urlscan.io logo urlscan.io
SecurityTrails logo

iir.ai Open in urlscan Pro
2606:4700:3033::681c:1f0a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pinkhindi.com/8KxOzq
Effective URL: https://iir.ai/8KxOzq
Submission: On May 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 8 countries across 52 domains to perform 219 HTTP transactions. The main IP is 2606:4700:3033::681c:1f0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is iir.ai.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 19th 2020. Valid for: 8 months.
This is the only time iir.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:201... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
16 172.217.22.98 15169 (GOOGLE)
1 2600:9000:209... 16509 (AMAZON-02)
1 54.230.55.229 16509 (AMAZON-02)
10 151.139.241.23 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.190.81 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
7 104.16.108.219 13335 (CLOUDFLAR...)
1 104.16.108.143 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
57 2a00:1450:400... 15169 (GOOGLE)
3 104.16.108.10 13335 (CLOUDFLAR...)
4 6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.216.236.141 16509 (AMAZON-02)
1 145.239.193.145 16276 (OVH)
1 198.148.27.132 19189 (PULSEPOINT)
1 52.222.182.23 16509 (AMAZON-02)
1 2 185.86.137.114 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 145.239.193.51 16276 (OVH)
3 51.89.9.252 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
5 52.213.246.150 16509 (AMAZON-02)
2 2 185.86.139.89 201081 (SMARTADSE...)
2 2 185.33.220.243 29990 (ASN-APPNEX)
1 104.16.91.60 13335 (CLOUDFLAR...)
2 2 185.64.189.110 62713 (AS-PUBMATIC)
7 7 172.217.23.130 15169 (GOOGLE)
1 18.185.173.123 16509 (AMAZON-02)
1 2600:9000:201... 16509 (AMAZON-02)
1 104.27.150.219 13335 (CLOUDFLAR...)
1 91.228.74.217 27281 (QUANTCAST)
1 54.230.182.94 16509 (AMAZON-02)
2 2.18.234.21 16625 (AKAMAI-AS)
1 2600:9000:201... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2600:9000:207... 16509 (AMAZON-02)
4 5 52.208.216.178 16509 (AMAZON-02)
2 2600:9000:207... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.228.220.169 16509 (AMAZON-02)
2 2600:9000:207... 16509 (AMAZON-02)
1 18.156.186.116 16509 (AMAZON-02)
1 52.222.182.37 16509 (AMAZON-02)
1 1 54.175.47.189 14618 (AMAZON-AES)
1 2.21.38.73 20940 (AKAMAI-ASN1)
6 94.130.240.251 24940 (HETZNER-AS)
2 4 35.157.249.55 16509 (AMAZON-02)
2 3 185.33.221.14 29990 (ASN-APPNEX)
1 54.38.64.100 16276 (OVH)
3 151.101.113.44 54113 (FASTLY)
1 3 104.111.214.103 16625 (AKAMAI-AS)
3 151.101.13.44 54113 (FASTLY)
1 54.36.109.166 16276 (OVH)
1 116.202.50.131 24940 (HETZNER-AS)
1 2.18.232.130 16625 (AKAMAI-AS)
2 5 3.124.245.94 16509 (AMAZON-02)
4 4 37.157.6.247 198622 (ADFORM)
3 6 35.157.238.72 16509 (AMAZON-02)
2 4 52.58.57.174 16509 (AMAZON-02)
219 67
1    2606:4700:3037::681b:a587 (United States)

ASN13335 (CLOUDFLARENET, US)
pinkhindi.com
7    2606:4700:3033::681c:1f0a (United States)

ASN13335 (CLOUDFLARENET, US)
iir.ai
6    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2016:4a00:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02, US)
dc5k8fg5ioc8s.cloudfront.net
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:20::681a:ef6 (United States)

ASN13335 (CLOUDFLARENET, US)
clk.sh
16    172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2093:9600:15:b448:1e80:21 (United States)

ASN16509 (AMAZON-02, US)
d1ks8roequxbwa.cloudfront.net
1    54.230.55.229 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-229.ham50.r.cloudfront.net
d3al52d8cojds7.cloudfront.net
10    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    52.222.190.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-81.ham50.r.cloudfront.net
boudja.com
13    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    104.16.108.219 (United States)

ASN13335 (CLOUDFLARENET, US)
arisonoping.club
1    104.16.108.143 (United States)

ASN13335 (CLOUDFLARENET, US)
aphycolourses.info
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
1    2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com
57    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
3    104.16.108.10 (United States)

ASN13335 (CLOUDFLARENET, US)
rightenedetu.site
6    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    52.216.236.141 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    198.148.27.132 (New York, United States)

ASN19189 (PULSEPOINT, US)
tag.contextweb.com
1    52.222.182.23 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-23.ham50.r.cloudfront.net
p.cpx.to
2    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ced-ns.sascdn.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
3    51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
7    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    52.213.246.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
s.cpx.to
2    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    185.33.220.243 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
2    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
7    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net
cm.g.doubleclick.net
1    18.185.173.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
1    2600:9000:2016:b400:b:187f:8500:21 (United States)

ASN16509 (AMAZON-02, US)
d7016uqa4s0lw.cloudfront.net
1    104.27.150.219 (United States)

ASN13335 (CLOUDFLARENET, US)
r.routemob.com
1    91.228.74.217 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
1    54.230.182.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-182-94.ham50.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
1    2600:9000:2016:7c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700:e6::ac40:c107 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2600:9000:2070:1800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
5    52.208.216.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-216-178.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    2600:9000:2070:b200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.quantcast.mgr.consensu.org
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    54.228.220.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    2600:9000:2070:5400:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
vendorlist.consensu.org
1    18.156.186.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-186-116.eu-central-1.compute.amazonaws.com
apis.quantcast.mgr.consensu.org
1    52.222.182.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-37.ham50.r.cloudfront.net
audit.quantcast.mgr.consensu.org
1    54.175.47.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-47-189.compute-1.amazonaws.com
api.news-headlines.co
1    2.21.38.73 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-73.deploy.static.akamaitechnologies.com
images.outbrainimg.com
6    94.130.240.251 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.251.240.130.94.clients.your-server.de
shb.richaudience.com
4    35.157.249.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
ice.360yield.com
3    185.33.221.14 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
3    151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
3    104.111.214.103 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
3    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    54.36.109.166 (Germany)

ASN16276 (OVH, FR)
PTR: p10.id5-sync.com
id5-sync.com
1    116.202.50.131 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm021.richaudience.com
sync.richaudience.com
1    2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    3.124.245.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
ad.360yield.com
4    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
6    35.157.238.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
euc-ice.360yield.com
4    52.58.57.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
match.360yield.com
Apex Domain
Subdomains		 Transfer
34 googlesyndication.com
f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
93 KB
31 ampproject.org
cdn.ampproject.org
827 KB
27 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
161 KB
19 360yield.com
ice.360yield.com
ad.360yield.com
euc-ice.360yield.com
match.360yield.com
16 KB
14 gstatic.com
fonts.gstatic.com
www.gstatic.com
279 KB
10 themoneytizer.com
ads.themoneytizer.com
161 KB
7 richaudience.com
shb.richaudience.com
sync.richaudience.com
1 KB
7 consensu.org
quantcast.mgr.consensu.org
static.quantcast.mgr.consensu.org
vendorlist.consensu.org
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
170 KB
7 google.com
adservice.google.com
www.google.com
418 B
7 arisonoping.club
arisonoping.club
7 KB
7 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
34 KB
7 iir.ai
iir.ai
221 KB
6 taboola.com
cdn.taboola.com
trc.taboola.com
312 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
5 KB
6 cpx.to
p.cpx.to
s.cpx.to
7 KB
6 cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
d1ks8roequxbwa.cloudfront.net
d3al52d8cojds7.cloudfront.net
d7016uqa4s0lw.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
284 KB
5 adsrvr.org
match.adsrvr.org
3 KB
4 adform.net
track.adform.net
1 KB
4 smartadserver.com
ww1097.smartadserver.com
sync.smartadserver.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 onetag-sys.com
onetag-sys.com
452 B
3 rightenedetu.site
rightenedetu.site
2 KB
2 4dex.io
script.4dex.io
19 KB
2 pubmatic.com
image2.pubmatic.com
1 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 clk.sh
clk.sh
78 KB
1 id5-sync.com
id5-sync.com
435 B
1 tmyzer.com
c.tmyzer.com
200 B
1 outbrainimg.com
images.outbrainimg.com
36 KB
1 news-headlines.co
api.news-headlines.co
413 B
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 casalemedia.com
as-sec.casalemedia.com
330 B
1 quantcount.com
rules.quantcount.com
963 B
1 indexww.com
js-sec.indexww.com
12 KB
1 quantserve.com
secure.quantserve.com
8 KB
1 routemob.com
r.routemob.com Failed
189 B
1 bidswitch.net
pool.grid-data.bidswitch.net
300 B
1 truoptik.com
dmp.truoptik.com
1 zeotap.com
spl.zeotap.com
1 criteo.com
gum.criteo.com
329 B
1 sascdn.com
ced-ns.sascdn.com
9 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 amazonaws.com
s3.amazonaws.com
18 KB
1 google.be
adservice.google.be
952 B
1 aphycolourses.info
aphycolourses.info
14 KB
1 boudja.com
boudja.com
367 B
1 recaptcha.net
www.recaptcha.net
918 B
1 googletagmanager.com
www.googletagmanager.com
32 KB
1 pinkhindi.com
pinkhindi.com
451 B
0 semasio.net Failed
uipglob.semasio.net Failed
219 52
Domain Requested by
31 cdn.ampproject.org securepubads.g.doubleclick.net
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
iir.ai
cdn.ampproject.org
ads.themoneytizer.com
16 securepubads.g.doubleclick.net iir.ai
securepubads.g.doubleclick.net
13 fonts.gstatic.com iir.ai
cdn.ampproject.org
10 ads.themoneytizer.com iir.ai
ads.themoneytizer.com
7 cm.g.doubleclick.net 7 redirects
7 pagead2.googlesyndication.com iir.ai
securepubads.g.doubleclick.net
7 arisonoping.club d1ks8roequxbwa.cloudfront.net
d3al52d8cojds7.cloudfront.net
d7016uqa4s0lw.cloudfront.net
7 iir.ai iir.ai
6 euc-ice.360yield.com 3 redirects
6 shb.richaudience.com ads.themoneytizer.com
6 www.google.com 4 redirects ads.themoneytizer.com
6 fonts.googleapis.com iir.ai
securepubads.g.doubleclick.net
5 ad.360yield.com 2 redirects
5 match.adsrvr.org 4 redirects js-sec.indexww.com
5 s.cpx.to p.cpx.to
iir.ai
4 match.360yield.com 2 redirects
4 track.adform.net 4 redirects
4 ice.360yield.com 2 redirects
4 googleads.g.doubleclick.net iir.ai
3 trc.taboola.com cdn.taboola.com
iir.ai
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
iir.ai
3 cdn.taboola.com iir.ai
cdn.taboola.com
3 ib.adnxs.com 2 redirects ads.themoneytizer.com
3 onetag-sys.com ads.themoneytizer.com
3 rightenedetu.site iir.ai
2 vendorlist.consensu.org quantcast.mgr.consensu.org
2 static.quantcast.mgr.consensu.org ads.themoneytizer.com
quantcast.mgr.consensu.org
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
2 www.google-analytics.com www.googletagmanager.com
iir.ai
2 clk.sh iir.ai
2 dc5k8fg5ioc8s.cloudfront.net iir.ai
dc5k8fg5ioc8s.cloudfront.net
1 acdn.adnxs.com ads.themoneytizer.com
1 sync.richaudience.com ads.themoneytizer.com
1 id5-sync.com ads.themoneytizer.com
1 c.tmyzer.com ads.themoneytizer.com
1 images.outbrainimg.com iir.ai
1 api.news-headlines.co 1 redirects
1 audit.quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org
1 apis.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 adtrack.adleadevent.com ajax.googleapis.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 ajax.googleapis.com ads.themoneytizer.com
1 rules.quantcount.com secure.quantserve.com
1 www.gstatic.com www.recaptcha.net
1 quantcast.mgr.consensu.org iir.ai
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 r.routemob.com iir.ai
d1ks8roequxbwa.cloudfront.net
1 d7016uqa4s0lw.cloudfront.net iir.ai
1 pool.grid-data.bidswitch.net iir.ai
1 dmp.truoptik.com iir.ai
1 spl.zeotap.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com iir.ai
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 s3.amazonaws.com iir.ai
1 f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.be securepubads.g.doubleclick.net
1 aphycolourses.info iir.ai
1 boudja.com iir.ai
1 www.recaptcha.net iir.ai
1 d3al52d8cojds7.cloudfront.net iir.ai
1 d1ks8roequxbwa.cloudfront.net iir.ai
1 www.googletagmanager.com iir.ai
1 pinkhindi.com 1 redirects
0 uipglob.semasio.net Failed iir.ai
219 76

This site contains links to these domains. Also see Links.

Domain
clk.sh
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-19 -
2020-10-09		 8 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
misc.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
boudja.com
Amazon		 2019-10-02 -
2020-11-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
arisonoping.club
CloudFlare Inc ECC CA-2		 2020-05-11 -
2020-10-09		 5 months crt.sh
aphycolourses.info
CloudFlare Inc ECC CA-2		 2020-03-30 -
2020-10-09		 6 months crt.sh
*.google.be
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
rightenedetu.site
CloudFlare Inc ECC CA-2		 2020-04-08 -
2020-10-09		 6 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2020-05-08 -
2022-05-25		 2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-03-30 -
2020-06-28		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-03-02 -
2020-05-31		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2018-11-13 -
2020-11-13		 2 years crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-03-06 -
2022-03-06		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2019-05-06 -
2020-06-06		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
vendorlist.consensu.org
Amazon		 2020-02-07 -
2021-03-07		 a year crt.sh
*.outbrainimg.com
DigiCert Secure Site ECC CA-1		 2020-03-26 -
2021-06-25		 a year crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
c.tmyzer.com
Let's Encrypt Authority X3		 2020-04-11 -
2020-07-10		 3 months crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA		 2020-05-13 -
2020-09-10		 4 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
*.id5-sync.com
Let's Encrypt Authority X3		 2020-04-02 -
2020-07-01		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2020-01-02 -
2021-04-02		 a year crt.sh

This page contains 25 frames:

Primary Page: https://iir.ai/8KxOzq
Frame ID: 7A9B9DD32B2FEAA4D648623C4764BA23
Requests: 110 HTTP requests in this frame

Frame: https://arisonoping.club/UlV2V20zNxU6UjNoFHEYIDlLcl8UcEQRCWM+BW8fPTAHIhUwIhd5Dj46AzMLIDoYI0M8MAJyXxQ5ExABEQEdZw8QPAE4DjUiNx0DHGQlZhkqMxhmCBMvMz8kJT0jGj81ADA/VQESHw5bHgYdGiJjYRIYLiIiJTxVJxkPGgsEEiclJCohIzRfNSY+Fhl3ZzAyACEYMQRdPjY3ZyUYPAUlKAM2GBwAIRs1H1U4HBEeLB48PyQ1BCYzMl8cHCIfL3dnNA0/Bxw/BA44ETcOFRg4HhsmYDFOMT8XHTg+HjoNICMUGywBNTkaF1NlLxsyAhoOGmFHDzsmLBBkXTwCPno0ADAwESAxHUIkLhA+AxwXPTE1LgY8GiBmDxAdAnJfEAFGMxU3Eh4cOgU6Gh08JRA6Ohl3ZzAYXSoiED4oABQfMx80ZREYJytlGxFdEDsQH10wFCIWBRsXRxoOEz1AAyg2LC8fWAICRSMKNBBDBjdhLU8UGjU+Oi1VAAE+FiQ3EAIyDxpkQQ8FKnBEEUs4Jhk5HW8mIA4DJAUiPC8WPjQh
Frame ID: DDBB70745CFD52D3F4A50E66F7E8A936
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 5DED1A74F174117F5E91002A9ED01DAB
Requests: 18 HTTP requests in this frame

Frame: https://arisonoping.club/ekRwNWQbJhNYWxt5EhMRCChNEFY8YUJzAEklHABWHnwTWg4eN0cbBxYrBVECCCseQUoUIQQQVjwSJnMUDxEcUlc0FTEFPgMFCnYJQzIqBxAeHh0MHTcGQAwqExYedAM3LDJhXBECQl4+HAYfWjQ9KB9mIE5xP19VLiA0BVI1Ej5fAhARVQcmPgNJRgcTcBVlMDQ0P2QpEg0aRlA8LhMDKBQzEnhWL3E+ZzVNCjRSUyl2MVA9IhYVUVYKLxNSKQALCgVUPS5ARzQyfRRwLEspEVIHQgg0cFYpdjJaKy43PlFWCi8+Z1VJJR1kDSl2Mlo+LSsIbFYNCBIFSR53EVg1TQwZfFQ3F0B5KT4JSXkPDiM4WCIKEyhNFiMqSVY9FAVVByI3LB8QVjwKOHMLNhwURD4+HTh6MEs8EXNQSxQkVhw7HAQMPhcrPnoNFXM+QhBJJRh/EC0qCFoBFygqbCM8chEEDAgiJ28VMhA9EFY4CiNSLB52H2YGS3UcUQkeNyN2ABYJN1kAIxAbTAUsJwdsMDgwNHIHQwkkQi8bLkFZBix1HXoJL2FCdycXBUh4MB1iGkYLFDRNWTUDFRV/IUsJ
Frame ID: 89361EF2686010F2913C3CABAEEE1C95
Requests: 1 HTTP requests in this frame

Frame: https://arisonoping.club/RGg3d0wlClQacyVVVVE5NgQKUn4CTQUxKHcJW0J+IFBUGCYgGwBZLygHQhMqNgdZA2IqDUNSfgI7eDMFdwpcQi4cPlw+LxEQVSJ9Cl1zEBUMPllPKRMtZjUFAQ9nJhh8UWM/AnwuQB8pHC5yEgYMEFYyHitYbzZ0Ajt0PRYcLnUjLQJZVCEKCk0FMQQoJmMzBAklcTIFFAsGISgQOVQeGgIlZC8NIyZ/NigIDnYQLRMPDwMZEhBzNhh1OXEAHTcJQBgPHA92QRQSXGQvBHE+YkYeCA52HygWLUNPDwEHZC8EcCJ2GiQiDVoUBAwDQ08PAiZ/PyUODGUhYQ0lfSEKAy1bAAUAOXI2HQxYeDE7Eg1tGwIlOUA6JQw5dUcfdx9+LyBwLnwPfAUqQBw+E1lbLh52G3w2IBUvZzEoIj1cA3QiD2IzHQxcYDYdBgtTDxUAKWETPgcPfTIIPQBtJgpxJFE/eAwqcRsrBx9mJQt3JlQ2HRYMe0Z4BixQD38cKWEhGz0cUyEKCj98ACcCKnEYPwc+bSMUBxhTIg1iAkQYIjRVQSY/MCl8DgoiBlEHJgAA
Frame ID: C0BCC7F97E34B365095F7B3851C66629
Requests: 1 HTTP requests in this frame

Frame: https://arisonoping.club/OHd5V2dZFRo6WFlKG3ESShtEclV+UksRAwsWFWJVXE8aOA1cBE55BFQYDDMBShgXI0lWEg1yVX5ALRIhUBYvOBF0EEEHPWwQFhUxah4fDwNhL0sjFnMPMBApfA9BHABpFTMFPnsyOG5RczIaMy57H0ECVwBFNQRffyExIBd0ADMCBgoYHhU2TBkcEARuMC0CCV42MBIsbC4MFh99UksRK1IDMR8jTA81FlNsOgAWE3kyATgkViUpAD8BUksVBG0cPBgeABg9L1cJJwA7Im8fEScECTI4GSNfHD0CH1cROiAmexlAclV6FChjBl5ETC8gbQ8WMS96JTc6Eww/FXo1eRFKYh95NRImLnsmLhMjXxkyFTF1FjgnV20bTGcBCxM8AFVIHDIwDFw5ABUMbQ4JclV+ERcSKXkzPCc9fjkjBzRTHjowPUIWIRk1ex0wclV6Ox4gKl5ETR8xVEZJMSABJCE6DwkVSBUBYUUVLTJqGE4cDnkjOB9eHUU7FVZqFhsALUEhSW8RWyQvBDBVHA0dVnImNh8yVCEeIxFzJCgfI28+CTQhYhYbPlJPNShmCHM0KBNBUgQWORcFPBQWDm8UAAJRUQ
Frame ID: 5BE63E1E6B4EBDB24B91D429EE04E467
Requests: 1 HTTP requests in this frame

Frame: https://arisonoping.club/VWVodDE0BwsZDjRYClJEJwlVUQMTQFoyVWYEBEEDMV0LG1sxFl9aUjkKHRBXJwoGAB87ABxRAxM8DDx0ZgdbH2kdCQM+YzIkMSEAHyo8IVIUPVgyYhJVOTV3IjclJmAYQFoyYBEGKzdzJjQmRQgzKQFBaQQdPRBiACg6NUkyBC4TQR8tKhtiFgldEncHMz4hWmQ2KiFSFCADH2ICDR8wdi0rODdZJio+RHgaNyofVAE0MSJ2FyQ7LGVsJzADVR42WCZrAgJcFXkHXCw1cDoGPjVgIT0tLnMNAi06dAdVOyxkPj8tMmMeNlglVAcgGDhjFA47LGQ5IzkjHD0APCdFEC0DBH0HJyo8eS0wOjZdHCstHAETIAREFGcjOSF4FDQ9BHIDJD4SZAddMiVGHDM9IX9lNgMAdB0zXDF5EyMsNkYyBi4MQQw3BAx2BDM5PHItFgshWiUpJR9oETQ9GFAEAioQYBMVKTVnDwY6H3cQIQBMZxRUXT9iLy8tNnc9PTpEUgciAyVgBAI6F3YXLyswVmQkLTFrAzIAA2MTVCYseRAzLzZ3Jgc6JmcBPTpEYxASTh5COgsYSUM5I1wyBDIHDDJZZTIy
Frame ID: FC95BE3DDD68F14A0EDADA2A03140437
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1589763727005
Frame ID: 5881AAE03DC5825BF6B28EDE6CF00F53
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: D8591DF87B2136E9D42BBE21F7871DDB
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: CC256D199FB9E2CEA7E20AEBDA14A221
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: EF001E8FE5F5C1764263642BE8696840
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: EB923023EE6E1BA4A22E5837367C3ED1
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: B08C111550B71DB8CEE83CE09B632405
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: BC145E0C22BC2D88C0E295D5D8B61FCF
Requests: 18 HTTP requests in this frame

Frame: https://arisonoping.club/N2h6WGhWChk1V1ZVGH4dRQRHfVpxTUgeDABYS24dRglOK1hbH1Q7BFgdHj4aWAYOdgZSHF9qLlQmSzQlei4sDSZeIi05A3ofMRlZXiktaVB0LysKJU1RHBdYUwM+Py1dDTtoAG8FNBw4ZVwtET0HURkJIk0/AD8BYVodCjh0Ii45KW1NSB4kYTlJGwUGGSgMOXwmORYjZy4JaSRlPhQ7P08BOxApcQktCgx5LisvIVw5TAoscRg7IAtkCUkgMnhYN2AhdT4UGhJmHC9rKXEJKRYsVCksKCZ1PhQaWl9QGGo5cyoUMzJUKSwoJGIpFg8SQF8sDAxUJT51D2EySR4bUR8ebypwUQoZBWIONzE6cic8LFBRBjQvKmADHQ88AjscEFx2JRYRXn1ZQ2AtWhxCDRIGLjQxLmELOw0OUh8obyoEDF9qLnVaGRcMBFg9Oip9GhwdJQc9Lj9NBSotAClxIEkzLG4AFikNXzEdGwIGTUgeKQUyLQhbDyI0L1wODUsSD2ICDSk+cFkpOSBELCMOPlgjPAoGYhINLU5dGxU2GAoqSy4nYwUUbhxTOg
Frame ID: DEA684134553AD694CA5010AA4DC34D7
Requests: 1 HTTP requests in this frame

Frame: https://r.routemob.com/i/ic/EOw4NfQk9k2O4CSrKJ0B8i1oQklT2Zf1BHUavEolXgflY86doyGCSbfUDGwzMo7SZmA1s_miXX9TLplQxj2dnkP_ozd9EDX81IPifRi8qGbYTDfNXdoazdqUk8muSsue7MR1hRemQVCdoIO80ospbhwoic8-2hi5i8Q8fyWCPRHpJ3npJUfINi6OFwGylPbqts0II2vyIpCDbpezX2hKg_WVKneKQpsSTjY9DBZKxk7v-Gtlw8PZ2chIyDV03MPRwctSgHSgCfvCebP40N54jkayhMzam_q4JEzh9UQoPr-sezJ3rxS1-stWsb1jOab0LqsWrPy1wbR-SSeW_sDGqfDalnWYSWQ
Frame ID: 038ACB3862A662743BA649717CCD1FF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=fi5gvz5gt193
Frame ID: DA73B3E9AC2FC9B43F29B431B7E5E212
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v33/cmp-3pc-check.html
Frame ID: FD3F906FE19C3FFF43907F9809E5FF66
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=yyvlsv8ctqe4
Frame ID: D74FE895964D5991C0F9A65E3F9D30C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 49842457D2CECF4CFE18DAAA9B390CC4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 1675D91FB565287B6EA7B500870499F7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: DF3DB254D6DFBF51BDA7C2F7BBCE0988
Requests: 7 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3842620850
Frame ID: 196957C953BF132B6FFF437EC5D4C54E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F823A56FD967F8ECCB9CF1DB9BA7A394
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1589763741585
Frame ID: E1C8AC82712DA9765D3FF1FC456BA4F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://pinkhindi.com/8KxOzq HTTP 301
    https://iir.ai/8KxOzq Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

219
Requests

99 %
HTTPS

37 %
IPv6

52
Domains

76
Subdomains

67
IPs

8
Countries

2835 kB
Transfer

8260 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pinkhindi.com/8KxOzq HTTP 301
    https://iir.ai/8KxOzq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 63
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 83
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3a%2f%2fs.cpx.to%2fsync%3fdsp%3dsmart_ad_server%26dsp_uid%3d%5bsas_uid%5d%26fid%3d01fe907c-16d5-43b3-a6f2-33358566aef5&cklb=1 HTTP 302
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4384741408697998639&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Request Chain 84
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=6330663402096317525&pid=11528&ref=&hn_ver=10&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Request Chain 86
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5830E5E9-B793-4D88-A999-41465DBCD616&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5 HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5&google_gid=CAESEGlE30heiO0mLQN7SCsK920&google_cver=1
Request Chain 91
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 108
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 144
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 166
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO4bg_8tf1gXZpwwNxLlwMjIBZbsx6FOmuS8yRTg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO4bg_8tf1gXZpwwNxLlwMjIBZbsx6FOmuS8yRTg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=&mm_bnc&mm_bct&UUID=7bb75ec1-de93-4f00-a156-c039b328a933 HTTP 302
  • https://id5-sync.com/c/12/3/7/3.gif?puid=7bb75ec1-de93-4f00-a156-c039b328a933&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/6/4.gif?puid=6696632447094057129&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/5/5.gif?puid=876c355912622dc36fbccafe2e65e983&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/4/6.gif?puid=384baad8-3c0d-422b-b475-3ae87420f7bf&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/3/7.gif?puid=35076631-98a3-11ea-a011-426c53b1b576&gdpr=1&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 184
  • https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp&c=BE&user_id=aec17b74-0783-4e84-935d-1c1d110f1cd3&publisher_key=ADMVN0301PH&sub_id=default&provider_id=30&uipa=odiUmtaYlJe5lJeZnG==&req_id=0902e956774c269fe4c3a06ec39debf8d1f2a_ADMVN0301PH&click_id=us_57f8de6b-ae2f-43f1-9020-8ae646fb25c9030odiUmtaYlJe5lJeZnG==&bid_amount=0.01271&sub_id_original=832300&language=en&imp=http%3A%2F%2Flog.outbrainimg.com%2FloggerServices%2FwidgetGlobalEvent%3FrId%3D88ba12b03a49fd523ace5095274ebebd%26pvId%3D88ba12b03a49fd523ace5095274ebebd%26sid%3D7252956%26pid%3D39036%26idx%3D0%26wId%3D294%26pad%3D1%26org%3D0%26tm%3D0%26eT%3D0%26p_key%3DADMVN0301PH%26provider%3D30 HTTP 307
  • https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Request Chain 196
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22168c213403ebc07%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%225d120055-b37e-4af4-8229-7ad2f830f7e1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22170359dbd108c67%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%2231ff37d4-af8f-4c4e-81a5-852a1edacce0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221849584b8c41c7c%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22598d6c62-b3a4-4000-9b09-1141368fe0e3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2219c2f4ef11eab4b%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%22fd96e8c2-ea64-471a-9841-1f6a7d67aba0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%222075d85bfce975%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%226e55fd36-41b7-4ccd-982b-bee7679f93df%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22168c213403ebc07%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%225d120055-b37e-4af4-8229-7ad2f830f7e1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22170359dbd108c67%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%2231ff37d4-af8f-4c4e-81a5-852a1edacce0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221849584b8c41c7c%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22598d6c62-b3a4-4000-9b09-1141368fe0e3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2219c2f4ef11eab4b%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%22fd96e8c2-ea64-471a-9841-1f6a7d67aba0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%222075d85bfce975%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%226e55fd36-41b7-4ccd-982b-bee7679f93df%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Request Chain 197
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221177f9d40a6e44%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2244074fea-16b4-4250-8005-d891791459a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221177f9d40a6e44%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2244074fea-16b4-4250-8005-d891791459a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Request Chain 211
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9=
Request Chain 218
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&google_tc= HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1
Request Chain 219
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
Request Chain 220
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349 HTTP 302
  • https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
Request Chain 221
  • https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 302
  • https://euc-ice.360yield.com/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 302
  • https://euc-ice.360yield.com/ul_cb/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
Request Chain 222
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349 HTTP 302
  • https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-PfWXpssR6iEYjLLRVyTWw&google_cm&publisher_dsp_id=340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-PfWXpssR6iEYjLLRVyTWw&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1 HTTP 302
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RQzSVCFYTr-QZLimrZ3XiA&google_cm&publisher_dsp_id=340 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RQzSVCFYTr-QZLimrZ3XiA&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1 HTTP 302
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1
Request Chain 225
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854 HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854

219 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 8KxOzq
iir.ai/
Redirect Chain
  • https://pinkhindi.com/8KxOzq
  • https://iir.ai/8KxOzq
43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdee90cdcdeca890ba3a5577475c75484050a592f6ecb75f79bbf050f8dffee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
iir.ai
:scheme
https
:path
/8KxOzq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:03 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3247ac2598b87252232efb172d13c07d1589763723; expires=Wed, 17-Jun-20 01:02:03 GMT; path=/; domain=.iir.ai; HttpOnly; SameSite=Lax; Secure AppSession=74b72fca6bd01595cf1d87f8f2cbd8f4; path=/; HttpOnly; secure csrfToken=4aa9c67d1d8edbd48bddf8acd6261216f36f006eef5804d37ee2c0ea08a115008b8dc083dc388d51e4ad8d9e31a95a567e84a5fe90022276dd3b48c31dd1f1dd; path=/; HttpOnly; secure
cache-control
no-store, no-cache, must-revalidate
cf-railgun
direct (starting new WAN connection)
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5951a6850cadc2ea-FRA
content-encoding
br
cf-request-id
02c6e667210000c2eaad869200000001

Redirect headers

status
301
date
Mon, 18 May 2020 01:02:03 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5bf4cd1ce3d23691af4935cb89eb025f1589763722; expires=Wed, 17-Jun-20 01:02:02 GMT; path=/; domain=.pinkhindi.com; HttpOnly; SameSite=Lax
location
https://iir.ai/8KxOzq
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
vary
User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5951a681da1dd725-FRA
cf-request-id
02c6e665250000d725f70f6200000001
css
fonts.googleapis.com/ 		3 KB
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:03 GMT
server
ESF
date
Mon, 18 May 2020 01:02:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:03 GMT
styles.min.css
iir.ai/cloud_theme/build/css/ 		189 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2382577
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e6689b0000c2eaad878200000001
cf-ray
5951a6875fffc2ea-FRA
expires
Wed, 20 May 2020 11:12:25 GMT
/
dc5k8fg5ioc8s.cloudfront.net/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:4a00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6d41e3891989432a948b5481e675ca29e7ada14791efa7b9c028ae3337a976bd

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-amz-cf-pop
HAM50-C2
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
19760
via
1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
x-amz-cf-id
zvl8143OLDTTY39YphQttQmQ5gdv57qR5VK2BR_1-EQsxL7USagGPQ==
js
www.googletagmanager.com/gtag/ 		82 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5198df46935ff6e7b1fd4ce8b313c15676a0fcd0b1dd740e1127baaac9f51430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33121
x-xss-protection
0
last-modified
Mon, 18 May 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 May 2020 01:02:03 GMT
hmpglogo228x70.png
clk.sh/webroot/modern_theme/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clk.sh/webroot/modern_theme/img/hmpglogo228x70.png
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
11273837
cf-polished
origSize=3621
status
200
content-length
2976
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 04:31:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Thu, 07 Jan 2021 13:24:45 GMT
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e669eb0000175e8436c200000001
accept-ranges
bytes
cf-ray
5951a6897e10175e-FRA
cf-bgj
imgq:100
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
4c21278ee40876c3a993458c626cc7c2c6110db1535db37e521f2e4b5208fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"519 / 211 of 1000 / last-modified: 1589573962"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14773
x-xss-protection
0
expires
Mon, 18 May 2020 01:02:03 GMT
/
d1ks8roequxbwa.cloudfront.net/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2093:9600:15:b448:1e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5418d98533746708c2402e6ac9bb2ea2e0f33f80898518cbbe73afd2cb67cae0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-amz-cf-pop
HAM50-C1
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
27929
via
1.1 e626e3045304034f7160fd4e5f8b6fcf.cloudfront.net (CloudFront)
x-amz-cf-id
XsHw2LwP1gvzj-yCImHXeBaaaKuwfS28JdgSYYZ9zbkkSEEqxkllsw==
sw_2735511.js
iir.ai/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iir.ai/sw_2735511.js
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2061891
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 08 Jan 2020 13:23:12 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e6699b0000c2eaad885200000001
cf-ray
5951a688fa31c2ea-FRA
expires
Sun, 24 May 2020 04:17:09 GMT
/
d3al52d8cojds7.cloudfront.net/ 		297 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3al52d8cojds7.cloudfront.net/?tid=731347
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.55.229 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-55-229.ham50.r.cloudfront.net
Software
/
Resource Hash
b5a3c487fc79f9f759d67143bbacb9850fa4aa1f2eb1f2d45e763bc9e131a785

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:04 GMT
content-encoding
gzip
X-Amz-Cf-Pop
HAM50-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
107358
Via
1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
ElX985Gctz9WQ5QKxqz9vLpWP4hAe5FbT_oEh1hT6e2fG7_ghZU84Q==
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2602
expires
Tue, 19 May 2020 01:01:25 GMT
requestform.js
ads.themoneytizer.com/s/ 		60 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
8ddab07193e55bb90bcfde3d72b1e1d2b74fb04cfcd6a6c268a053d2a6b592c1

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
expires
Tue, 19 May 2020 01:02:11 GMT
ads.js
iir.ai/js/ 		192 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://iir.ai/js/ads.js?ver=6.4.0
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2382576
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Dec 2019 16:40:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e669b10000c2eaad887200000001
cf-ray
5951a6891a5bc2ea-FRA
expires
Wed, 20 May 2020 11:12:26 GMT
script.min.js
iir.ai/cloud_theme/build/js/ 		202 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2382576
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e669b10000c2eaad888200000001
cf-ray
5951a6891a5cc2ea-FRA
expires
Wed, 20 May 2020 11:12:26 GMT
api.js
www.recaptcha.net/recaptcha/ 		742 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eeee06dff51b711e5ba293b08bc85a3d1b57d80be4e7cc05d5989467cbbe4300
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
471
x-xss-protection
1; mode=block
expires
Mon, 18 May 2020 01:02:03 GMT
popunder.gif
boudja.com/ 		35 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boudja.com/popunder.gif
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.190.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-190-81.ham50.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
server
openresty/1.15.8.2
x-amz-cf-pop
HAM50-C2
x-cache
Miss from cloudfront
content-type
image/gif
status
200
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 91f22b7bc376e5af9531f3690bd2d5d3.cloudfront.net (CloudFront)
x-amz-cf-id
WieW4WAQhMVlAxPnPQlMPAmxE0Il9R_Q5PrPM5-QchAkzM3aRDKEzw==
Newbackground.jpg
clk.sh/webroot/img/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clk.sh/webroot/img/Newbackground.jpg
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ef6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8697475
cf-polished
origSize=92083
status
200
content-length
75966
x-xss-protection
1; mode=block
last-modified
Fri, 01 Jun 2018 10:09:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
expires
Sat, 06 Feb 2021 09:04:07 GMT
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e669ec0000175e8436d200000001
accept-ranges
bytes
cf-ray
5951a6897e14175e-FRA
cf-bgj
imgq:100
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://iir.ai

Response headers

date
Sat, 16 May 2020 07:41:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
148808
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14176
x-xss-protection
0
expires
Sun, 16 May 2021 07:41:55 GMT
Cookie set BA44ETcOFRg4HhsmYDFOMT8XHTg+HjoNICMUGywBNTkaF1NlLxsyAhoOGmFHDzsmLBBkXTwCPno0ADAwESAxHUIkLhA+AxwXPTE1LgY8GiBmDxAdAnJfEAFGMxU3Eh4cOgU6Gh08JRA6Ohl3ZzAYXSoiED4oABQfMx80ZREYJytlGxFdEDsQH10wFCIWBRsXRxoOE...
arisonoping.club/UlV2V20zNxU6UjNoFHEYIDlLcl8UcEQRCWM+BW8fPTAHIhUwIhd5Dj46AzMLIDoYI0M8MAJyXxQ5ExABEQEdZw8QPAE4DjUiNx0DHGQlZhkqMxhmCBMvMz8kJT0jGj81ADA/VQESHw5bHgYdGiJjYRIYLiIiJTxVJxkPGgsEEiclJCohIzRf... Frame DDBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/UlV2V20zNxU6UjNoFHEYIDlLcl8UcEQRCWM+BW8fPTAHIhUwIhd5Dj46AzMLIDoYI0M8MAJyXxQ5ExABEQEdZw8QPAE4DjUiNx0DHGQlZhkqMxhmCBMvMz8kJT0jGj81ADA/VQESHw5bHgYdGiJjYRIYLiIiJTxVJxkPGgsEEiclJCohIzRfNSY+Fhl3ZzAyACEYMQRdPjY3ZyUYPAUlKAM2GBwAIRs1H1U4HBEeLB48PyQ1BCYzMl8cHCIfL3dnNA0/Bxw/BA44ETcOFRg4HhsmYDFOMT8XHTg+HjoNICMUGywBNTkaF1NlLxsyAhoOGmFHDzsmLBBkXTwCPno0ADAwESAxHUIkLhA+AxwXPTE1LgY8GiBmDxAdAnJfEAFGMxU3Eh4cOgU6Gh08JRA6Ohl3ZzAYXSoiED4oABQfMx80ZREYJytlGxFdEDsQH10wFCIWBRsXRxoOEz1AAyg2LC8fWAICRSMKNBBDBjdhLU8UGjU+Oi1VAAE+FiQ3EAIyDxpkQQ8FKnBEEUs4Jhk5HW8mIA4DJAUiPC8WPjQh
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:03 GMT
Content-Type
text/html
Content-Length
1231
Connection
keep-alive
Set-Cookie
__cfduid=dc81c688baa30a2e329c19fdb73fb040e1589763723; expires=Wed, 17-Jun-20 01:02:03 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a689aa0afa50-AMS
cf-request-id
02c6e66a0d0000fa5059840200000001
YVJnUjkacBQlZhQgC3ADQzoTJkkSaEh9UAggSTNQTiEQDQtWYVJnCFB8DSEbTXAUP19DaFZ%2BGxUzAA1QBXBdcAFRZ19qAUN%2BRSFMAw0ONgtDaEVgC1ZgV2FfUH9RMFwHf1NrCFh%2FBWJYUH8CYAtXNlBlCQMzXjEbHA
aphycolourses.info/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphycolourses.info/YVJnUjkacBQlZhQgC3ADQzoTJkkSaEh9UAggSTNQTiEQDQtWYVJnCFB8DSEbTXAUP19DaFZ%2BGxUzAA1QBXBdcAFRZ19qAUN%2BRSFMAw0ONgtDaEVgC1ZgV2FfUH9RMFwHf1NrCFh%2FBWJYUH8CYAtXNlBlCQMzXjEbHA
Requested by
Host: iir.ai
URL: https://iir.ai/sw_2735511.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5cabd03b227e6bfb66072a8e89ac6b73e1e2e2ccf44d6f98db3a8bd97b671a7d

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:03 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
02c6e66a280000d92ded129200000001
Server
cloudflare
ETag
W/"8423-YTNWDrZUKS0KRbnfC4NNTDhrIcw"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
CF-RAY
5951a689dae0d92d-AMS
Access-Control-Allow-Headers
X-Requested-With,content-type
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://iir.ai

Response headers

date
Sun, 17 May 2020 09:17:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
56695
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Mon, 17 May 2021 09:17:08 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
344
date
Mon, 18 May 2020 00:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Mon, 18 May 2020 02:56:19 GMT
collect
www.google-analytics.com/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=314520439&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2F8KxOzq&ul=en-us&de=UTF-8&dt=ClkSh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1765777893&gjid=2106194955&cid=775273442.1589763724&tid=UA-113561579-2&_gid=117618658.1589763724&_r=1&gtm=2ou561&z=1904138343
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.be/adsid/ 		109 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=iir.ai
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=iir.ai
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020050602.js
securepubads.g.doubleclick.net/gpt/ 		243 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
sffe /
Resource Hash
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 May 2020 17:23:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89224
x-xss-protection
0
expires
Mon, 18 May 2020 01:02:03 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		53 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763723&dt=1589763723971&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=165&adks=3801215253&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
398fce47f42eab81c69bf6a853e7806649c91aa75ff2b44bf81b56bf92aacf41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		415 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763723&dt=1589763723987&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3714533483&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=128&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
701762a21b73c32dd5ffe21148fbba6b149b6f0e75171a038b9ccb505eeb19f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
rightenedetu.site/ 		35 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rightenedetu.site/popunder.gif
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 18 May 2020 01:02:04 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
6001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5951a68c7f780c69-AMS
cf-request-id
02c6e66bc800000c69febea200000001
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame 5DED 		204 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/
Origin
https://iir.ai

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5698
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame 5DED 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5698
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 5DED 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27156
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf1fef681ae7494f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:29:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 5DED 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5733
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30100
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"023298bf906f9a2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 5DED 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25551
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1637
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eed6b15e1dd2165d"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 5DED 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25554
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15361
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d0b45204c403cb94"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:10 GMT
css
fonts.googleapis.com/ Frame 5DED 		4 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:04 GMT
server
ESF
date
Mon, 18 May 2020 01:02:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:04 GMT
truncated
/ Frame 5DED 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
127193b410d2e8df0edfceca9508efaa6001d1dbef700032b1b1c50ad445435a

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012005012256000/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5716
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7437
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1b9b229ae83eaa45"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:48 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DED 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 02:30:18 GMT
x-content-type-options
nosniff
server
cafe
age
81106
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Mon, 18 May 2020 02:30:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DED 		295 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9467
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5DED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C81j8jN7BXuqkAZaW3gOAnKqgB7KA1pNd9qnXm7sLwI23ARABIIixkR9guei-gNQByAEB4AIAqAMByAMKqgTVAU_QLHlQkL4URl3gKs143uB6OMAKZNEoay_Ml2nxv2_UaOXZtZNw9jZhCQjO0P6X9Kjv5WVeNiJY1VSa9Cyh5iW5McZPHmiTmzewhnXlCG0FCm2Zkn4VPpX94nqSWNqfcs94bNR5dkQ4BV8gkTgQQUYI1L9ItdyKLhh-O7Ba8ntixXUDwtjG4WQS6q9QddhGYTRs5Zvuy5mZXnzqYDCnLTP1Xo0FFnuvfqfflu8jxerpz7vC8eVtSF2U6WM1vzee4WZEJmtJ1pEmpVXpDdZR5Zot_BENJcAE0afszu4C4AQBgAfunPLJAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDkjwbSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=GM7IZPVETWE&tpd=AGWhJmsvCUAqHhcUpusIWK-SPM5Qo0IIqudyaRXW3LZO1NBIMw
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 5DED 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://iir.ai

Response headers

date
Wed, 13 May 2020 00:51:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:26 GMT
server
sffe
age
432611
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Thu, 13 May 2021 00:51:53 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 5DED 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://iir.ai

Response headers

date
Sun, 17 May 2020 18:15:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
age
24373
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Mon, 17 May 2021 18:15:51 GMT
push
arisonoping.club/ 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/push?tid=832300&red=1&cs=bFB0VnpdZkQwHFUxEmYeXjNHNUpc&abt=0&v=0.5.27.0&sm=83&k=daily%20india%20make%20with%20money%20highest%20paying%20best%20shortener&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fiir.ai%2F8KxOzq&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_dE7Q=1589763724303&crc=1
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d579cf295339c8aeb8726e5dc7431e9c6d35a4bc63e64d753e638ad31a03be03

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:04 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NID DSP ALL COR"
Connection
keep-alive
Content-Length
5844
cf-request-id
02c6e66c180000fa5059854200000001
Pragma
no-cache
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type
text/plain
access-control-allow-origin
https://iir.ai
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
Accept-Ranges
bytes
CF-RAY
5951a68cfe10fa50-AMS
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5DED
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 May 2020 01:02:04 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DED 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 02:30:18 GMT
x-content-type-options
nosniff
server
cafe
age
81106
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Mon, 18 May 2020 02:30:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5DED 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9467
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
Cookie set IUsJ
arisonoping.club/ekRwNWQbJhNYWxt5EhMRCChNEFY8YUJzAEklHABWHnwTWg4eN0cbBxYrBVECCCseQUoUIQQQVjwSJnMUDxEcUlc0FTEFPgMFCnYJQzIqBxAeHh0MHTcGQAwqExYedAM3LDJhXBECQl4+HAYfWjQ9KB9mIE5xP19VLiA0BVI1Ej5fAhARVQcm... Frame 8936 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/ekRwNWQbJhNYWxt5EhMRCChNEFY8YUJzAEklHABWHnwTWg4eN0cbBxYrBVECCCseQUoUIQQQVjwSJnMUDxEcUlc0FTEFPgMFCnYJQzIqBxAeHh0MHTcGQAwqExYedAM3LDJhXBECQl4+HAYfWjQ9KB9mIE5xP19VLiA0BVI1Ej5fAhARVQcmPgNJRgcTcBVlMDQ0P2QpEg0aRlA8LhMDKBQzEnhWL3E+ZzVNCjRSUyl2MVA9IhYVUVYKLxNSKQALCgVUPS5ARzQyfRRwLEspEVIHQgg0cFYpdjJaKy43PlFWCi8+Z1VJJR1kDSl2Mlo+LSsIbFYNCBIFSR53EVg1TQwZfFQ3F0B5KT4JSXkPDiM4WCIKEyhNFiMqSVY9FAVVByI3LB8QVjwKOHMLNhwURD4+HTh6MEs8EXNQSxQkVhw7HAQMPhcrPnoNFXM+QhBJJRh/EC0qCFoBFygqbCM8chEEDAgiJ28VMhA9EFY4CiNSLB52H2YGS3UcUQkeNyN2ABYJN1kAIxAbTAUsJwdsMDgwNHIHQwkkQi8bLkFZBix1HXoJL2FCdycXBUh4MB1iGkYLFDRNWTUDFRV/IUsJ
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:06 GMT
Content-Type
text/html
Content-Length
1262
Connection
keep-alive
Set-Cookie
__cfduid=d211a9915a7b67a6031ace7ba151fd3ce1589763726; expires=Wed, 17-Jun-20 01:02:06 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a69aff12fa50-AMS
cf-request-id
02c6e674dc0000fa5059899200000001
Cookie set MCl8DgoiBlEHJgAA
arisonoping.club/RGg3d0wlClQacyVVVVE5NgQKUn4CTQUxKHcJW0J+IFBUGCYgGwBZLygHQhMqNgdZA2IqDUNSfgI7eDMFdwpcQi4cPlw+LxEQVSJ9Cl1zEBUMPllPKRMtZjUFAQ9nJhh8UWM/AnwuQB8pHC5yEgYMEFYyHitYbzZ0Ajt0PRYcLnUjLQJZVCEK... Frame C0BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/RGg3d0wlClQacyVVVVE5NgQKUn4CTQUxKHcJW0J+IFBUGCYgGwBZLygHQhMqNgdZA2IqDUNSfgI7eDMFdwpcQi4cPlw+LxEQVSJ9Cl1zEBUMPllPKRMtZjUFAQ9nJhh8UWM/AnwuQB8pHC5yEgYMEFYyHitYbzZ0Ajt0PRYcLnUjLQJZVCEKCk0FMQQoJmMzBAklcTIFFAsGISgQOVQeGgIlZC8NIyZ/NigIDnYQLRMPDwMZEhBzNhh1OXEAHTcJQBgPHA92QRQSXGQvBHE+YkYeCA52HygWLUNPDwEHZC8EcCJ2GiQiDVoUBAwDQ08PAiZ/PyUODGUhYQ0lfSEKAy1bAAUAOXI2HQxYeDE7Eg1tGwIlOUA6JQw5dUcfdx9+LyBwLnwPfAUqQBw+E1lbLh52G3w2IBUvZzEoIj1cA3QiD2IzHQxcYDYdBgtTDxUAKWETPgcPfTIIPQBtJgpxJFE/eAwqcRsrBx9mJQt3JlQ2HRYMe0Z4BixQD38cKWEhGz0cUyEKCj98ACcCKnEYPwc+bSMUBxhTIg1iAkQYIjRVQSY/MCl8DgoiBlEHJgAA
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:06 GMT
Content-Type
text/html
Content-Length
1255
Connection
keep-alive
Set-Cookie
__cfduid=d211a9915a7b67a6031ace7ba151fd3ce1589763726; expires=Wed, 17-Jun-20 01:02:06 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a69bdffffa50-AMS
cf-request-id
02c6e675680000fa50598a2200000001
Cookie set FXo1eRFKYh95NRImLnsmLhMjXxkyFTF1FjgnV20bTGcBCxM8AFVIHDIwDFw5ABUMbQ4JclV+ERcSKXkzPCc9fjkjBzRTHjowPUIWIRk1ex0wclV6Ox4gKl5ETR8xVEZJMSABJCE6DwkVSBUBYUUVLTJqGE4cDnkjOB9eHUU7FVZqFhsALUEhSW8RWyQvBDBVHA0dV...
arisonoping.club/OHd5V2dZFRo6WFlKG3ESShtEclV+UksRAwsWFWJVXE8aOA1cBE55BFQYDDMBShgXI0lWEg1yVX5ALRIhUBYvOBF0EEEHPWwQFhUxah4fDwNhL0sjFnMPMBApfA9BHABpFTMFPnsyOG5RczIaMy57H0ECVwBFNQRffyExIBd0ADMCBgoYHhU2... Frame 5BE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/OHd5V2dZFRo6WFlKG3ESShtEclV+UksRAwsWFWJVXE8aOA1cBE55BFQYDDMBShgXI0lWEg1yVX5ALRIhUBYvOBF0EEEHPWwQFhUxah4fDwNhL0sjFnMPMBApfA9BHABpFTMFPnsyOG5RczIaMy57H0ECVwBFNQRffyExIBd0ADMCBgoYHhU2TBkcEARuMC0CCV42MBIsbC4MFh99UksRK1IDMR8jTA81FlNsOgAWE3kyATgkViUpAD8BUksVBG0cPBgeABg9L1cJJwA7Im8fEScECTI4GSNfHD0CH1cROiAmexlAclV6FChjBl5ETC8gbQ8WMS96JTc6Eww/FXo1eRFKYh95NRImLnsmLhMjXxkyFTF1FjgnV20bTGcBCxM8AFVIHDIwDFw5ABUMbQ4JclV+ERcSKXkzPCc9fjkjBzRTHjowPUIWIRk1ex0wclV6Ox4gKl5ETR8xVEZJMSABJCE6DwkVSBUBYUUVLTJqGE4cDnkjOB9eHUU7FVZqFhsALUEhSW8RWyQvBDBVHA0dVnImNh8yVCEeIxFzJCgfI28+CTQhYhYbPlJPNShmCHM0KBNBUgQWORcFPBQWDm8UAAJRUQ
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:06 GMT
Content-Type
text/html
Content-Length
1265
Connection
keep-alive
Set-Cookie
__cfduid=d211a9915a7b67a6031ace7ba151fd3ce1589763726; expires=Wed, 17-Jun-20 01:02:06 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a69ce929fa50-AMS
cf-request-id
02c6e6760d0000fa50598a7200000001
Cookie set VWVodDE0BwsZDjRYClJEJwlVUQMTQFoyVWYEBEEDMV0LG1sxFl9aUjkKHRBXJwoGAB87ABxRAxM8DDx0ZgdbH2kdCQM+YzIkMSEAHyo8IVIUPVgyYhJVOTV3IjclJmAYQFoyYBEGKzdzJjQmRQgzKQFBaQQdPRBiACg6NUkyBC4TQR8tKhtiFgldEncHMz4hWmQ2K...
arisonoping.club/ Frame FC95 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/VWVodDE0BwsZDjRYClJEJwlVUQMTQFoyVWYEBEEDMV0LG1sxFl9aUjkKHRBXJwoGAB87ABxRAxM8DDx0ZgdbH2kdCQM+YzIkMSEAHyo8IVIUPVgyYhJVOTV3IjclJmAYQFoyYBEGKzdzJjQmRQgzKQFBaQQdPRBiACg6NUkyBC4TQR8tKhtiFgldEncHMz4hWmQ2KiFSFCADH2ICDR8wdi0rODdZJio+RHgaNyofVAE0MSJ2FyQ7LGVsJzADVR42WCZrAgJcFXkHXCw1cDoGPjVgIT0tLnMNAi06dAdVOyxkPj8tMmMeNlglVAcgGDhjFA47LGQ5IzkjHD0APCdFEC0DBH0HJyo8eS0wOjZdHCstHAETIAREFGcjOSF4FDQ9BHIDJD4SZAddMiVGHDM9IX9lNgMAdB0zXDF5EyMsNkYyBi4MQQw3BAx2BDM5PHItFgshWiUpJR9oETQ9GFAEAioQYBMVKTVnDwY6H3cQIQBMZxRUXT9iLy8tNnc9PTpEUgciAyVgBAI6F3YXLyswVmQkLTFrAzIAA2MTVCYseRAzLzZ3Jgc6JmcBPTpEYxASTh5COgsYSUM5I1wyBDIHDDJZZTIy
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:07 GMT
Content-Type
text/html
Content-Length
1265
Connection
keep-alive
Set-Cookie
__cfduid=d211a9915a7b67a6031ace7ba151fd3ce1589763726; expires=Wed, 17-Jun-20 01:02:06 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a69d99d8fa50-AMS
cf-request-id
02c6e6767b0000fa50598ab200000001
1949bba438
s3.amazonaws.com/834abb9491c4d5bcaecd5f1079d4922e0201d8ef7af0a3eefa6311e9cba/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/834abb9491c4d5bcaecd5f1079d4922e0201d8ef7af0a3eefa6311e9cba/1949bba438
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.236.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bb11244f0a95852dee0badf635d62aa54f4367e6cfade524e75ade4589dff4e4

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:08 GMT
x-amz-meta-pragma
no-cache
x-amz-request-id
E291D32C91FB7EAB
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length
17348
x-amz-id-2
EQy0yCd3uf/2830sNIX5QgusemI+XLtr8FB+axO88WY9F1PVYW5JWeU6kqXIjH+hrY6d0JbavUA=
Last-Modified
Mon, 18 May 2020 00:15:04 GMT
Server
AmazonS3
ETag
"fb937c9840a557a29d92386a98ea5cb3"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://iir.ai
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_ex4&cookie_enabled=1&bc=31&abxe=1&lmt=1589763726&dt=1589763726974&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=299&adks=3880278309&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=21&icsg=43662&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x314&msz=945x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
2eaf808da0fb26b61e7e173f746ec6db8b24cb0c1ad89ef06c1778a8de64a43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10835
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763726&dt=1589763726982&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=614&adks=2252918807&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=25&icsg=174650&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x629&msz=945x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
d4fb95b1914308193ff6a4d8aff8cb502de8dd02a147eeca700124451e1612fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10867
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		52 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2C2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763726&dt=1589763726988&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=50&adks=1372485172&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=29&icsg=698602&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
b88df4c56ec86f1969c677f2a83d5631102721995fdb3b2fbf8e27860ed72f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11823
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		418 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763726&dt=1589763726993&dlt=1589763723414&idt=531&frm=20&biw=1600&bih=1200&oid=3&adxs=392&adys=1109&adks=2688864132&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=33&icsg=2794410&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=512&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
00c560cdd808889700c8ad20e39dd9c958c7c92503791d741e069adffb7d61c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1342511683184141&correlator=4237981952769437&output=ldjh&impl=fif&adsid=NT&eid=21065646%2C21064500&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200518&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589763726&dt=1589763726999&dlt=1589763723414&idt=531&frm=20&biw=1585&bih=1200&oid=3&adxs=643&adys=934&adks=363645630&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2F8KxOzq&dssz=37&icsg=11177642&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x250&msz=945x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=775273442.1589763724&ga_sid=1589763724&ga_hid=314520439&fws=0&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
f9d3a1cfd3170952d8439852d4f1eee78d00888cf4eb69dd4fd74cfce9ec02bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10987
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:07 GMT
Server
nginx
X-IPLB-Instance
29820
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:10 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 19:01:35 GMT
server
nginx
etag
"779a-30ad-59ba5857e2265"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3955
expires
Tue, 19 May 2020 01:02:07 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:06 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Tue, 19 May 2020 01:02:02 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.148.27.132 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:06 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
2
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=166a1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.23 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-23.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 May 2020 13:01:52 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
388816
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
5BkHxhvHk3CA5XrGNV2bmVsfLNHyVhx7qCbSuXAH_Abjz-ZJRGLI6w==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 10:06:15 GMT
server
ECS (fcn/40E6)
cache-control
max-age=86400
age
53692
etag
"308b0663b760da8cd1006f7a3f2458d5:1589537175"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
x-n
S
accept-ranges
bytes
content-length
8932

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Mon, 18 May 2020 01:02:06 GMT
content-length
0
sync
gum.criteo.com/ 		49 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:06 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
strict-transport-security
max-age=31536000
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:07 GMT
Last-Modified
Wed, 28 Nov 2018 09:16:40 GMT
Server
nginx/1.14.2
ETag
"5bfe5cf8-a72"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
/
onetag-sys.com/usync/ Frame 5881 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1589763727005
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1589763727005
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame D859 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
date
Mon, 18 May 2020 01:02:07 GMT
content-type
text/html
set-cookie
__cfduid=d51b86f55171829e7eed06cdc3377b0831589763727; expires=Wed, 17-Jun-20 01:02:07 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=5182cd3b-b0e7-4c39-7dfd-2eb539a5990b; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=5182cd3b-b0e7-4c39-7dfd-2eb539a5990b; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%A9%BC4%27%90%93n+%B6i%FB%FF%C8%13%98%E47%0FLZ%D8%28%FA%F91%87%12%5E4%0B%5D%D9%18%C9%97%F0U%C5%9DF%03%2F4%E5%DA%92o%06df%E6%1C%C8f%B1%24%B3%9Dy%3A%B5%C9e%EE5%ECg%91%BC%3Cs%26%02%B1m%FAu%BB%D6%13%A00%04%AEq%F8%A0%1F2%84%09%09.%91%19F%8F%13; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers
*
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5951a69dfdd005bf-FRA
content-encoding
br
cf-request-id
02c6e676bc000005bf25026200000001
adview
securepubads.g.doubleclick.net/pagead/ Frame 5DED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CoANjjN7BXuqkAZaW3gOAnKqgB7KA1pNd9qnXm7sLwI23ARABIIixkR9guei-gNQByAEB4AIAqAMBqgTVAU_QLHlQkL4URl3gKs143uB6OMAKZNEoay_Ml2nxv2_UaOXZtZNw9jZhCQjO0P6X9Kjv5WVeNiJY1VSa9Cyh5iW5McZPHmiTmzewhnXlCG0FCm2Zkn4VPpX94nqSWNqfcs94bNR5dkQ4BV8gkTgQQUYI1L9ItdyKLhh-O7Ba8ntixXUDwtjG4WQS6q9QddhGYTRs5Zvuy5mZXnzqYDCnLTP1Xo0FFnuvfqfflu8jxerpz7vC8eVtSF2U6WM1vzee4WZEJmtJ1pEmpVXpDdZR5Zot_BENJcAE0afszu4C4AQBgAfunPLJAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDkjwbSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=sRmwLZQfI-M&vt=1
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5DED 		42 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHdRTBYE_jdvMDLUeO9YHMKUN_UMSQtnCgvj7xSesGPDDm-FvP_2qcju2Rn5eS5m8NSb8UN818I9_E45ZV3jZquwjjWz9yNa8VWOQPfNbhjYql&sai=AMfl-YQ8TI-8OMefCPXNMoXE7vP11SUbf78p2HLAde-rluma1WVdR8jbB4hbh_sPgPwd_-llexFtd6b8EDWm5kj-fC31ua46L-KaCe7-i1pP&sig=Cg0ArKJSzJ5b95nan6OZEAE&id=ampim&o=436,165&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=2610&mtos=0,0,2610,2610,2610&tos=0,0,2610,0,0&tfs=128&tls=2738&g=100&h=100&tt=2738&r=v&avms=ampa&adk=3801215253
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fire.js
s.cpx.to/ 		957 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/11528/px.js?r=166a1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6b9029f78abdc61d51af76cb27ee0e2063385255101b5a2ff0e4de4ebf46b86c
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 18 May 2020 01:02:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
957
Expires
Thu, 07 May 2020 10:39:38 GMT
wckr.php
tag.leadplace.fr/ Frame CC25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Server
nginx/1.14.2
Date
Mon, 18 May 2020 01:02:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29922
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame EF00 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/
Origin
https://iir.ai

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame EF00 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EF00 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27159
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf1fef681ae7494f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:29:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EF00 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5736
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30100
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"023298bf906f9a2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EF00 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25554
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1637
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eed6b15e1dd2165d"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EF00 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25557
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15361
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d0b45204c403cb94"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:10 GMT
css
fonts.googleapis.com/ Frame EF00 		5 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:07 GMT
server
ESF
date
Mon, 18 May 2020 01:02:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF00 		295 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
truncated
/ Frame EF00 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b1f6050ea8f74838b5abf9e0d512eeb129b95bd50cce2af7da2257c5bb4817f

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF00 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EF00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSOmfj97BXq16hKLfA4_hjoACoZSWpV3kg4mwtwq_4R4QASCIsZEfYLnovoDUAaAB_9uKyAPIAQHgAgCoAwHIAwqqBN4BT9Aj5pOO7JdR_GkPtXVuwmvfHGd2QijVekVbUN8PyFacuHTzCk0xXn-LQTpolrtFiYHM0Wex_JpQ8Cyxgq-KgpSg26pbVUq9yxSkuHRpv9cgMamo7B0rmbERVM8POQNPiqNcTAPGNqOweePYXxtfezHg4PzP6bTSDNP3DFz0WIfc-r2WWTQnzIpzSyV64cr5-wwz1WXJYE4LHOvw2d1Abk2LaLDJ_f74A-891NrmkUqgoxuVAJOr3mm6-x1Y9Q01PtIugZimi8ViD2nY93LclVkodmfxd0DR1byGWa_ZwASvi_3eqwLgBAGSBQQIBBgBkgUECAUYBIAHhvOcCagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD1iwXSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwyYFgE&sigh=f2t_bRoAnvY&tpd=AGWhJmsC5_yJtXzNv0iZ3-4ziVRdYhIGxM-1YdRqsuQQdhbkGg
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sync
s.cpx.to/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5
  • https://sync.smartadserver.com/getuid?url=https%3a%2f%2fs.cpx.to%2fsync%3fdsp%3dsmart_ad_server%26dsp_uid%3d%5bsas_uid%5d%26fid%3d01fe907c-16d5-43b3-a6f2-33358566aef5&cklb=1
  • https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4384741408697998639&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
95 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4384741408697998639&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 18 May 2020 01:02:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 18 May 2020 01:02:07 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:06 GMT
Transfer-Encoding
chunked
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Location
https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=4384741408697998639&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Expires
-1
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253D%2526hn_ver%253D10%2526fid%253D01fe907c-16d5-43b3-a...
  • https://s.cpx.to/an_fire?app_nexus_uid=6330663402096317525&pid=11528&ref=&hn_ver=10&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=6330663402096317525&pid=11528&ref=&hn_ver=10&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 18 May 2020 01:02:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 18 May 2020 01:02:07 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:09 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid
646d0aaa-2b6f-455d-aba0-918536f374cb
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=6330663402096317525&pid=11528&ref=&hn_ver=10&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync.gif
dmp.truoptik.com/0362536315099b06/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=01fe907c-16d5-43b3-a6f2-33358566aef5&fck=2fbc31e73732c1b8&cbp=dsp_uid
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.91.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D01fe907c-16d5-43b3-a6f2-33358566aef5
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5830E5E9-B793-4D88-A999-41465DBCD616&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5830E5E9-B793-4D88-A999-41465DBCD616&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 18 May 2020 01:02:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 18 May 2020 01:02:07 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=5830E5E9-B793-4D88-A999-41465DBCD616&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
Date
Mon, 18 May 2020 01:02:07 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
448
Content-Type
text/html; charset=iso-8859-1
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5
  • https://s.cpx.to/ca.png?dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5&google_gid=CAESEGlE30heiO0mLQN7SCsK920&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5&google_gid=CAESEGlE30heiO0mLQN7SCsK920&google_cver=1
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.246.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-246-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 18 May 2020 01:02:07 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:07 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=01fe907c-16d5-43b3-a6f2-33358566aef5&google_gid=CAESEGlE30heiO0mLQN7SCsK920&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pool.grid-data.bidswitch.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.173.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EF00 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Sat, 16 May 2020 07:48:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
148420
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sun, 16 May 2021 07:48:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EF00 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2856908
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EF00
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 May 2020 01:02:07 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF00 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EF00 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame EB92 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/
Origin
https://iir.ai

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame EB92 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EB92 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27159
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf1fef681ae7494f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:29:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EB92 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5736
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30100
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"023298bf906f9a2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EB92 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25554
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1637
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eed6b15e1dd2165d"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame EB92 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25557
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15361
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d0b45204c403cb94"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:10 GMT
css
fonts.googleapis.com/ Frame EB92 		5 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:07 GMT
server
ESF
date
Mon, 18 May 2020 01:02:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB92 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB92 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
truncated
/ Frame EB92 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad6680b578a75c955bd5cb7dc5243b0c4ceb1d20362e7bb2c93bcf55e3a5e258

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame EB92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7HiCj97BXu6KDYP73gOL-Z3ADoKn8qJcuPjm_u8KgYD0vsIBEAEgiLGRH2C56L6A1AGgAb3R-dMDyAEBqQJJH9SBeieyPuACAKgDAcgDCqoE2QFP0Nvo_LyR30Gl5X7jbwyJiQZVZhLxfAoB-_D5Vd4Q_AnaYYeAXlO0COlsffn4vf1bfKNRWo6Pa2oDVp2Xh9723gELVdI_W7jCex5C2ZAQAa_EvW4rlyozIUc27D_CD3slbhW2h0VETHBpem_VbmIWR_qXucedYZL_HT2e8s8rBrdkAteOXuLbuCneFkFc5VH9A4diy_XH_m1zBHcuYdfM5l77oyqUhdq2wGcTksK_pYIazeFIeRhrM7Y1p7cqFHbSn-hTQ_GZ3cjN0MmpvHqy4xMQqudZZckvwATe9dKB9wLgBAGSBQQIBBgBkgUECAUYBIAHq66GLKgHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCJ5gbSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEw0&sigh=GhqQ2AW5UGs&tpd=AGWhJmt5G3S0nrvCRJxoLWJ3_9qE2k4QDW8QXKBxani2dvP6Pw
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
popunder.gif
rightenedetu.site/ 		35 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rightenedetu.site/popunder.gif
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 18 May 2020 01:02:07 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
6004
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5951a6a0de1a0c69-AMS
cf-request-id
02c6e6788800000c69fe875200000001
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EB92 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Sat, 16 May 2020 07:48:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
148420
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sun, 16 May 2021 07:48:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EB92 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2856908
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EB92
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 May 2020 01:02:07 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
WakVRclBVMTgWbV12YEFkXQ%3D%3D
d7016uqa4s0lw.cloudfront.net/ 		297 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d7016uqa4s0lw.cloudfront.net/WakVRclBVMTgWbV12YEFkXQ%3D%3D
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:b400:b:187f:8500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e38113cd9b754dfece73f345694d75d95e6e46713d7c9ef427d824c16ac7c342

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:07 GMT
content-encoding
gzip
x-amz-cf-pop
HAM50-C2
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
107358
via
1.1 93a0d7f8920098ec4cffab828f70f5cd.cloudfront.net (CloudFront)
x-amz-cf-id
ZBkYlm2ymuRsT3TUxc_7k4jGjXlsYpmuZRlIAi-HqOlnf3EcNSnV7Q==
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame B08C 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/
Origin
https://iir.ai

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame B08C 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame B08C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27159
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf1fef681ae7494f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:29:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame B08C 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5736
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30100
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"023298bf906f9a2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame B08C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25554
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1637
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eed6b15e1dd2165d"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame B08C 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25557
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15361
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d0b45204c403cb94"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:10 GMT
css
fonts.googleapis.com/ Frame B08C 		7 KB
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:07 GMT
server
ESF
date
Mon, 18 May 2020 01:02:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B08C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B08C 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14226731522684698302/ Frame B08C 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14226731522684698302/2076313506083323656
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b257d444433af67701b66da5cdbf006b62140a5f1f00d486efaa44ce02a195d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 06:31:36 GMT
x-content-type-options
nosniff
age
2831431
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41133
x-xss-protection
0
last-modified
Thu, 12 Mar 2020 17:51:57 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Apr 2021 06:31:36 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7436289836750711190/ Frame B08C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7436289836750711190/downsize_200k_v1?w=300&h=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a421cfefe163c18466d7e2c77284430fda33fe1609a8d98f412f7d3ad12e462b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Apr 2020 00:47:20 GMT
x-content-type-options
nosniff
age
2247287
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8622
x-xss-protection
0
last-modified
Tue, 04 Feb 2020 17:39:59 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Apr 2021 00:47:20 GMT
truncated
/ Frame B08C 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f47d2272cf53558fc3891af44a9ddbc4b8d53b243fe500b99f1b54cac72f9fe

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f26e3f50e0e70ff9da99b7e3adac1434fba436fed21721b36b03e6c992d5e6d

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame B08C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNjrOj97BXqjpGdLm3wPGmaTwCvPDmvNcx9CzsogLv6_Uk7oCEAEgiLGRH2C56L6A1AGgAYirw8ADyAEJqQLxQlKmdU60PuACAKgDAcgDCqoE2gFP0HfKOYojp8Ue7GlhqeDvXrOBHVVJ5iMPxsP5dbv21M8Hai_ls3sFVh0XjBRanUyKwgkRm7VQ797-QCyq9Y2fNUMChHxhevLVakY_M9j6VdE-VatNjxKq1ecmSFqEMUr2v6WrfCJJjHbHc0zvb07MPZ6ZWNd2YicnSmPGkT72041xC0ovLmavVZ_NKo1aaY5ZUhyX0HIh5WkhbqAX8-OS87jTxsuDEfmkLUsqI3RVAlohcmqgjKz73N4Jpm_KtQwnqd8JymvEa0n-Rwdx7KzWT2FrmJArQMP0rcAEhJOujPAC4AQBoAYugAfg1Lw_qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKnMBNIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTA4gUCZgWAQ&sigh=lURlVjLZ3XE&template_id=484&tpd=AGWhJmuLYdi2-r1z7Y07VDHHahFYc5vkodyuHordESI3_XSRHg
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB92 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EB92 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B08C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://iir.ai

Response headers

date
Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2853593
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 15 Apr 2021 00:22:14 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B08C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin
https://iir.ai

Response headers

date
Sun, 17 May 2020 18:27:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
23687
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Mon, 17 May 2021 18:27:20 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B08C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B08C 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame BC14 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/
Origin
https://iir.ai

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012005012256000/ Frame BC14 		204 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5701
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57019
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:27:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bf14143de8659308"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:27:06 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame BC14 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
27159
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5877
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:29:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cf1fef681ae7494f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:29:28 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame BC14 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5736
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30100
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 23:26:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"023298bf906f9a2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 23:26:31 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame BC14 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25554
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1637
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eed6b15e1dd2165d"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:13 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012005012256000/v0/ Frame BC14 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
25557
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15361
x-xss-protection
0
server
sffe
date
Sun, 17 May 2020 17:56:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d0b45204c403cb94"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 May 2021 17:56:10 GMT
css
fonts.googleapis.com/ Frame BC14 		5 KB
715 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 01:02:07 GMT
server
ESF
date
Mon, 18 May 2020 01:02:07 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 01:02:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC14 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49989
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC14 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9470
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16955503103052890963/ Frame BC14 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16955503103052890963/downsize_200k_v1?w=300&h=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa964b40724a2cf96f66e10a908d7f81b79104873482ee16827199b185259353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 May 2020 10:48:19 GMT
x-content-type-options
nosniff
age
396828
x-dns-prefetch-control
off
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2766
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 17:59:25 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 May 2021 10:48:19 GMT
truncated
/ Frame BC14 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f199b721fd41c73c10f2b027627feddbfc4275ec02bfa36969e58493e62315e

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame BC14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cizknj97BXszFJsnk3wPZ2azACaGUlqVdvIOJsLcKv-EeEAEgiLGRH2C56L6A1AGgAf_bisgDyAEB4AIAqAMBqgTiAU_Qq-Z5JZuPTuVXXAblSkkMVaJrE9tVUgo2nC7oYkVJSmCDxDAGJcYR6NU0v50taufwsu0mVW0cXOd146WGKeA3ICMlmx-aZDvRfboOFlQ-lQdDJMahfRjsBxulzOXwW0AAvTbHXWe8eVcYfWAaFwflPtIVC5QxXk5WJlnZ70N6XXHFM5yTP7aKPPmaJA9SkcCqVPZcNVRC8rigkLBS64vP2gyEs4dDUIhVvGv0uGq4caAt9S3g8WuTgiyTASc9ifLPmXG8SJwFaPP6uQVXJx8lE8dZhNLI4wELati9FxOplQ_ABK-L_d6rAuAEAZIFBAgEGAGSBQQIBRgEgAeG85wJqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKO5AtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTDJgWAQ&sigh=YnNkwelhqKo&template_id=5001&tpd=AGWhJmv9LC8smbQqb7-S-lL_hgRoO85YvmgGoZiFoPjX5aVgfA
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame BC14 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Sat, 16 May 2020 07:48:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
148420
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Sun, 16 May 2021 07:48:27 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame BC14 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin
https://iir.ai

Response headers

date
Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2856908
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 14 Apr 2021 23:26:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BC14
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Mon, 18 May 2020 01:02:07 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
Cookie set AD8BYVodCjh0Ii45KW1NSB4kYTlJGwUGGSgMOXwmORYjZy4JaSRlPhQ7P08BOxApcQktCgx5LisvIVw5TAoscRg7IAtkCUkgMnhYN2AhdT4UGhJmHC9rKXEJKRYsVCksKCZ1PhQaWl9QGGo5cyoUMzJUKSwoJGIpFg8SQF8sDAxUJT51D2EySR4bUR8ebypwUQoZB...
arisonoping.club/N2h6WGhWChk1V1ZVGH4dRQRHfVpxTUgeDABYS24dRglOK1hbH1Q7BFgdHj4aWAYOdgZSHF9qLlQmSzQlei4sDSZeIi05A3ofMRlZXiktaVB0LysKJU1RHBdYUwM+Py1dDTtoAG8FNBw4ZVwtET0HURkJIk0/ Frame DEA6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://arisonoping.club/N2h6WGhWChk1V1ZVGH4dRQRHfVpxTUgeDABYS24dRglOK1hbH1Q7BFgdHj4aWAYOdgZSHF9qLlQmSzQlei4sDSZeIi05A3ofMRlZXiktaVB0LysKJU1RHBdYUwM+Py1dDTtoAG8FNBw4ZVwtET0HURkJIk0/AD8BYVodCjh0Ii45KW1NSB4kYTlJGwUGGSgMOXwmORYjZy4JaSRlPhQ7P08BOxApcQktCgx5LisvIVw5TAoscRg7IAtkCUkgMnhYN2AhdT4UGhJmHC9rKXEJKRYsVCksKCZ1PhQaWl9QGGo5cyoUMzJUKSwoJGIpFg8SQF8sDAxUJT51D2EySR4bUR8ebypwUQoZBWIONzE6cic8LFBRBjQvKmADHQ88AjscEFx2JRYRXn1ZQ2AtWhxCDRIGLjQxLmELOw0OUh8obyoEDF9qLnVaGRcMBFg9Oip9GhwdJQc9Lj9NBSotAClxIEkzLG4AFikNXzEdGwIGTUgeKQUyLQhbDyI0L1wODUsSD2ICDSk+cFkpOSBELCMOPlgjPAoGYhINLU5dGxU2GAoqSy4nYwUUbhxTOg
Requested by
Host: d7016uqa4s0lw.cloudfront.net
URL: https://d7016uqa4s0lw.cloudfront.net/WakVRclBVMTgWbV12YEFkXQ%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
arisonoping.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Date
Mon, 18 May 2020 01:02:08 GMT
Content-Type
text/html
Content-Length
1249
Connection
keep-alive
Set-Cookie
__cfduid=d7bc306193880cff23c64d28fb086fa3b1589763728; expires=Wed, 17-Jun-20 01:02:08 GMT; path=/; domain=.arisonoping.club; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
5951a6a4ca6cfa50-AMS
cf-request-id
02c6e67aff0000fa50598cc200000001
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC14 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 11:08:58 GMT
x-content-type-options
nosniff
server
cafe
age
49990
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 18 May 2020 11:08:58 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BC14 		295 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 May 2020 22:24:17 GMT
x-content-type-options
nosniff
server
cafe
age
9471
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 18 May 2020 22:24:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EF00 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdCqI__IzU_56mBpvuMBbvZqJelwmc728SQMRNUpyOx1OEOTs0B76xeOO9aO_uXlGByo7_B7hApKwWp6GIOu_BJGI-pflhBk5JaHKjlrRYMORRHdvdYpgCwZbV5w&sai=AMfl-YTdkqGCpaqajWjeM4-orrDTpQeHX1oxcokdQ3gI53q8yRbq7qPJtnDcPqYZlshS7c4uweIxRgIVUO--g9FgQVSTSxh39TQcRr0kJyMOXg&sig=Cg0ArKJSzHo-6vzDQDSdEAE&id=ampim&o=625,299&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=113&tls=1113&g=100&h=100&tt=1113&r=v&avms=ampa&adk=3880278309
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EB92 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYqDUP-dJLIG6SAj16XcSfoOJYSmFxIy9o8Y_yy9tKxO7oYCASOtJJ097juziIwqtCbTA41ed8fVnHVMDaKqXV041UDGv7ONjCoZ33brhWM6-c2w_LVQV3sGiO2w&sai=AMfl-YSnBuUygBVC1bk9yiSFvtBswgEzFFxiNtLtIIXmKuM0A7I9jLtR59xiVUdG4eazK19nZeU6Gj_tox_j9WlEkFJJRnyplrMOmfjWV3hzWQ&sig=Cg0ArKJSzCpSVtgMzal5EAE&id=ampim&o=625,614&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=147&tls=1147&g=100&h=100&tt=1147&r=v&avms=ampa&adk=2252918807
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
rightenedetu.site/ 		35 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rightenedetu.site/popunder.gif
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 18 May 2020 01:02:08 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
6005
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5951a6a84e090c69-AMS
cf-request-id
02c6e67d2b00000c69fe8ad200000001
adview
securepubads.g.doubleclick.net/pagead/ Frame B08C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cygqpj97BXqjpGdLm3wPGmaTwCvPDmvNcx9CzsogLv6_Uk7oCEAEgiLGRH2C56L6A1AGgAYirw8ADyAEJqQLxQlKmdU60PuACAKgDAaoE2gFP0HfKOYojp8Ue7GlhqeDvXrOBHVVJ5iMPxsP5dbv21M8Hai_ls3sFVh0XjBRanUyKwgkRm7VQ797-QCyq9Y2fNUMChHxhevLVakY_M9j6VdE-VatNjxKq1ecmSFqEMUr2v6WrfCJJjHbHc0zvb07MPZ6ZWNd2YicnSmPGkT72041xC0ovLmavVZ_NKo1aaY5ZUhyX0HIh5WkhbqAX8-OS87jTxsuDEfmkLUsqI3RVAlohcmqgjKz73N4Jpm_KtQwnqd8JymvEa0n-Rwdx7KzWT2FrmJArQMP0rcAEhJOujPAC4AQBoAYugAfg1Lw_qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKnMBNIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTA4gUCZgWAQ&sigh=txivVIXO2Ho&vt=1&template_id=484
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame B08C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuh0j3Pt2L1OldL1vUzJjQ_q8FSL25uqKcw1DhiIiwXj6tLLaok_PPLe-qIgVl2UFcMHRglLNHQKbdQNeQsmTkrnLK_MY0Mc5PLNH1PA-t_H9M-KFrG7QozAvBBnw&sai=AMfl-YQT4LQbctO7ukV2CQzN8QaD8Io4brSF6f1bkrsWdC3b7F6fNjDezhhvv3-R5yXXFsPQSg8GM4vbUQ2sJWkIsiQbDkZcgxIptn-pgAyA&sig=Cg0ArKJSzGuV-1uodmO2EAE&id=ampim&o=1275,50&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=121&tls=1121&g=100&h=100&tt=1121&r=v&avms=ampa&adk=1372485172
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EOw4NfQk9k2O4CSrKJ0B8i1oQklT2Zf1BHUavEolXgflY86doyGCSbfUDGwzMo7SZmA1s_miXX9TLplQxj2dnkP_ozd9EDX81IPifRi8qGbYTDfNXdoazdqUk8muSsue7MR1hRemQVCdoIO80ospbhwoic8-2hi5i8Q8fyWCPRHpJ3npJUfINi6OFwGylPbqts0II...
r.routemob.com/i/ic/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame BC14 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqFCajrxwjN6JCqhc2VRfAkZLT3nJbonXYCxhUra9w9GiOrFjgoOrjLedHYWfZockKpBKHC9GiXU4QiB9DMVfpmpNC20_eVeUgebYDY8Gh-AgV5_ZuV8EVHmfDWw&sai=AMfl-YSYugreaAHgIcfeSIHbMsCvXlvX7yyywtgVnXTfVb81Dt4ESF7mPE9Ir9gjfULOB6iC3Gs-g7rdvrkpvx8sMLZxIjrbSsx1EANlGha4&sig=Cg0ArKJSzB41ZG78-f6hEAE&id=ampim&o=643,934&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=513&tls=1513&g=100&h=100&tt=1513&r=v&avms=ampa&adk=363645630
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
EOw4NfQk9k2O4CSrKJ0B8i1oQklT2Zf1BHUavEolXgflY86doyGCSbfUDGwzMo7SZmA1s_miXX9TLplQxj2dnkP_ozd9EDX81IPifRi8qGbYTDfNXdoazdqUk8muSsue7MR1hRemQVCdoIO80ospbhwoic8-2hi5i8Q8fyWCPRHpJ3npJUfINi6OFwGylPbqts0II...
r.routemob.com/i/ic/ Frame 038A 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.routemob.com/i/ic/EOw4NfQk9k2O4CSrKJ0B8i1oQklT2Zf1BHUavEolXgflY86doyGCSbfUDGwzMo7SZmA1s_miXX9TLplQxj2dnkP_ozd9EDX81IPifRi8qGbYTDfNXdoazdqUk8muSsue7MR1hRemQVCdoIO80ospbhwoic8-2hi5i8Q8fyWCPRHpJ3npJUfINi6OFwGylPbqts0II2vyIpCDbpezX2hKg_WVKneKQpsSTjY9DBZKxk7v-Gtlw8PZ2chIyDV03MPRwctSgHSgCfvCebP40N54jkayhMzam_q4JEzh9UQoPr-sezJ3rxS1-stWsb1jOab0LqsWrPy1wbR-SSeW_sDGqfDalnWYSWQ
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.150.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:09 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
204
access-control-allow-origin
*
cf-ray
5951a6acfe24d8c9-AMS
cf-request-id
02c6e680190000d8c99c1ed200000001
truncated
/ Frame 038A 		795 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
quant.js
secure.quantserve.com/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.217 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18-May-2020 01:02:11 GMT
Server
QS
Etag
M0-004a9efe
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Strict-Transport-Security
max-age=86400
Content-Length
8025
Expires
Mon, 25 May 2020 01:02:11 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.182.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-182-94.ham50.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 17 May 2020 11:34:40 GMT
Via
1.1 a432ddebfd10465526f121270421362b.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
48451
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
WDTzUt3vYjNw4R6zsTQita-siKnFrNzkWyKHUAXQoKEdjhh3LDp41g==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 May 2020 00:16:45 GMT
Server
Apache
ETag
"da0e54-8bc6-5a5e114079bc8"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1151
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12312
Expires
Mon, 18 May 2020 01:21:22 GMT
prebid.js
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 		394 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
5dfc9288f5281f2c559f14d366adf563f1a17b987554876469b161fe48abeed1

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
gzip
last-modified
Mon, 11 May 2020 21:35:02 GMT
server
nginx
etag
"33d3f-62974-5a5661e999b3b"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
128463
expires
Tue, 19 May 2020 01:02:10 GMT
footer.jpg
iir.ai/cloud_theme/build/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iir.ai/cloud_theme/build/img/footer.jpg
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
7566591
status
200
content-length
6152
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e687e70000c2eaada14200000001
accept-ranges
bytes
cf-ray
5951a6b97af1c2ea-FRA
expires
Fri, 19 Feb 2021 11:12:19 GMT
fontawesome-webfont.woff2
iir.ai/cloud_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://iir.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin
https://iir.ai

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
301359
status
200
content-length
77160
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
02c6e687e70000c2eaada13200000001
accept-ranges
bytes
cf-ray
5951a6b97af0c2ea-FRA
expires
Thu, 21 May 2020 13:19:31 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://iir.ai

Response headers

date
Mon, 11 May 2020 17:33:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
545318
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13732
x-xss-protection
0
expires
Tue, 11 May 2021 17:33:33 GMT
cmp.js
quantcast.mgr.consensu.org/ 		264 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:7c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f670db094f8157451312a2d25ce34fd67f622e07d356f9db841224cceeeed2d

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 00:55:18 GMT
content-encoding
gzip
last-modified
Thu, 14 May 2020 20:38:20 GMT
server
AmazonS3
age
420
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-meta-qc-ineu
True
x-amz-cf-pop
HAM50-C2
x-amz-cf-id
yDAWgzDDp7sE5LA7pLeXa9iHs5w1OsAGkFWBl-rhv8XJc0xWs1H0RQ==
via
1.1 1976c24012aa5629cb792e79edc4e7bf.cloudfront.net (CloudFront)
tNmxMbnRVAyIIS0IFKFNMBll0VkwQBj8BGkZRPT8eejkcKRVcSjgUEAteagIVWAtxSBFYD3FfUlcILlNEEBg8AR8LGSIKEVAFIgsQEBktUxlZFiUCGFdJfihBGFxpXEQeAS0NHVgYIx0cE18OS0YGBSIaEVpJfl4ZVw9pXERZH2lcRE5Jfl5FBjN9WisDRW-lcRFc...
dc5k8fg5ioc8s.cloudfront.net/ 		297 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/tNmxMbnRVAyIIS0IFKFNMBll0VkwQBj8BGkZRPT8eejkcKRVcSjgUEAteagIVWAtxSBFYD3FfUlcILlNEEBg8AR8LGSIKEVAFIgsQEBktUxlZFiUCGFdJfihBGFxpXEQeAS0NHVgYIx0cE18OS0YGBSIaEVpJfl4ZVw9pXERZH2lcRE5Jfl5FBjN9WisDRW-lcRFccPAIRQQkuBR1CSX4oQQVbYl1CE158Rh9eGCECUQQvaVxEWgUnC1EEXCsLF10DZUtGBg8kHBtbCWlcMgFYYl5aBVt+V1oHWnVLRgYfLQgVRAVpXDIDX3tARwBKOVM
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2016:4a00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a6b833f5a45fec1fd17b6a9edcda21bd8fd4c89bf0c9188c9a1d423c6fd6e385

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
gzip
x-amz-cf-pop
HAM50-C2
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
273
via
1.1 2408979685aa1bdb752824d292e63bf7.cloudfront.net (CloudFront)
x-amz-cf-id
mmUWkh00ycIEUvzp1l0ayVkfothrYQOLvjf1p6bGQ-Ub4tIDRG1Jzw==
get2
uipglob.semasio.net/id5/1/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO4bg_8tf1gXZpwwNxLlwMjIBZbsx6FOmuS8yRTg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd...
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO4bg_8tf1gXZpwwNxLlwMjIBZbsx6FOmuS8yRTg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd...
  • https://id5-sync.com/c/12/3/7/3.gif?puid=7bb75ec1-de93-4f00-a156-c039b328a933&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/6/4.gif?puid=6696632447094057129&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/5/5.gif?puid=876c355912622dc36fbccafe2e65e983&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/4/6.gif?puid=384baad8-3c0d-422b-b475-3ae87420f7bf&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
  • https://id5-sync.com/c/12/108/3/7.gif?puid=35076631-98a3-11ea-a011-426c53b1b576&gdpr=1&gdpr_consent=
  • https://uipglob.semasio.net/id5/1/get?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D
0
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/ 		299 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 11 May 2020 21:43:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 May 2020 19:09:25 GMT
server
sffe
age
530320
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124431
x-xss-protection
0
expires
Tue, 11 May 2021 21:43:31 GMT
localstore.js
script.4dex.io/ 		450 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
br
cf-cache-status
HIT
age
261
status
200
x-amz-request-id
7E2F992343116AD7
x-amz-id-2
nmmr0UrBkvVpjftHGu5p6CU04sxhGduqLBsvh9rnUeGjmG6nY23UipPqJyn6TSm0xvmlFUBXVjI=
last-modified
Mon, 06 Apr 2020 11:18:51 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
02c6e6884200003260258e6200000001
cf-ray
5951a6ba0cce3260-FRA
anchor
www.google.com/recaptcha/api2/ Frame DA73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=fi5gvz5gt193
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Cs+f8t1B/mV4DV4bLynbCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=fi5gvz5gt193
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 May 2020 01:02:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-Cs+f8t1B/mV4DV4bLynbCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10558
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:1800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
x-amz-cf-pop
HAM50-C3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
UylBVxfMxhNYhv1GDs6n6CC0mqQYARbgI__0ysW1uqI8MbDB5UVhhw==
via
1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
rid
match.adsrvr.org/track/ 		109 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.216.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-216-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca5ea7317b81ff8a093a02327c8848005eccfae4405e3e6d6cb7991fb0822180

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://iir.ai
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 17 Jun 2020 01:02:11 GMT
adagio.js
script.4dex.io/ 		62 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:11 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
1589
status
200
x-amz-request-id
A0FB1D9DF0DF5F5B
x-amz-id-2
LeOfYIsxsVVG4gnLxZ8wgKbhgDVwDxxRMk+NiWPIR61Xl+MkZoWK21dcxKWk+gm4di12RbnjBgA=
last-modified
Mon, 06 Apr 2020 11:18:49 GMT
server
cloudflare
etag
W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
02c6e688950000dfcb4921e200000001
cf-ray
5951a6ba8b81dfcb-FRA
cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v33/ Frame FD3F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v33/cmp-3pc-check.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
static.quantcast.mgr.consensu.org
:scheme
https
:path
/v33/cmp-3pc-check.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
content-type
text/html
content-length
645
last-modified
Thu, 14 May 2020 20:38:15 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
server
AmazonS3
date
Mon, 18 May 2020 01:01:21 GMT
etag
"55b98270d639ef0c34781d9f03cce91f"
x-cache
Hit from cloudfront
via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
8HBsh8Z9yNL8Xu_4QurFF8BOQaw2f_eCqs66hnYmZt_fQ9yo6-J5Sw==
age
51
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 01:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2848141
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Apr 2021 01:53:10 GMT
headerstats
as-sec.casalemedia.com/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fiir.ai%2F8KxOzq&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:11 GMT
Server
Apache
Content-Type
text/plain
Access-Control-Allow-Origin
https://iir.ai
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 18 May 2020 01:02:11 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-220-169.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 May 2020 01:02:11 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://iir.ai
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cmpui-banner.js
static.quantcast.mgr.consensu.org/v33/ 		257 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:b200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0698cc3dda9964a86ee88a18cc88e2b9ffa64dd4e36785d8a748ba827e5b0984

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:01:53 GMT
content-encoding
gzip
last-modified
Thu, 14 May 2020 20:38:14 GMT
server
AmazonS3
age
19
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
status
200
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
C0uXFt9-HV6zUJ2nQzPWdcJBHMhPX4inyxIfb-Y3wpm8uDNGUy6oSQ==
via
1.1 91bfa1bdba15fba4281ea367ab656f54.cloudfront.net (CloudFront)
vendorlist.json
vendorlist.consensu.org/ 		96 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:5400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 14 May 2020 16:22:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
290366
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 14 May 2020 16:00:38 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
oryAqtW55oj7QvuzASYlO.XAkJkJoBG.
via
1.1 fd2461c1fc276b0abb08db5092b879f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
HAM50-C3
content-type
application/json; charset=utf-8
x-amz-cf-id
mPBIrZhRlUHj9WXmDMTTqQtdBZPERUFvJLx9zvDOu-5bP4nb8X1aGw==
bframe
www.google.com/recaptcha/api2/ Frame D74F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=yyvlsv8ctqe4
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yCDO7pr4gI8KiJh40ECnKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=yyvlsv8ctqe4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 18 May 2020 01:02:11 GMT
content-security-policy
script-src 'report-sample' 'nonce-yCDO7pr4gI8KiJh40ECnKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1186
server
GSE
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
purposes-es.json
vendorlist.consensu.org/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/purposes-es.json?timestamp=1589763731924
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2070:5400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01b0ea0798221a956d710ce61b9c4195d7cff368c372f51c52ee3faadd1d6081

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 23:37:33 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5079
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 14 May 2020 16:21:33 GMT
server
AmazonS3
access-control-max-age
604800
access-control-allow-methods
GET
x-amz-version-id
adk1uruQWqDQXGn0oOrKlgWkVYakWj5h
via
1.1 fd2461c1fc276b0abb08db5092b879f2.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
HAM50-C3
content-type
application/json; charset=utf-8
x-amz-cf-id
0jrGaKWcKbRC6eITSVQRrRWWxQRQPYScD0E9aPKQRnweL7yOIeeAXg==
CookieAccess
apis.quantcast.mgr.consensu.org/ 		18 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.156.186.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-186-116.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:12 GMT
server
awselb/2.0
status
200
vary
Origin
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://iir.ai
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
18
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
/
audit.quantcast.mgr.consensu.org/ 		80 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit.quantcast.mgr.consensu.org/?log=;1589763732271;Moneytizer;https%3A%2F%2Fiir.ai%2F8KxOzq;;;;;b,off,false,,1,es,33,202,true,false,false;displayConsentUi:mandatory,;GDPR-qi5hvkkt409nsoq2j8ui
Requested by
Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.182.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-182-37.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 17 May 2020 23:47:35 GMT
via
1.1 4efecb7b2ace4b001ec9b1d536dcfc43.cloudfront.net (CloudFront)
vary
Origin
age
4478
x-cache
Hit from cloudfront
status
200
content-length
80
last-modified
Mon, 11 Jun 2018 22:07:34 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
x-amz-cf-id
0NPO8gfP0PTr1mTRG10zmwwM0qkO0rY3NsdoIHu97pHHD9PH2nCscw==
eyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 038A
Redirect Chain
  • https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLC...
  • https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.21.38.73 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-21-38-73.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
75a58c435f7b56951d4622ec5c860a45eef4715c6af663f1ff29a946c8d45086
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2020 18:58:12 GMT
Date
Mon, 18 May 2020 01:02:12 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=2068485
Connection
keep-alive
X-TraceId
6fd9c9386a0723aafcbd9b5fa93b7175
Timing-Allow-Origin
*
Content-Length
36325

Redirect headers

date
Mon, 18 May 2020 01:02:12 GMT
server
openresty
status
307
location
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNkMjRmNmM2ZDNhYjcxYzAzNjg2OTgxNDdkNjFkZThjYmUyNDAxYjUzMWJiNjUxNTViYWYwYzZiYjNjZWJlYzIiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
access-control-allow-methods
GET, OPTIONS
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
184
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
181988be039f115865967d2d9b27bba539d09d7d219302d4d3b5fc719ff5a0ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 May 2020 01:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5546
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5456
x-xss-protection
0
expires
Mon, 18 May 2020 01:02:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 4984 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sun, 17 May 2020 23:40:30 GMT
expires
Mon, 17 May 2021 23:40:30 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4902
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=1342511683184141&bg=!6eql6vJYXnKNZ7Fhl3cCAAAASlIAAAANmQFuIlNQX2S8fGlz5ZEVyvLiPehpkds-dOIwYJb08NJLsntEZiJB-rwEX8E2TeDBrPK5gRWSyfaN_npC-zIzcT54P7gdy8krwmhHsfN0Ld4Pz3MU1Cf9eB-L3Pad3_J0hT0aRsxL-M3QwlKUhlnKJOVfuUjDk3TdubnWOLV-l_BMltdtvpAQBPxQFtQbF-WRCW0HFbD-IjxntlM6RqxFqstEwgfq7WGVJUKboXC9ydJb2GczBE6528PST_TOb1fXQynVq5bwxDo0NVWwXVApYTbegZH1puAx9T44AJEWGHO0Ttzt8FI2i1JGvBw4_xTxuK6j0WAw2lW8NePcnvXzXjNiLgpzzZeHVWyg_X1kbopKsZF7GVI4PADCqhFDOifx4gF6oMfiss9PYn8kbRVAWWS5ck8mV-za8gTRSdihHSbndJiaNBhP9o7mthdfyDmf3upsxuXlQuK2rSIU8zXultLwb4hS4Sl6Tt0FIBq7vjFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		4 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.240.251 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.251.240.130.94.clients.your-server.de
Software
nginx/1.10.3 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx/1.10.3
status
200
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://iir.ai
access-control-max-age
86400
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://iir.ai
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....
11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22168c213403ebc07%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%225d120055-b37e-4af4-8229-7ad2f830f7e1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22170359dbd108c67%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%2231ff37d4-af8f-4c4e-81a5-852a1edacce0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221849584b8c41c7c%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22598d6c62-b3a4-4000-9b09-1141368fe0e3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2219c2f4ef11eab4b%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%22fd96e8c2-ea64-471a-9841-1f6a7d67aba0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%222075d85bfce975%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%226e55fd36-41b7-4ccd-982b-bee7679f93df%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
19dbd061dd881d126641ee69d2ecbdfb4c367600eda266af754ac9c144dfb836

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://iir.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
4556

Redirect headers

date
Mon, 18 May 2020 01:02:21 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235b8a13bdfa0a58%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22168c213403ebc07%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%225d120055-b37e-4af4-8229-7ad2f830f7e1%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22170359dbd108c67%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%2231ff37d4-af8f-4c4e-81a5-852a1edacce0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221849584b8c41c7c%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22598d6c62-b3a4-4000-9b09-1141368fe0e3%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2219c2f4ef11eab4b%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%22fd96e8c2-ea64-471a-9841-1f6a7d67aba0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%222075d85bfce975%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%226e55fd36-41b7-4ccd-982b-bee7679f93df%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://iir.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221177f9d40a6e44%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2244074fea-16b4-4250-8005-d891791459a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.249.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-249-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
807d2190e69d6ee02f00bd77327637c019938bbd6c8f1246ae7f72cd3054732f

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://iir.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1819

Redirect headers

date
Mon, 18 May 2020 01:02:21 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22367f1c2b7a8b864%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221177f9d40a6e44%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2244074fea-16b4-4250-8005-d891791459a7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://iir.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
moneybid.js
ads.themoneytizer.com/bidder1/ 		633 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=20&formatid=26706&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
50728b2e44305cb1a39f419ca118a6250efdb9c717216a728d8db2c401b51ef9

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
438
expires
Tue, 19 May 2020 01:02:21 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		627 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
2253e27d8c8871590c60f89b3510bbc00bdc43672655526710d8c8fa416c7c33

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
429
expires
Tue, 19 May 2020 01:02:21 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=31&formatid=39287&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
23fdd66c8768fd6605d350986c5ef0f5f6c34cb628c4397712ad286a11de7880

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
431
expires
Tue, 19 May 2020 01:02:21 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
2b4ef64427e8ba3eb0069e595ff5e5b4b7d1934ef659b30dd66638893d0f85f7

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Tue, 19 May 2020 01:02:21 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
cdce76552ad1f66edd20e25ce326185f635772d6f88d1a84ff4bc036bd1cd525

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
431
expires
Tue, 19 May 2020 01:02:21 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:23 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid
90c8e95d-cd0c-45f1-a83c-52b1e1264748
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://iir.ai
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ac
ww1097.smartadserver.com/ 		22 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345731&pgid=1206499&fmtid=26711&async=1&visit=m&tmstp=2225925629&tag=sas_26711&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fiir.ai%2F8KxOzq&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,58791,1,iir.ai,iir.ai
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
bc5c2e3cd528daf1f1651b4853877fb3eaa7e244620d89b4c9c9a0fa4ce53046

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:21 GMT
content-encoding
gzip
x-smrt-d
3%3b6%3b97
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=58791&f=19&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 18 May 2020 01:02:21 GMT
Server
nginx
X-IPLB-Instance
20689
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tbframe.js
cdn.taboola.com/shared/ Frame 1675 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
2487
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
+9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by
cache-hhn4059-HHN
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1589763742.974401,VS0,VE0
date
Mon, 18 May 2020 01:02:21 GMT
vary
Accept-Encoding
x-amz-request-id
95F04980218A6F57
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
31
x-cache-hits
335
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame DF3D 		717 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d079da1450a12fe4c8125668181a626f01ad4c99730e5fe92f4ed27ec01f3e9b

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
GMQj4Uk4qAcx9XxH3wqmdf5hIMDtC_5j
content-encoding
gzip
etag
"a242d43223b9d0785f5caf6dd4c4eb64"
age
13
x-cache
HIT
status
200
content-length
184909
x-amz-id-2
HkzBLwzI6+xMxzc5K0z3Olqylz71LT4G6PQ5tOnmDCObn92NIuevhfU9U251LNBWCJpQVI84qOY=
x-served-by
cache-hhn4059-HHN
last-modified
Sun, 17 May 2020 12:55:25 GMT
server
AmazonS3
x-timer
S1589763742.020475,VS0,VE0
date
Mon, 18 May 2020 01:02:22 GMT
vary
Accept-Encoding
x-amz-request-id
0FA274ACC4DDD27C
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
35
x-cache-hits
2
impl.20200517-2-RELEASE.js
cdn.taboola.com/libtrc/ Frame DF3D 		444 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200517-2-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba41f28c3fba55406522bf99d5794084791ce45f2bdd78a4f0f87f736aa2e96

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
U3Oe41yuIB0nIttKN7S2OWvmLeNA3j0A
content-encoding
gzip
etag
"36c49e6aedc59d886fb75efe8bff950d"
age
113
x-cache
HIT
status
200
x-amz-replication-status
PENDING
content-length
128490
x-amz-id-2
QcJ6SFAOQdoPWB6yYEfzR0HqywRZfJRS0B4uKtD4F8IzQo+9BMr8cSW6PnlU65OFTgXAHb+vcFE=
x-served-by
cache-hhn4059-HHN
last-modified
Sun, 17 May 2020 10:54:00 GMT
server
AmazonS3
x-timer
S1589763742.108226,VS0,VE0
date
Mon, 18 May 2020 01:02:22 GMT
vary
Accept-Encoding
x-amz-request-id
9EA257E803FF9B95
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
31
x-cache-hits
255
beacon.js
sb.scorecardresearch.com/ Frame DF3D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 18 May 2020 01:02:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 19 May 2020 01:02:22 GMT
json
trc.taboola.com/themonetizer-iirai/trc/3/ Frame DF3D 		31 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-iirai/trc/3/json?tim=03%3A02%3A22.162&lti=deflated&data=%7B%22id%22%3A531%2C%22ii%22%3A%22%2F8kxozq%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1589763742159%2C%22cv%22%3A%2220200517-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fiir.ai%2F8KxOzq%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22345731-PAVE%20BAS%22%2C%22orig_uip%22%3A%22345731-PAVE%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200517-2-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Mon, 18 May 2020 01:02:22 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
x-served-by
cache-fra19151-FRA
server
nginx
x-timer
S1589763742.223706,VS0,VE10
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
via
1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
b2
sb.scorecardresearch.com/ Frame DF3D
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9=
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 May 2020 01:02:22 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589763742195&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2F8KxOzq&c9=
Pragma
no-cache
Date
Mon, 18 May 2020 01:02:22 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
debug
trc.taboola.com/themonetizer-iirai/log/2/ Frame DF3D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=03%3A02%3A22.247&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=7181&cv=20200517-2-RELEASE&lt=deflated
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 18 May 2020 01:02:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1589763742.261616,VS0,VE0
x-served-by
cache-fra19151-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/themonetizer-iirai/log/2/ Frame DF3D 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=03%3A02%3A22.249&type=error&msg=loadRBox%20failed%2C%20aborting.&id=5864&cv=20200517-2-RELEASE&lt=deflated
Requested by
Host: iir.ai
URL: https://iir.ai/8KxOzq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 18 May 2020 01:02:22 GMT
via
1.1 varnish
server
Varnish
x-timer
S1589763742.261629,VS0,VE0
x-served-by
cache-fra19151-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
12.json
id5-sync.com/g/v1/ 		131 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.166 , Germany, ASN16276 (OVH, FR),
Reverse DNS
p10.id5-sync.com
Software
/
Resource Hash
8782dde7aa7a68cbd943d3c30e859badfd1a3c46380cd8dfb8489edf9fe543bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://iir.ai
Date
Mon, 18 May 2020 01:02:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
text/json;charset=utf-8
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 1969 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3842620850
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.50.131 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cm021.richaudience.com
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
sync.richaudience.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Server
nginx/1.14.2
Date
Mon, 18 May 2020 01:02:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding
gzip
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F823 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://iir.ai/8KxOzq
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Tue, 18 May 2021 01:02:24 GMT
Date
Mon, 18 May 2020 01:02:24 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame E1C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1589763741585
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.252 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?cb=1589763741585
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://iir.ai/8KxOzq
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://iir.ai/8KxOzq

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&google_tc=
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESELqmmoAxz6FgIBH3m8TCngw&google_cver=1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
ad.360yield.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
43 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 18 May 2020 01:02:24 GMT
x-aspnet-version
4.0.30319
status
302
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
match
euc-ice.360yield.com/ul_cb/
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAA...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkv...
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
  • https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://euc-ice.360yield.com:443/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
euc-ice.360yield.com/ul_cb/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
  • https://euc-ice.360yield.com/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
  • https://euc-ice.360yield.com/ul_cb/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euc-ice.360yield.com/ul_cb/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://euc-ice.360yield.com:443/ul_cb/match?external_user_id=3562733481612319428&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
euc-ice.360yield.com/ul_cb/
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAA...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=450cd254-2158-4ebf-9064-b8a6ad9dd788&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkv...
  • https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
  • https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.238.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-238-72.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://euc-ice.360yield.com:443/ul_cb/match?publisher_dsp_id=42&Expiration=1590973344&external_user_id=6240743847667008349
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
match.360yield.com/ul_cb/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-PfWXpssR6iEYjLLRVyTWw&google_cm&publisher_dsp_id=340
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=-PfWXpssR6iEYjLLRVyTWw&google_cm=&publisher_dsp_id=340&google_tc=
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://match.360yield.com:443/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEA4XnMrhSfCX_FCRVIVcv6c&google_cver=1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
match.360yield.com/ul_cb/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RQzSVCFYTr-QZLimrZ3XiA&google_cm&publisher_dsp_id=340
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=RQzSVCFYTr-QZLimrZ3XiA&google_cm=&publisher_dsp_id=340&google_tc=
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1
  • https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1
43 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.57.174 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-57-174.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://match.360yield.com:443/ul_cb/match?publisher_dsp_id=340&google_gid=CAESEOeFA0efbuHrF8G4JhXP0v0&google_cver=1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=f8f7d65e-9b2c-47a8-8462-32cb455c935b&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
  • https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
43 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://iir.ai/8KxOzq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 01:02:24 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 18 May 2020 01:02:24 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=167&external_user_id=096b49e1-e68e-4b80-8ca9-1f67f2c45854
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.routemob.com
URL
https://r.routemob.com/i/ic/EOw4NfQk9k2O4CSrKJ0B8i1oQklT2Zf1BHUavEolXgflY86doyGCSbfUDGwzMo7SZmA1s_miXX9TLplQxj2dnkP_ozd9EDX81IPifRi8qGbYTDfNXdoazdqUk8muSsue7MR1hRemQVCdoIO80ospbhwoic8-2hi5i8Q8fyWCPRHpJ3npJUfINi6OFwGylPbqts0II2vyIpCDbpezX2hKg_WVKneKQpsSTjY9DBZKxk7v-Gtlw8PZ2chIyDV03MPRwctSgHSgCfvCebP40N54jkayhMzam_q4JEzh9UQoPr-sezJ3rxS1-stWsb1jOab0LqsWrPy1wbR-SSeW_sDGqfDalnWYSWQ
Domain
uipglob.semasio.net
URL
https://uipglob.semasio.net/id5/1/get2?_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| LAST_CORRECT_EVENT_TIME number| _3327917280 function| fgjhkashfddsdfdsfsdfsdf function| gtag object| dataLayer object| googletag object| Adomik number| _1300906742 function| s function| e1GG function| K1GG function| x5dd string| r6II object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken number| google_srt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| __google_ad_urls_id number| google_unique_id function| h6RR function| r1qq object| ampInaboxIframes object| ampInaboxPendingMessages object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP function| Fingerprint2 number| _3681426716 number| _2751577376 function| fa number| _4292037965 number| TID object| f5X0 string| J0 string| m0 function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| _captifyAnalytics object| sas object| generic function| criteoCallback object| criteo_gum object| pwidget_config object| iframe function| loadScriptTemelio function| whenFormatFctDefined function| whenDefined function| MobileDetect object| md string| moneytizergeo object| libJsLeadPlace object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| pp string| __DOMAIN object| A6q3 string| d3 string| r3 string| M3 function| VisSense object| tagsObject string| website number| random undefined| pubstack object| target object| cs object| notifyme object| ix_lib object| tmzr object| d object| pbs object| format_size object| format_size_ix object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 object| notvisibleloop string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| GetRichAudienceZone function| GetAdmixerZone function| GetsizeIndex function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| checkVisibility3 function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26711 object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object object| selectedTab object| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS object| elem object| scpt function| __cmp function| qQjLUPGaj object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| tmzrChunk object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt object| ADAGIO object| invibes object| placementBids undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| _clrm object| recaptcha object| closure_lm_76823 function| quantserve function| __qc object| ezt object| _qoptions object| headertag object| core function| __uspapi object| apntag object| _ADAGIO function| __cmpui object| GoogleGcLKhOms object| google_image_requests boolean| tmcredentials undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26323 undefined| Adcall_26328 undefined| Adcall_26706 undefined| Adcall_30012 undefined| Adcall_39287 object| getBidResponsesForAdUnitCode string| bidcache object| TRC number| taboola_view_id

3 Cookies

Domain/Path Name / Value
iir.ai/ Name: _cmpQcif3pcsupported
Value: 1
iir.ai/ Name: ab
Value: 2
.iir.ai/ Name: __cfduid
Value: d8316f7b2a0988f514490ce7685c336d91589763731

11 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/8KxOzq
console-api warning URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 22)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CoANjjN7BXuqkAZaW3gOAnKqgB7KA1pNd9qnXm7sLwI23ARABIIixkR9guei-gNQByAEB4AIAqAMBqgTVAU_QLHlQkL4URl3gKs143uB6OMAKZNEoay_Ml2nxv2_UaOXZtZNw9jZhCQjO0P6X9Kjv5WVeNiJY1VSa9Cyh5iW5McZPHmiTmzewhnXlCG0FCm2Zkn4VPpX94nqSWNqfcs94bNR5dkQ4BV8gkTgQQUYI1L9ItdyKLhh-O7Ba8ntixXUDwtjG4WQS6q9QddhGYTRs5Zvuy5mZXnzqYDCnLTP1Xo0FFnuvfqfflu8jxerpz7vC8eVtSF2U6WM1vzee4WZEJmtJ1pEmpVXpDdZR5Zot_BENJcAE0afszu4C4AQBgAfunPLJAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBDkjwbSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=sRmwLZQfI-M&vt=1
console-api info URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/8KxOzq
console-api info URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/8KxOzq
console-api info URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/8KxOzq
console-api info URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418)
Message:
Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/8KxOzq
console-api warning URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 22)
Message:
[amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=Cygqpj97BXqjpGdLm3wPGmaTwCvPDmvNcx9CzsogLv6_Uk7oCEAEgiLGRH2C56L6A1AGgAYirw8ADyAEJqQLxQlKmdU60PuACAKgDAaoE2gFP0HfKOYojp8Ue7GlhqeDvXrOBHVVJ5iMPxsP5dbv21M8Hai_ls3sFVh0XjBRanUyKwgkRm7VQ797-QCyq9Y2fNUMChHxhevLVakY_M9j6VdE-VatNjxKq1ecmSFqEMUr2v6WrfCJJjHbHc0zvb07MPZ6ZWNd2YicnSmPGkT72041xC0ovLmavVZ_NKo1aaY5ZUhyX0HIh5WkhbqAX8-OS87jTxsuDEfmkLUsqI3RVAlohcmqgjKz73N4Jpm_KtQwnqd8JymvEa0n-Rwdx7KzWT2FrmJArQMP0rcAEhJOujPAC4AQBoAYugAfg1Lw_qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEKnMBNIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTA4gUCZgWAQ&sigh=txivVIXO2Ho&vt=1&template_id=484
console-api warning URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js(Line 1)
Message:
Unable to get NonIab Vendor list.
console-api log URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19(Line 727)
Message:
undefined
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200517-2-RELEASE.js(Line 3)
Message:
Server did not respond to loadRBox
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200517-2-RELEASE.js(Line 3)
Message:
loadRBox failed, aborting.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.themoneytizer.com
adservice.google.be
adservice.google.com
adtrack.adleadevent.com
ajax.googleapis.com
aphycolourses.info
api.news-headlines.co
apis.quantcast.mgr.consensu.org
arisonoping.club
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
boudja.com
c.tmyzer.com
cdn.ampproject.org
cdn.taboola.com
ced-ns.sascdn.com
clk.sh
cm.g.doubleclick.net
d1ks8roequxbwa.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d3al52d8cojds7.cloudfront.net
d7016uqa4s0lw.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
dmp.truoptik.com
euc-ice.360yield.com
f3f340a15a42b508ee5a37ca80740093.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
iir.ai
image2.pubmatic.com
images.outbrainimg.com
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
pinkhindi.com
pool.grid-data.bidswitch.net
quantcast.mgr.consensu.org
r.routemob.com
rightenedetu.site
rules.quantcount.com
s.cpx.to
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
spl.zeotap.com
static.quantcast.mgr.consensu.org
sync.richaudience.com
sync.smartadserver.com
tag.contextweb.com
tag.leadplace.fr
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
uipglob.semasio.net
vendorlist.consensu.org
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
r.routemob.com
uipglob.semasio.net
104.111.214.103
104.16.108.10
104.16.108.143
104.16.108.219
104.16.91.60
104.27.150.219
116.202.50.131
145.239.193.145
145.239.193.51
151.101.113.44
151.101.13.44
151.139.241.23
172.217.22.98
172.217.23.130
18.156.186.116
18.185.173.123
185.33.220.243
185.33.221.14
185.64.189.110
185.86.137.114
185.86.139.89
198.148.27.132
2.18.232.130
2.18.234.21
2.21.38.73
2600:9000:2016:4a00:1a:a6:7f00:21
2600:9000:2016:7c00:9:46dc:4700:93a1
2600:9000:2016:b400:b:187f:8500:21
2600:9000:2070:1800:6:44e3:f8c0:93a1
2600:9000:2070:5400:1:af78:4c0:93a1
2600:9000:2070:b200:9:46dc:4700:93a1
2600:9000:2093:9600:15:b448:1e80:21
2606:4700:10::6816:1957
2606:4700:20::681a:ef6
2606:4700:3033::681c:1f0a
2606:4700:3037::681b:a587
2606:4700:e6::ac40:c107
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:816::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81f::2004
2a00:1450:4001:824::2002
2a02:2638::1c
3.124.245.94
35.157.238.72
35.157.249.55
37.157.6.247
51.89.9.252
52.208.216.178
52.213.246.150
52.216.236.141
52.222.182.23
52.222.182.37
52.222.190.81
52.58.57.174
54.175.47.189
54.228.220.169
54.230.182.94
54.230.55.229
54.36.109.166
54.38.64.100
68.232.35.16
91.228.74.217
94.130.240.251
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00c560cdd808889700c8ad20e39dd9c958c7c92503791d741e069adffb7d61c1
01b0ea0798221a956d710ce61b9c4195d7cff368c372f51c52ee3faadd1d6081
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0698cc3dda9964a86ee88a18cc88e2b9ffa64dd4e36785d8a748ba827e5b0984
07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6
0b1f6050ea8f74838b5abf9e0d512eeb129b95bd50cce2af7da2257c5bb4817f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
127193b410d2e8df0edfceca9508efaa6001d1dbef700032b1b1c50ad445435a
181988be039f115865967d2d9b27bba539d09d7d219302d4d3b5fc719ff5a0ce
19dbd061dd881d126641ee69d2ecbdfb4c367600eda266af754ac9c144dfb836
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
2253e27d8c8871590c60f89b3510bbc00bdc43672655526710d8c8fa416c7c33
23fdd66c8768fd6605d350986c5ef0f5f6c34cb628c4397712ad286a11de7880
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4ef64427e8ba3eb0069e595ff5e5b4b7d1934ef659b30dd66638893d0f85f7
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb
2eaf808da0fb26b61e7e173f746ec6db8b24cb0c1ad89ef06c1778a8de64a43c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
398fce47f42eab81c69bf6a853e7806649c91aa75ff2b44bf81b56bf92aacf41
3b257d444433af67701b66da5cdbf006b62140a5f1f00d486efaa44ce02a195d
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4c21278ee40876c3a993458c626cc7c2c6110db1535db37e521f2e4b5208fe6e
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
50728b2e44305cb1a39f419ca118a6250efdb9c717216a728d8db2c401b51ef9
5198df46935ff6e7b1fd4ce8b313c15676a0fcd0b1dd740e1127baaac9f51430
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
5418d98533746708c2402e6ac9bb2ea2e0f33f80898518cbbe73afd2cb67cae0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ba41f28c3fba55406522bf99d5794084791ce45f2bdd78a4f0f87f736aa2e96
5cabd03b227e6bfb66072a8e89ac6b73e1e2e2ccf44d6f98db3a8bd97b671a7d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dfc9288f5281f2c559f14d366adf563f1a17b987554876469b161fe48abeed1
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
6b9029f78abdc61d51af76cb27ee0e2063385255101b5a2ff0e4de4ebf46b86c
6d41e3891989432a948b5481e675ca29e7ada14791efa7b9c028ae3337a976bd
701762a21b73c32dd5ffe21148fbba6b149b6f0e75171a038b9ccb505eeb19f9
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
75a58c435f7b56951d4622ec5c860a45eef4715c6af663f1ff29a946c8d45086
7f26e3f50e0e70ff9da99b7e3adac1434fba436fed21721b36b03e6c992d5e6d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
807d2190e69d6ee02f00bd77327637c019938bbd6c8f1246ae7f72cd3054732f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8782dde7aa7a68cbd943d3c30e859badfd1a3c46380cd8dfb8489edf9fe543bf
8ddab07193e55bb90bcfde3d72b1e1d2b74fb04cfcd6a6c268a053d2a6b592c1
8f199b721fd41c73c10f2b027627feddbfc4275ec02bfa36969e58493e62315e
8f47d2272cf53558fc3891af44a9ddbc4b8d53b243fe500b99f1b54cac72f9fe
8f670db094f8157451312a2d25ce34fd67f622e07d356f9db841224cceeeed2d
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace
a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde
a421cfefe163c18466d7e2c77284430fda33fe1609a8d98f412f7d3ad12e462b
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a6b833f5a45fec1fd17b6a9edcda21bd8fd4c89bf0c9188c9a1d423c6fd6e385
aa964b40724a2cf96f66e10a908d7f81b79104873482ee16827199b185259353
ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19
ad6680b578a75c955bd5cb7dc5243b0c4ceb1d20362e7bb2c93bcf55e3a5e258
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5a3c487fc79f9f759d67143bbacb9850fa4aa1f2eb1f2d45e763bc9e131a785
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
b88df4c56ec86f1969c677f2a83d5631102721995fdb3b2fbf8e27860ed72f8f
bb11244f0a95852dee0badf635d62aa54f4367e6cfade524e75ade4589dff4e4
bc5c2e3cd528daf1f1651b4853877fb3eaa7e244620d89b4c9c9a0fa4ce53046
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
ca5ea7317b81ff8a093a02327c8848005eccfae4405e3e6d6cb7991fb0822180
cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8
cdce76552ad1f66edd20e25ce326185f635772d6f88d1a84ff4bc036bd1cd525
cdee90cdcdeca890ba3a5577475c75484050a592f6ecb75f79bbf050f8dffee7
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d079da1450a12fe4c8125668181a626f01ad4c99730e5fe92f4ed27ec01f3e9b
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
d4fb95b1914308193ff6a4d8aff8cb502de8dd02a147eeca700124451e1612fa
d579cf295339c8aeb8726e5dc7431e9c6d35a4bc63e64d753e638ad31a03be03
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e38113cd9b754dfece73f345694d75d95e6e46713d7c9ef427d824c16ac7c342
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eeee06dff51b711e5ba293b08bc85a3d1b57d80be4e7cc05d5989467cbbe4300
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541
f9d3a1cfd3170952d8439852d4f1eee78d00888cf4eb69dd4fd74cfce9ec02bd