fa02d182f9287ea5a
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/uinames/api/photos/female/19.jpg

77.95.229.40

200 OK

8.2 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/uinames/api/photos/female/19.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3
Size
8.2 kB (8218 bytes)
Hash
5741efff7d0c580ec6029cf730375e52
decabe6f32fbb7c7da721128ce4e3d4cff5be14a
74d4eda2fddb209ffe6549d63f601d297189535006f34be158cca8180115abce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/photos/female/19.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:49 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 28 Mar 2021 11:21:25 GMT
ETag: W/"606066b5-2052"
X-Upstream: stavri-***ko
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 2f643ac36cafcc920661719999cb2de9
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/uinames/api/photos/male/7.jpg

77.95.229.40

200 OK

10 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/uinames/api/photos/male/7.jpg
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3
Size
10 kB (10495 bytes)
Hash
31a55e7890e4784d2e546e006d7f47d5
9ff993d74b75497d74fe16f2bbe770b185815a5a
31a0930ab8df2581cb0e5aad90d8860314145afe2faede2c5f3cd2180a9693e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/photos/male/7.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:54 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 28 Mar 2021 11:21:25 GMT
ETag: W/"606066b5-2915"
X-Upstream: evlampi-***ko
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 0db6c15a269f0db2bdbe04ab63ef8517
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

intelligentmoneyoffers.com/uinames/api/photos/female/7.jpg

77.95.229.40

200 OK

8.0 kB

URL
intelligentmoneyoffers.com/uinames/api/photos/female/7.jpg
IP
77.95.229.40:0
ASN
#62370 Snel.com B.V.

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x240, components 3
Size
8.0 kB (8009 bytes)
Hash
faa64f6d7a4fc2cf86f3cff8f05ff73e
29c9eb07d7221b1fa41fd066e69e66523c5632f5
1ee7bcc42c2cd37384ad4435b527e18aa6c9b803f7bb339fd22a765c27abf9c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uinames/api/photos/female/7.jpg HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:59 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 28 Mar 2021 11:21:25 GMT
ETag: W/"606066b5-1f43"
X-Upstream: evlampi-***ko
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: dad7de24c027212041d7c2b1ba160f36
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css

77.95.229.40

200 OK

573 kB

URL GET HTTP/1.1
intelligentmoneyoffers.com/the-immediate-edge-30d0/styles.db973a585cae43a7.css
IP
77.95.229.40:443
ASN
#62370 Snel.com B.V.

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
573 kB (573180 bytes)
Hash
e2a8b264a51e3e9c5c3c5916262fcc78
ef8ce030d511a04fbc60a75b262cdeb71f9d59cb
3d2b68e8866fdbb4e0e28b78a093fa325ecdeb68cf19c38545e447a2fd02d5b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/styles.db973a585cae43a7.css HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Oct 2024 15:35:37 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 27 Jun 2024 07:06:59 GMT
ETag: W/"667d0f93-8befc"
X-Upstream: stavri-***ko
PX-Mapped-Request-URI: /the-immediate-edge-b2c6/styles.db973a585cae43a7.css
PX-Cache-Status: HIT
X-Server: gringo
PX-X-Request-Id: 5876aa7820f9acaacc0cb3cf2827f2c9
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006293 1728992137
Content-Encoding: gzip

GET intelligentmoneyoffers.com/the-immediate-edge-30d0/media/video-no.mp4

0.0.0.0

206 Partial Content

0 B

URL GET
intelligentmoneyoffers.com/the-immediate-edge-30d0/media/video-no.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Certificate
IssuerLet's Encrypt
Subjectintelligentmoneyoffers.com
Fingerprint8D:6E:09:30:F6:0A:7C:54:8E:D5:30:F1:6A:E0:CB:F9:81:F0:E5:22
ValidityThu, 19 Sep 2024 02:36:10 GMT - Wed, 18 Dec 2024 02:36:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /the-immediate-edge-30d0/media/video-no.mp4 HTTP/1.1
Host: intelligentmoneyoffers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://intelligentmoneyoffers.com/the-immediate-edge-30d0/?intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK&intgrtn_custom2=cs78ni5a6vts738c8pog&country=NO&intgrtn_redirectReturningLead=auto&intgrtn_lpType=1step&intgrtn_contentType=nopwd
Cookie: intgrtn_clickID=y17LZdl5QDqbW6vJP4ORwWVg9ZzpNgB9YjpxaGrEon23zmAeK; intgrtn_custom2=cs78ni5a6vts738c8pog; intgrtn_redirectReturningLead=auto; intgrtn_locale=en-US; intgrtn_language=no
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 206 Partial Content
Server: nginx
Date: Tue, 15 Oct 2024 15:35:39 GMT
Content-Type: video/mp4
Content-Length: 85865636
Connection: keep-alive
Last-Modified: Mon, 14 Aug 2023 08:25:02 GMT
ETag: "64d9e4de-51e34a4"
X-Upstream: evlampi-***ko
PX-Mapped-Request-URI: /the-immediate-edge-30d0/media/video-no.mp4
PX-Cache-Status: STALE
X-Server: gringo
PX-X-Request-Id: b7f526679f2651e7872bab0aa1b05284
PX-IPCountryISO: NO
PX-IPTimestamp: 1728679092 1729006268 1728992137
Content-Range: bytes 0-85865635/85865636

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Mnemonic Secure DNS

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash