tii.ai Open in urlscan Pro
2606:4700:3037::ac43:976d Public Scan

URL:
https://tii.ai/gOfb
Submission: On August 02 via api (August 2nd 2020, 4:53:04 am UTC) from US

Summary HTTP 79 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 34 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3037::ac43:976d, located in United States and belongs to CLOUDFLARENET, US. The main domain is tii.ai.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 19th 2020. Valid for: 8 months.

This is the only time tii.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3037::ac43:976d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.208.29 143.204.208.29	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::6819:842c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.178.195.173 51.178.195.173	16276 (OVH) (OVH)
1	13.35.253.207 13.35.253.207	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6814:326f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
11	52.222.174.197 52.222.174.197	16509 (AMAZON-02) (AMAZON-02)
1	52.86.219.129 52.86.219.129	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.140.14 52.216.140.14	16509 (AMAZON-02) (AMAZON-02)
2	54.149.11.161 54.149.11.161	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:5200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:5000:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.156.249.121 35.156.249.121	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.126 143.204.89.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:8a00:3:99db:e580:21	16509 (AMAZON-02) (AMAZON-02)
1	13.35.254.87 13.35.254.87	16509 (AMAZON-02) (AMAZON-02)
2	35.165.10.112 35.165.10.112	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
12	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5 5	52.58.74.100 52.58.74.100	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2 2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 2	34.246.123.201 34.246.123.201	16509 (AMAZON-02) (AMAZON-02)
1	52.52.244.32 52.52.244.32	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 1	108.168.193.183 108.168.193.183	36351 (SOFTLAYER) (SOFTLAYER)
1	94.31.29.131 94.31.29.131	6461 (ZAYO-6461) (ZAYO-6461)
1 1	138.201.239.18 138.201.239.18	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.227.131.133 23.227.131.133	55081 (24SHELLS) (24SHELLS)
1 2	104.19.131.80 104.19.131.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
79	35

7 2606:4700:3037::ac43:976d (United States)

ASN13335 (CLOUDFLARENET, US)

tii.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.29 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-29.fra53.r.cloudfront.net

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:842c (United States)

ASN13335 (CLOUDFLARENET, US)

shrinkearn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.195.173 (France)

ASN16276 (OVH, FR)
PTR: ip173.ip-51-178-195.eu

fenailany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.207 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-207.fra6.r.cloudfront.net

d1ks8roequxbwa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:326f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.174.197 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-197.fra54.r.cloudfront.net

dlycritishmalco.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.219.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-129.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.140.14 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.149.11.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-11-161.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:5200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5000:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.249.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-126.fra50.r.cloudfront.net

ettyjokilint.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8a00:3:99db:e580:21 (United States)

ASN16509 (AMAZON-02, US)

d2l3f1n039mza.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-87.fra6.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.165.10.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-10-112.us-west-2.compute.amazonaws.com

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.58.74.100 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-74-100.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.123.201 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-123-201.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.244.32 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-244-32.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.168.193.183 (Dallas, United States) 1 redirects

ASN36351 (SOFTLAYER, US)

ngp1.intnotif.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.131 (United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.131.IPYX-077437-ZYO.above.net

www.ssaimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.239.18 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

dspaction.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.131.133 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

abc13.feed-xml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.131.80 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com cdn.mgid.com c.mgid.com	90 KB
11	dlycritishmalco.club dlycritishmalco.club	9 KB
7	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	64 KB
7	tii.ai tii.ai	220 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	158 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	180 KB
3	cloudfront.net dc5k8fg5ioc8s.cloudfront.net d1ks8roequxbwa.cloudfront.net d3al52d8cojds7.cloudfront.net Failed d2l3f1n039mza.cloudfront.net	187 KB
2	adskeeper.co.uk 1 redirects c.adskeeper.co.uk s-img.adskeeper.co.uk	8 KB
2	adsrvr.org 2 redirects match.adsrvr.org	902 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	616 B
2	adform.net 2 redirects c1.adform.net	582 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	826 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	705 B
2	google.com www.google.com
2	google-analytics.com www.google-analytics.com	18 KB
2	shrinkearn.com shrinkearn.com	181 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	feed-xml.com 1 redirects abc13.feed-xml.com	769 B
1	ssaimg.com www.ssaimg.com	12 KB
1	wpu.sh dspaction.wpu.sh Failed	152 B
1	intnotif.club ngp1.intnotif.club Failed	183 B
1	postrelease.com jadserve.postrelease.com	538 B
1	lentainform.com cm.lentainform.com	328 B
1	idealmedia.io cm.idealmedia.io	554 B
1	ettyjokilint.club ettyjokilint.club	367 B
1	amazonaws.com s3.amazonaws.com	18 KB
1	aphycolourses.info aphycolourses.info	24 KB
1	recaptcha.net www.recaptcha.net	907 B
1	fenailany.com fenailany.com	1 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
0	boudja.com Failed boudja.com Failed
79	34

	Domain	Requested by
11	dlycritishmalco.club	d1ks8roequxbwa.cloudfront.net dc5k8fg5ioc8s.cloudfront.net d2l3f1n039mza.cloudfront.net
7	cm.mgid.com	jsc.mgid.com tii.ai
7	tii.ai	tii.ai
5	x.bidswitch.net	5 redirects
4	fonts.gstatic.com	tii.ai
3	cdn.adtrue.com	tii.ai exchange.adtrue.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	c1.adform.net	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	s-img.mgid.com	jsc.mgid.com tii.ai
2	track.adtrue.com	exchange.adtrue.com
2	www.google.com	www.gstatic.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	exchange.adtrue.com	tii.ai cdn.adtrue.com
2	www.google-analytics.com	www.googletagmanager.com tii.ai
2	shrinkearn.com	tii.ai
2	fonts.googleapis.com	tii.ai jsc.mgid.com
1	s-img.adskeeper.co.uk
1	c.adskeeper.co.uk	1 redirects
1	abc13.feed-xml.com	1 redirects
1	www.ssaimg.com
1	dspaction.wpu.sh
1	ngp1.intnotif.club
1	c.mgid.com
1	acdn.adnxs.com	cdn.adtrue.com
1	jadserve.postrelease.com	tii.ai
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com	tii.ai
1	cm.idealmedia.io	tii.ai
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com	tii.ai
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	exchange.adtrue.com
1	ib.adnxs.com	cdn.adtrue.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	d2l3f1n039mza.cloudfront.net	tii.ai
1	ettyjokilint.club	tii.ai
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	www.gstatic.com	www.recaptcha.net
1	quantcast.mgr.consensu.org	tii.ai
1	s3.amazonaws.com	tii.ai
1	aphycolourses.info	tii.ai
1	www.recaptcha.net	tii.ai
1	d1ks8roequxbwa.cloudfront.net	tii.ai
1	fenailany.com	tii.ai
1	www.googletagmanager.com	tii.ai
1	dc5k8fg5ioc8s.cloudfront.net	tii.ai
0	boudja.com Failed	tii.ai
0	d3al52d8cojds7.cloudfront.net Failed	tii.ai
79	53

This site contains links to these domains. Also see Links.

Domain
shrinkearn.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-19` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
fenailany.com Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh
*.adtrue.com COMODO RSA Domain Validation Secure Server CA	`2017-08-04` - `2020-09-02`	3 years	crt.sh
misc.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
dlycritishmalco.club Amazon	`2020-07-23` - `2021-08-23`	a year	crt.sh
aphycolourses.info Let's Encrypt Authority X3	`2020-07-14` - `2020-10-12`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
ettyjokilint.club Amazon	`2020-07-13` - `2021-08-13`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
www.ssaimg.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-12` - `2022-04-14`	2 years	crt.sh

This page contains 18 frames:

Primary Page: https://tii.ai/gOfb
Frame ID: ECA3F6D09126C5D464B35BC8994B5B29
Requests: 42 HTTP requests in this frame

Frame: https://dlycritishmalco.club/Ykp1UlkDKBY/ZgN3F3QsECZId2skb0cUPVMhBmorDS8EJyEAPRR8Og4lADY/ECUbJncMLwF3ayR9IhQbFBNEMW4yPTAUOCE9QBFoVzwUYBMGHRgYfFAIOjouLwUmOi0tCDgAHQUhNxQwWis6ADEkAwwbaTcmMyoXJg83EB4Sb0cQFzMPNDM0DngxNTpTECIAEyQzFmEWUwMiHQ0VezYDNlcaIQATJCAvPgkzCy8CMzNyMTkDDgIYBBs3eT8jACcpOhwzEX80ADpWAQ86EjcII2sADnI+HQoVezRiAw4rMWIWIwI/IwAjCyQxNBItM2IDDisyFD8yDS8hHVNnBRk6DzoSFjEvJDsWDDsIHwcjLRgBFQMwfxkKHzB/FGADKR8iNi4tPRYKFggYRAoKIDMUPxgmCR8lYAYcRAYUJnoPEBgab0cQPzUAExMdWjslJRAlKRg9DjR7N2c4Kn8XBzQGOBM+NTEpGCI+Kgs8KhYxAzIANDcvLwQhNy8iJjQxGC8jfwg5GjwpXx0FFA87JAAqGws9
Frame ID: 7C251DDCCBBABC33D2D40FBBB0CEBB59
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/gOfb&cb=225300508&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/gOfb
Frame ID: BC744805BBB23D1F34F0689434F7C15C
Requests: 3 HTTP requests in this frame

Frame: https://dlycritishmalco.club/aTBKRkkIUikrdggNKGA8G1x3Y3svFXgALQoFIX4vDgUjKSpRQ2QlJQZFLiA7Bl4+aCcMRG90Dy59D3Z5JwIuEgAFQBgRDDhbHwc5D3ECIQQtAQcRA1lUEwUcK0cYEAAYYjAUBwtXAA4DEXoODh87RwguDCVlGQgdKlsMEABYUwEQITBDHwAfCHINMgg7RyIkKix2EAd4PEISECIqZg0yCz9cOiIAAgUvBXgeQw8XHAFyHQsMLFwfBxM/XB0EDwJaGwAuPGcNIQENZQMFLz8BEAN4PFgPFx8xaBk+ESxcHwcAAlMZEBgoAQ8XHzFxEnc7K1wEMCwrHXoVHzhxORQMCnwcEjk7Zhs+EyZiDwAAOGZvdAsoSCYTCwRXDQR5UFIAEwsIczIQbFt2Lj4DP3EJAC0xcQMQLx5iGwclJF0dPnwqcSR3ETFIHCAAL3UZEBEzAQg+JTF4JC0PKwEbIyweZRkQGCgVeAQfP3UNFyA4YggVDC9WLQsTP3EQNBg4X2wsOgZeOns4DH09PzAwVT0s
Frame ID: 9ABA39C7E41230D600A239B3DF4C4D9E
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v35/cmp-3pc-check.html
Frame ID: B8F3ADE86F6CEB0D4A66FD5954888CDC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=i4n7g8f55faz
Frame ID: 7A89768064CA14FFD822CF1EC21F2362
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=ewif7h1dxqcf
Frame ID: AE789DE4CD9E161CBAC04C2CCA5C4F9B
Requests: 1 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2FgOfb&loc=https%3A%2F%2Ftii.ai%2FgOfb
Frame ID: 1C8DEE53C009B295D3D7DF20D6F38628
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: BBD08E674FD04C4524A5C6A83EC4F62B
Requests: 21 HTTP requests in this frame

Frame: https://track.adtrue.com/track/passback?pzoneid=18694
Frame ID: 12DAAB0D9AC94031FDF677BE2F67A690
Requests: 1 HTTP requests in this frame

Frame: https://dlycritishmalco.club/VUZISkM0JCsnfDR7Kmw2Jyp1b3ETY3oMJ2cqeyxyO3Z7cy4vJ2YpLzozLCwxOig8ZC0wMm14BSEfHzoTMA4ZCQEGAy0ZOwACA3oVERAOAHAGdjACAhExEA0rEx4PenMXEz8LKwQCBSQXETULDwUtHykYEgMCP3s6DS4NGgANDAIfJBQJBB8VFBQwfmZnAA4yejYOC34bFz4RBgoXFw4JKCJwDx8oGAQcHxESB3gGIj4pMRwGB2N6DBsAHBobKhwcDj0kEAkwKQsWE3FyDDkAHB0qDBEJCxISJyM6BhEHOzkbABwaCBctIhomBgYnIzoGAAAnGxAAB214AQ10ZRAnByoNBhMiIREIAWU3DyJ7HA4lOggYKhoQJhMcABxzbH8bDDQeByI5FRIDGhMHE3cPHxIMKw0yBRARAHIlEBcBCAoTABofcjo1DQsaGgQxOicHLywZJRMcDR5yYGN6CBAQIhgSC2AiGiYGDwogfhUQMQY7ED8MHR0bPREaeycYCSMfEgAqJHIEBwwbHzpkBA0MGhwjIHoRFzF9eQsAEB8dGyYnGhsWGiAaPREUMW4gMDooOHcXYDN6IC1tAQ4
Frame ID: 9E24096261890AD8D36E729FE77FA43F
Requests: 1 HTTP requests in this frame

Frame: https://dlycritishmalco.club/d3htSDEWGg4lDhZFD25EBRRQbQMxXV8OVUUUXi4AGUhecVwNGUMrXRgNCS5DGBYZZl8SDEh6d0QbOHljEhYgG3gdQA4ccCITIx1VOyklPF4jPSMQew4xOwBgMQ8mP0YgMzUvdj46OCdXDj03GXcUTSYwBDgpXzsIMABdH1I/GwsAYz0PNA5GJD4+cUIjFDgOYSNMPxxWFAs9L1oyPS4BCDQABRB+MzolAFlDSyIKaBE9KiBbJz03LlcvKiQZABwfIApaFjAXIxRFOi4aRSIeBQZXJi0oI2EATDoAZh8SPiAFJjQDGngmAFltAzUcKCB1NC8FImIcMi8NXFo6IgR0JRMJDVkzPSl4WTEQNA96MzU/D1YhFzQySTApAzgURT4+HWciHl8OYjA6Bn1hNSI6GUZCSD4NfBMyKSdXIRMjcX8fQDwPWD1MNXh3NTQHI3g/OhonVTIfXBtpQl1fDmIbSSsudjEyNR1VTxwoIHU2ERp7dgA9NCl2OkA/I3tBHl0kdyECBTt5HDouLls2GzwNVgEZL310MksKeHkPLTssZSU0Pw17QjVdO2kxIFV5eQ89SyJCGBYddUsBHTV9Zi0eNHpBFEs
Frame ID: E2704B37A12C8655309577794787E640
Requests: 1 HTTP requests in this frame

Frame: https://dlycritishmalco.club/dGE5UVcVA1o8aBVcW3ciBg0EdGUyRAsXM0YNCjdmGlEKaDoOABcyOxsUXTclGw9NfzkRFRxjES02bCkjLRtwZx4DLH8VBEQNegdjMgNxAwEhIE10ZTIrUWUaLCJVKR4iEVoQDxMUdgAGAitQZAYtUgFlEQMCaTBlGyN4PSBRU3syAgcmYRUnDDl8BwMkMgwAAQwwSh0BNS5hAhoYIGhoAxIpDSMBHBlJMAFNNX47BgAlXiE0ODJ0NBQMBUgVPBwzeDsWHSZoCzISKQw1ExgsDzABTTVhAicEOQgfHBIpDDUCEyh+NwEfWXtiFQQ5CB8DPzVOExUfNAEdMFk4cgM5DEQLExxFOHszOj4EbwMzBgd8BB4jCAk5FiE4eBY6GAdsYGMDK045EDUmUiMUNSNjHzoiKGwAHkIre2kaLBtBIQ8NNHIwOj4FbQANGwd/ZBk2JlEhD0Uvex4UGyx8ByNMB1AlADU2DDgPGDRsHR8xK2wQEQUtaCUGNxtNYBQiM2gzFB8oewcNHCpvKQI1NgkkDzUFbjAuEyh4AHEeElY/J0ktAD8PQCJjZyEeIgoA
Frame ID: 2C63CA43FBBE621B021668A969E330A9
Requests: 1 HTTP requests in this frame

Frame: https://dlycritishmalco.club/WjY0SnI7VFcnTTsLVmwHKFoJb0AcEwYMFmhaByxDNAYHcx8gVxopHjVDUCwANVhAZBw/QhF4NDJUcAtAO1tHGiprUXkcMDJsYSYWOWFDBzMNWn4BJTFjcgggLXhWPTt/BHYIHDVyYSA7L3dcCxcfZ1MEMB9BfA4kb2RiekIQblgcKg1dRBgnPV5jHTAAdXMtIxJyYQs+GHQNAiQtY3wCJClnfD0CCG5iISMbUXYpJGoPbgEVD29jIUc/d3Z+OhlRDRAlGAJxAkM9YmMZHhB3UxM2GGRcHCUxD24SNGtudx9HP3dyISgOWgALJjEPbhIzH3F6HAIDVENnPB5iWH4zDE5bKDMcYHYOBTF+Yx84CmFnJTQYYAUMKi1vYB00LnNje0Y/dFMLJBh1WAUqPXRVCwUbfHIbIDtydSYmAmdiCSELf3MJIxdTbHsBCmJYf0AeWlgMKhgCdx1DLlB8LTA4Ylh+MwhnRwQ2D3xSHkMxR3YbJD5kYnI1H3QNHTEbe3IdIzV9dT1KE2NTLToMcAwFMQxsZx8Vb1J2PSQ/dWJ7Jw9aUxoxDH8SIAE1WER3KzJjXgBHYm92eA
Frame ID: 1E66759781A394F4B1CFA5804E0F5A12
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=159634396685282543576
Frame ID: 8B655CB6FDF73CD399C7D0F91E5E5A4C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: F9E7BAEB0321F7B1A6841E87CB9ABD87
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 112D9A2469FFF3A6A3E95D45251E56D0
Requests: 1 HTTP requests in this frame

Frame: https://www.ssaimg.com/~ByK2p5GkPWA/79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png
Frame ID: 3D1B18F89580CB67A3D4F0E0E4A265B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

79
Requests

94 %
HTTPS

30 %
IPv6

34
Domains

53
Subdomains

35
IPs

9
Countries

1207 kB
Transfer

3016 kB
Size

15
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://shrinkearn.com/

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShrinkearnClksh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 67

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=b7ce8ebd-7c97-46c8-b5a7-adcf9a9f5d54

Request Chain 69

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=9PSJUM0wspF6Js0q4rD3&pi=mgid&tc=1

Request Chain 70

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=8864304224196295632&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=189ba111-1337-465d-905c-4519aa804293

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azcxSzBUMTJCcFFs&muidn=k71K0T12BpQl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azcxSzBUMTJCcFFs&muidn=k71K0T12BpQl&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k71K0T12BpQl&google_ula={guid},5&google_gid=CAESEHd39Vr0RVk4oLcGgyvT6us&google_cver=1

Request Chain 72

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=0238cd04-1e77-4aa0-acc4-815acba71e4f&ttl=1598935967

Request Chain 73

https://x.bidswitch.net/sync?dsp_id=303&user_id=k71K0T12BpQl HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k71K0T12BpQl HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=189ba111-1337-465d-905c-4519aa804293

Request Chain 79

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=Yc-Trx6tRF0fH1QEtxmHXVt248FJq917Hy1WQF77YQqnzyzi9t46Yg_Jqg4-fS1Fks_HPKn3o2pQuFdF2la3v1Cq9ObtFtDm-335keLThj3SufHYG7E6mdWapcQQjuZ1v9TCJVEGqLehBhR7gerpiAJWN6TaQxxcVSCEaRO-2-ifOUdH6cAG6Qaed-85hi-87743JG46ESVaFNaPDpg5Mn6eCYj_eyf8TMmrDkAxhAHTllLA-x6tEbAkeY2kVNY_vzpjeRBVTTJbc2y-_jcEJ0AkIfAaTE_XECPI7ULUd1M6USJIz9Ds683wDOKOxTBr7Ji3MNYjHvF0VTpg_JhsyRY-LeV1_Ej_C8NxS5cLiilgfYyck3t-d1ISasF5sjd5BY2JweuCldCPzg6QlwLkWwm5Re8bvImKkvsrjw1fCiWJVm7mn0rhf0pLLEj1TG9P0KK9IoCO2jfCtaU2Gxperfb6gQ3hM34layTOboEUiCC1WWqxc2ECe06zTI7JQ0WHpnetQYisziL5Vm9r6zltt62sJdKBcx7FXKIN23qnVG91UQvf6Ju71DnRkLFiWGFzONZJ0lOcum_rIp8mbwbJ6P9v1gu8wHeu HTTP 302
https://www.ssaimg.com/~ByK2p5GkPWA/79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png

Request Chain 80

https://dspaction.wpu.sh/dsp/cpc/icon/?payload=oyPA-7qI7sdFR2iKflzlj2FTrW_-RgER-K6AI7NgygZ94_Mym2swMq4lS_WNv7P4g1keBO6s2-eAJC7hj7gzXfAXlr3X3AuYiE4Y52QeLfjnU1-_a-myA61x9fnebWK288_V5xyMWWwC5bt8kdi5RCsSgFBj_MAt2cXF6kmzpSj5sW-tW0n7o1xtP4MWdGLMN7ZZvvfB0Dq-UBKZ46iz9oz6RQAP78xMQRtFwdwqqjKx7yZxunhBvJ_Qsxymcw7QTKLrjIoVwd10fCv5hN8GX3IvwKY_TJOciIO7d98Wr_lxPgm3JkXUciTRZRh3fPnT8MD-lE93Jkj1sGYjgFnl26yBe-JQWdPc0TrtKj_T1KUbBOC5OzxW-REj5VqHWPBpf-4ARNGcR250MFQSRTQwV43g9IMZQRGl39l5aXD3SyCyKrYBDmI-yoEDglipGtrjTqQN06l_lLz3vyi5a-qaSQeFLgdsIdNMO3IojdeDwSbzT6dldBq853YnE0CWyozXiaEddp9JfSHZSjy_EiUqzVNxpZxffoVvT4lq_pwK24Jy2DUnlrJn6Gj6O8A8kK2ydC2BFNfFHKvmTN2GpEXF0XKSUcceoLK3ghurd5CCfu4w_vszpRnyNcLjKcR2g-m1QIC2KyNb5SxpudXp3_zj9p5h3gPx2iYLJgylXylXBHyBKjUQykz4GW4CZmviqccusog3vphB7Mrdlt6SRfgctQ.. HTTP 302
https://abc13.feed-xml.com/tracking/icon?adid=0D25F50441416396_465466_534659 HTTP 302
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|76TVja7DsCALPjjzaxgGUtJTXZ-7SIyfNHe5dGAJ7WSS6w5NdnYG89yQ-93Pii9X&cid=939495&f=1&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=01125bb0-d47c-11ea-97f7-e4434b374cb2&psid=799715&cp=154&iub=aHR0cHM6Ly9zLWltZy5hZHNrZWVwZXIuY28udWsvZy82MzYyODg5LzMyOHgzMjgvMHgweDQ5MngzMjgvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURndk1qUTNNekU1THpCbE4yVm1ORFpoT0RneFlURTRZMlUxWlRRMk9UazBNRE14WkRRMk9HVTBMbXB3WldjKi53ZWJw HTTP 301
https://s-img.adskeeper.co.uk/g/6362889/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5LzBlN2VmNDZhODgxYTE4Y2U1ZTQ2OTk0MDMxZDQ2OGU0LmpwZWc%2A.webp

79 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gOfb Show response
tii.ai/ 36 KB
16 KB 403ms
374ms Document
text/html 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e42c2ab4a560cd4a2be587847ef95de9a330bd1d717da32eab5ee2048a43bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tii.ai
:scheme: https
:path: /gOfb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 02 Aug 2020 04:52:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d09575576bd99d0aaa93198d066feccab1596343962; expires=Tue, 01-Sep-20 04:52:42 GMT; path=/; domain=.tii.ai; HttpOnly; SameSite=Lax; Secure AppSession=5ffe7c5be737404f3967eaaf4f512cad; path=/; HttpOnly; secure csrfToken=89488700c5369d65f3b3feca55ad08e7dee2292b8bec0b50c4edebf597f74e2dca27fb9ac5ef3f573cfb4bfec4d0c25ee54418d8828b8072a580aa0156b821c9; path=/; HttpOnly; secure
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 044f1ce46d0000c2f97b1b1200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bc530e71e66c2f9-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Aug 2020 03:16:02 GMT
server: ESF
date: Sun, 02 Aug 2020 04:52:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Aug 2020 04:52:43 GMT

GET
H2 200 styles.min.css
tii.ai/cloud_theme/build/css/ 189 KB
31 KB 19ms
19ms Stylesheet
text/css 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 866392
status: 200
cf-request-id: 044f1ce5e90000c2f97b1ba200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bc530e97996c2f9-FRA
expires: Sat, 22 Aug 2020 04:12:48 GMT

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 50 KB
20 KB 278ms
195ms Script
text/plain 143.204.208.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-29.fra53.r.cloudfront.net
Software: /
Resource Hash: 85c7e27ea6f4ccf37bb86b29da54e250006ef4ee1137c9da9f1880ba6b84df67

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 19767
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
x-amz-cf-id: Fg1PnNeFqtWJhwFxANO2jz4BNVs4uU5s2CEn8f3xS3O77f6eq_Lo-g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9d9cba47e028112043893dbbc7a506286f838c40c621bd97d1466341dae3d2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34198
x-xss-protection: 0
last-modified: Sun, 02 Aug 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Aug 2020 04:52:43 GMT

GET
H2 200 hmpglogo228x70.png
shrinkearn.com/webroot/modern_theme/img/ 4 KB
5 KB 43ms
15ms Image
image/png 2606:4700:20::6819:842c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkearn.com/webroot/modern_theme/img/hmpglogo228x70.png

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:842c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15277749
cf-polished: origSize=5281
status: 200
content-length: 4186
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 03:42:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Sat, 06 Feb 2021 09:03:33 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 044f1ce7300000c2e5713b3200000001
accept-ranges: bytes
cf-ray: 5bc530eb8be0c2e5-FRA
cf-bgj: imgq:100

GET
H/1.1 200
OK 14504 Show response
fenailany.com/trVUCXBUCLLp/ 0
1 KB 179ms
41ms Script
text/html 51.178.195.173
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fenailany.com/trVUCXBUCLLp/14504

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

51.178.195.173 , France, ASN16276 (OVH, FR),

Reverse DNS

ip173.ip-51-178-195.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 02 Aug 2020 04:52:43 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H2 200 / Show response
d1ks8roequxbwa.cloudfront.net/ 84 KB
31 KB 292ms
199ms Script
text/plain 13.35.253.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.207 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-207.fra6.r.cloudfront.net
Software: /
Resource Hash: 840a035b9cce21e929aaac168a18f0ffce4e4b4e1abf19e98164d491f97e8117

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 30948
via: 1.1 df86e917220bc08caa68b0eb8ddabe91.cloudfront.net (CloudFront)
x-amz-cf-id: zrlDDSIMjq2zn04LwP0ropYPti5Of3K1lbiDJoV06WUHcz0DeWfQdA==

GET
H2 200 sw_2735395.js Show response
tii.ai/ 93 KB
34 KB 23ms
23ms Script
application/javascript 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/sw_2735395.js

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186904
status: 200
cf-request-id: 044f1ce7050000c2f97b1c3200000001
last-modified: Wed, 08 Jan 2020 13:18:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bc530eb3bd9c2f9-FRA
expires: Tue, 18 Aug 2020 11:10:58 GMT

GET /
d3al52d8cojds7.cloudfront.net/ 0
0

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 47ms
13ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 03:52:05 GMT
server: cloudflare
age: 23838188
etag: W/"5d941ee5-1c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bc530eb8ee1dfe7-FRA
cf-request-id: 044f1ce7380000dfe78213a200000001
expires: Sun, 25 Oct 2020 07:09:35 GMT

GET
H2 200 ads.js Show response
tii.ai/js/ 191 B
268 B 12ms
10ms Script
application/javascript 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/js/ads.js?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186944
status: 200
cf-request-id: 044f1ce7170000c2f97b1c4200000001
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bc530eb5c00c2f9-FRA
expires: Tue, 18 Aug 2020 11:10:18 GMT

GET
H2 200 script.min.js Show response
tii.ai/cloud_theme/build/js/ 202 KB
57 KB 25ms
23ms Script
application/javascript 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1246775
status: 200
cf-request-id: 044f1ce7170000c2f97b1c5200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bc530eb5c02c2f9-FRA
expires: Mon, 17 Aug 2020 18:33:05 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
907 B 65ms
15ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a02f96cfc9407ea221d62bd3404a88078c854b20647b5ebcd8a091b6490d70cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Sun, 02 Aug 2020 04:52:43 GMT

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 NewBackground.jpeg
shrinkearn.com/webroot/modern_theme/img/ 176 KB
176 KB 46ms
18ms Image
image/jpeg 2606:4700:20::6819:842c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkearn.com/webroot/modern_theme/img/NewBackground.jpeg

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:842c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17854407
cf-polished: origSize=180059
status: 200
content-length: 179836
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2018 04:35:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Thu, 07 Jan 2021 13:19:15 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 044f1ce7300000c2e5713b4200000001
accept-ranges: bytes
cf-ray: 5bc530eb8be2c2e5-FRA
cf-bgj: imgq:100

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Wed, 08 Jul 2020 23:44:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 2092096
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:44:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1142
date: Sun, 02 Aug 2020 04:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sun, 02 Aug 2020 06:33:41 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 880057
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 23 Jul 2021 00:25:06 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=839810114&t=pageview&_s=1&dl=https%3A%2F%2Ftii.ai%2FgOfb&ul=en-us&de=UTF-8&dt=ShrinkEarn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1978689208&gjid=1177991683&cid=101567397.1596343963&tid=UA-113561579-1&_gid=354561588.1596343963&_r=1&gtm=2ou7m1&z=511538044

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 utx Show response
dlycritishmalco.club/ 0
404 B 177ms
121ms XHR
text/plain 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/utx?cb=kCPJbRsJoiQq&top=tii.ai&tid=832295
Requested by: Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:43 GMT
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 3hFaOBwqvDhjyQ9pgjCLX1_O111urc7D9tTU3g5iQX5P8cx5Ru2_QA==

GET
H2 200 FGADKR8iNi4tPRYKFggYRAoKIDMUPxgmCR8lYAYcRAYUJnoPEBgab0cQPzUAExMdWjslJRAlKRg9DjR7N2c4Kn8XBzQGOBM+NTEpGCI+Kgs8KhYxAzIANDcvLwQhNy8iJjQxGC8jfwg5GjwpXx0FFA87JAAqGws9
dlycritishmalco.club/Ykp1UlkDKBY/ZgN3F3QsECZId2skb0cUPVMhBmorDS8EJyEAPRR8Og4lADY/ECUbJncMLwF3ayR9IhQbFBNEMW4yPTAUOCE9QBFoVzwUYBMGHRgYfFAIOjouLwUmOi0tCDgAHQUhNxQwWis6ADEkAwwbaTcmMyoXJg83EB4Sb0cQFzMP... Frame 7C25 0
0 163ms
119ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/Ykp1UlkDKBY/ZgN3F3QsECZId2skb0cUPVMhBmorDS8EJyEAPRR8Og4lADY/ECUbJncMLwF3ayR9IhQbFBNEMW4yPTAUOCE9QBFoVzwUYBMGHRgYfFAIOjouLwUmOi0tCDgAHQUhNxQwWis6ADEkAwwbaTcmMyoXJg83EB4Sb0cQFzMPNDM0DngxNTpTECIAEyQzFmEWUwMiHQ0VezYDNlcaIQATJCAvPgkzCy8CMzNyMTkDDgIYBBs3eT8jACcpOhwzEX80ADpWAQ86EjcII2sADnI+HQoVezRiAw4rMWIWIwI/IwAjCyQxNBItM2IDDisyFD8yDS8hHVNnBRk6DzoSFjEvJDsWDDsIHwcjLRgBFQMwfxkKHzB/FGADKR8iNi4tPRYKFggYRAoKIDMUPxgmCR8lYAYcRAYUJnoPEBgab0cQPzUAExMdWjslJRAlKRg9DjR7N2c4Kn8XBzQGOBM+NTEpGCI+Kgs8KhYxAzIANDcvLwQhNy8iJjQxGC8jfwg5GjwpXx0FFA87JAAqGws9
Requested by: Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /Ykp1UlkDKBY/ZgN3F3QsECZId2skb0cUPVMhBmorDS8EJyEAPRR8Og4lADY/ECUbJncMLwF3ayR9IhQbFBNEMW4yPTAUOCE9QBFoVzwUYBMGHRgYfFAIOjouLwUmOi0tCDgAHQUhNxQwWis6ADEkAwwbaTcmMyoXJg83EB4Sb0cQFzMPNDM0DngxNTpTECIAEyQzFmEWUwMiHQ0VezYDNlcaIQATJCAvPgkzCy8CMzNyMTkDDgIYBBs3eT8jACcpOhwzEX80ADpWAQ86EjcII2sADnI+HQoVezRiAw4rMWIWIwI/IwAjCyQxNBItM2IDDisyFD8yDS8hHVNnBRk6DzoSFjEvJDsWDDsIHwcjLRgBFQMwfxkKHzB/FGADKR8iNi4tPRYKFggYRAoKIDMUPxgmCR8lYAYcRAYUJnoPEBgab0cQPzUAExMdWjslJRAlKRg9DjR7N2c4Kn8XBzQGOBM+NTEpGCI+Kgs8KhYxAzIANDcvLwQhNy8iJjQxGC8jfwg5GjwpXx0FFA87JAAqGws9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1226
date: Sun, 02 Aug 2020 04:52:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: nCxb4EO43YYDmaLDa6Gtqd4OsMytE4K2TKQr0xUY1HpVHjufB8nRSg==

GET
H2 200 cEROV1ELZj0gDgU2InVrUiw6IyEDfmF4JRktYDY4Xzc5CGNHd3tkaEVqJCRzXGY9OjdSfn97cwQlKQg4FGZ0dWlAcXZvZVJobCQkEhsnM2NSfmxjZUN9f2dgRGkoZWVAaXpgZEhpdjFiSGkvbmFGc3tnYUZ3ezNzDQ Show response
aphycolourses.info/ 58 KB
24 KB 406ms
152ms Script
application/javascript 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/cEROV1ELZj0gDgU2InVrUiw6IyEDfmF4JRktYDY4Xzc5CGNHd3tkaEVqJCRzXGY9OjdSfn97cwQlKQg4FGZ0dWlAcXZvZVJobCQkEhsnM2NSfmxjZUN9f2dgRGkoZWVAaXpgZEhpdjFiSGkvbmFGc3tnYUZ3ezNzDQ
Requested by: Host: tii.ai
URL: https://tii.ai/sw_2735395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-219-129.compute-1.amazonaws.com
Software: / Express
Resource Hash: 8fee5d08f0c5de46971a69552c03dd5cd371b1b1e738872f0f882b9cc0526f8b

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e730-M15N5hk3cLzB6cG7nAFixUOmGUE"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK b65d5fbe69 Show response
s3.amazonaws.com/96ebf5d56b55e562349a4dc9180f8bf2b978c3cc67550da898849ea0/ 17 KB
18 KB 499ms
141ms XHR
binary/octet-stream 52.216.140.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/96ebf5d56b55e562349a4dc9180f8bf2b978c3cc67550da898849ea0/b65d5fbe69
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.140.14 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bc5e66a8c833e1063b73f601cf5aaea30c401d38d75f2527520871bb05a8db62

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 02 Aug 2020 04:52:45 GMT
x-amz-meta-pragma: no-cache
x-amz-request-id: 917B3CBFCB3C955E
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length: 17348
x-amz-id-2: lDRvSFhCZIvbtpjJVIff9OdEUytxPETLgTTb1R8a/ErzsB9nTDQX4G3AuIzNmY7SvzqigVhW83c=
Last-Modified: Sun, 02 Aug 2020 00:15:09 GMT
Server: AmazonS3
ETag: "c1b58a31845976316dbbc39b92d9495f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 footer.jpg
tii.ai/cloud_theme/build/img/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tii.ai/cloud_theme/build/img/footer.jpg

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12793478
status: 200
content-length: 6152
cf-request-id: 044f1ce8090000c2f97b1c9200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5bc530ecddabc2f9-FRA
expires: Sun, 07 Mar 2021 03:08:02 GMT

GET
H2 200 fontawesome-webfont.woff2
tii.ai/cloud_theme/build/fonts/ 75 KB
76 KB 11ms
10ms Font
font/woff2 2606:4700:3037::ac43:976d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:976d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://tii.ai

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 228957
status: 200
content-length: 77160
cf-request-id: 044f1ce80a0000c2f97b1ca200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5bc530ecddadc2f9-FRA
expires: Thu, 06 Aug 2020 13:16:44 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Tue, 14 Jul 2020 13:19:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 1611185
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Wed, 14 Jul 2021 13:19:38 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame BC74 3 KB
3 KB 641ms
204ms Script
application/javascript 54.149.11.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/gOfb&cb=225300508&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/gOfb
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.11.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-11-161.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 7245e9f7a69e849babc1e8b45af7272396890c8c7f8a938e871437615576a263

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 02 Aug 2020 04:52:44 GMT
server: nginx
x-adtrue-instance: java2
content-length: 3336
content-type: application/javascript

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 257 KB
70 KB 23ms
8ms Script
text/javascript 2600:9000:214f:400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b80635d65f907b3eccd5b25b9ce269f3ea4ae3ff47ac34d59e533dc782aef80

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 02 Aug 2020 04:42:28 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 22:07:20 GMT
server: AmazonS3
age: 615
etag: "2199494e2561c37afe3b476b00aff1dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: t-nE-Pk966AhhRRhj00JneMGwDXsFWj1qjJXornf2ROGtDri7JOVMg==
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)

GET
H2 200 XB0EDwJaGwAuPGcNIQENZQMFLz8BEAN4PFgPFx8xaBk+ESxcHwcAAlMZEBgoAQ8XHzFxEnc7K1wEMCwrHXoVHzhxORQMCnwcEjk7Zhs+EyZiDwAAOGZvdAsoSCYTCwRXDQR5UFIAEwsIczIQbFt2Lj4DP3EJAC0xcQMQLx5iGwclJF0dPnwqcSR3ETFIHCAAL3UZE...
dlycritishmalco.club/aTBKRkkIUikrdggNKGA8G1x3Y3svFXgALQoFIX4vDgUjKSpRQ2QlJQZFLiA7Bl4+aCcMRG90Dy59D3Z5JwIuEgAFQBgRDDhbHwc5D3ECIQQtAQcRA1lUEwUcK0cYEAAYYjAUBwtXAA4DEXoODh87RwguDCVlGQgdKlsMEABYUwEQITBD... Frame 9ABA 0
0 206ms
206ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/aTBKRkkIUikrdggNKGA8G1x3Y3svFXgALQoFIX4vDgUjKSpRQ2QlJQZFLiA7Bl4+aCcMRG90Dy59D3Z5JwIuEgAFQBgRDDhbHwc5D3ECIQQtAQcRA1lUEwUcK0cYEAAYYjAUBwtXAA4DEXoODh87RwguDCVlGQgdKlsMEABYUwEQITBDHwAfCHINMgg7RyIkKix2EAd4PEISECIqZg0yCz9cOiIAAgUvBXgeQw8XHAFyHQsMLFwfBxM/XB0EDwJaGwAuPGcNIQENZQMFLz8BEAN4PFgPFx8xaBk+ESxcHwcAAlMZEBgoAQ8XHzFxEnc7K1wEMCwrHXoVHzhxORQMCnwcEjk7Zhs+EyZiDwAAOGZvdAsoSCYTCwRXDQR5UFIAEwsIczIQbFt2Lj4DP3EJAC0xcQMQLx5iGwclJF0dPnwqcSR3ETFIHCAAL3UZEBEzAQg+JTF4JC0PKwEbIyweZRkQGCgVeAQfP3UNFyA4YggVDC9WLQsTP3EQNBg4X2wsOgZeOns4DH09PzAwVT0s
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /aTBKRkkIUikrdggNKGA8G1x3Y3svFXgALQoFIX4vDgUjKSpRQ2QlJQZFLiA7Bl4+aCcMRG90Dy59D3Z5JwIuEgAFQBgRDDhbHwc5D3ECIQQtAQcRA1lUEwUcK0cYEAAYYjAUBwtXAA4DEXoODh87RwguDCVlGQgdKlsMEABYUwEQITBDHwAfCHINMgg7RyIkKix2EAd4PEISECIqZg0yCz9cOiIAAgUvBXgeQw8XHAFyHQsMLFwfBxM/XB0EDwJaGwAuPGcNIQENZQMFLz8BEAN4PFgPFx8xaBk+ESxcHwcAAlMZEBgoAQ8XHzFxEnc7K1wEMCwrHXoVHzhxORQMCnwcEjk7Zhs+EyZiDwAAOGZvdAsoSCYTCwRXDQR5UFIAEwsIczIQbFt2Lj4DP3EJAC0xcQMQLx5iGwclJF0dPnwqcSR3ETFIHCAAL3UZEBEzAQg+JTF4JC0PKwEbIyweZRkQGCgVeAQfP3UNFyA4YggVDC9WLQsTP3EQNBg4X2wsOgZeOns4DH09PzAwVT0s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1219
date: Sun, 02 Aug 2020 04:52:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: 3qNsZOlMqOcZBJS2kninSpHg1L2eFKxqlj6PmYQHBnQQ4d3Ky2Kqkw==

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/ 329 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 04:05:59 GMT
server: sffe
age: 476692
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133012
x-xss-protection: 0
expires: Tue, 27 Jul 2021 16:27:51 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v35/ Frame B8F3 0
0 23ms
8ms Document
text/html 2600:9000:214f:5200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v35/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v35/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 09 Jul 2020 22:07:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Aug 2020 04:48:09 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: p7HB1RJOcT1lZhtNOWNOMoTsOeJ3kRZ-KH78cXFCa8fj7dLvi9x1xA==
age: 275

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 7A89 0
0 27ms
26ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=i4n7g8f55faz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ampjS1jNTMK/hFXAXcjtvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=i4n7g8f55faz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 Aug 2020 04:52:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-ampjS1jNTMK/hFXAXcjtvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10232
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v35/ 250 KB
68 KB 10ms
10ms Script
text/javascript 2600:9000:214f:5200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5473df52a14c0356aec01678c4eb7b16c1311a18519f7c1fc8d37bb7cafe9dda

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:50:11 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 22:07:14 GMT
server: AmazonS3
age: 153
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: UKo_d3XRq26eCma9g4QGQ2W16wSQlRoZwyFddmRuzk5ilAX7wm_nWA==
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 99 KB
18 KB 22ms
8ms XHR
application/json 2600:9000:2057:5000:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:5000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 16:10:33 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 218531
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 16:00:38 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: reOIFJV51MP7DSnJY4Drcaf.WGBefbQC
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: Vr6YhJpWjWAu3ZcIHgsppFpd6HwNuZhWcUsB85wtaDemBpXkAYREqQ==

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
259 B 89ms
35ms XHR
application/json 35.156.249.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.249.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:43 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://tii.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame AE78 0
0 16ms
16ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=ewif7h1dxqcf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d+qoq2vz7/d6dSKqDNNfkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=ewif7h1dxqcf
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 02 Aug 2020 04:52:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-d+qoq2vz7/d6dSKqDNNfkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 popunder.gif
ettyjokilint.club/ 35 B
367 B 261ms
207ms Image
image/gif 143.204.89.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ettyjokilint.club/popunder.gif
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-126.fra50.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Aug 2020 04:52:44 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id: 425VwuXck8S6hp2lafY0gF8FCpBWLYIsFtfrt0qcMo8CdZjUi74UHQ==

GET
H2 200 JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D Show response
d2l3f1n039mza.cloudfront.net/ 423 KB
137 KB 212ms
191ms Script
text/plain 2600:9000:214f:8a00:3:99db:e580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:8a00:3:99db:e580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3559d7775cf7a8ba83152013893c921c2e845639a507424ca967d7bdd8976cc5

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:44 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 139403
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id: Pzuk-IdBR16sxO7N8f2UMglHO3u2a-wsN2aVkwd4rZV4wpSB6OczSg==

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
476 B 88ms
29ms XHR
text/html 13.35.254.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1596343964281;AdShort%20Media%20Advertising;https%3A%2F%2Ftii.ai%2FgOfb;;;;;b,off,false,,1,en,35,213,true,false,false;displayConsentUi:mandatory,;GDPR-t0ql64x2gnhq7w3fptvg
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-87.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 03:12:04 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Origin
age: 6041
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: mu9APe12eq1DJ_Xpib-J9QUt1vgHPfWG3XRUP1Ig6PzRwQR0pTtHhw==

GET
H2 200 prebid3.16.0.js Show response
cdn.adtrue.com/pb/ Frame BC74 175 KB
56 KB 17ms
17ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/gOfb&cb=225300508&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 02:42:42 GMT
server: cloudflare
age: 8641717
etag: W/"5e9d0c22-2bc02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bc530f10f7adfe7-FRA
cf-request-id: 044f1ceaa50000dfe78217b200000001
expires: Mon, 19 Apr 2021 04:24:07 GMT

GET
H2 200 request
track.adtrue.com/track/ Frame 1C8D 0
0 629ms
198ms Document
text/html 35.165.10.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2FgOfb&loc=https%3A%2F%2Ftii.ai%2FgOfb
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/gOfb&cb=225300508&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.10.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-10-112.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2FgOfb&loc=https%3A%2F%2Ftii.ai%2FgOfb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
date: Sun, 02 Aug 2020 04:52:44 GMT
content-type: text/html
content-length: 397
server: nginx
x-host-name: java1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BC74 19 B
705 B 39ms
39ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 02 Aug 2020 04:52:44 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid: 9a6a6aa1-44be-451e-979c-89e99bb3dba5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame BBD0 692 B
550 B 14ms
14ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 06:49:22 GMT
server: cloudflare
age: 26861372
etag: W/"5833ea72-2b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bc530f1a883dfe7-FRA
cf-request-id: 044f1ceb040000dfe78217f200000001
expires: Sun, 20 Sep 2020 07:23:12 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame BBD0 511 B
598 B 203ms
203ms Script
application/javascript 54.149.11.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1827060365
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.11.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-11-161.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 51ddb9e33f565949cd20591a0c4e154f8482165ff0c04503d45feb4ddcd62f3c

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sun, 02 Aug 2020 04:52:44 GMT
server: nginx
content-length: 511
content-type: application/javascript

GET
H2 200 floater Show response
dlycritishmalco.club/ 11 KB
8 KB 635ms
634ms XHR
text/plain 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/floater?tid=832295&red=1&cs=WHNDUWlpRXFmXDlFc2kLORdyYllo&abt=0&v=0.5.43.1&sm=83&k=daily%20make%20with%20india%20money%20highest%20paying%20best%20shortener&sts=0&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Ftii.ai%2FgOfb&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_Etgi=1596343964462&crc=1
Requested by: Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: a97ba49246a5342385a512cb930ddbc7119f71fdcaede7f398ed2c1c45396315

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:45 GMT
content-encoding: gzip
server: openresty/1.17.8.2
x-amz-cf-pop: FRA54
status: 200
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: text/plain
content-length: 7163
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-id: TLGOMjsicw6JtIisqrpJgCc3PQZI-1TqwAtBs7Bb9Et8hfNsJrPwwg==

GET
H2 200 exchange.adtrue.com.892972.js Show response
jsc.mgid.com/e/x/ Frame BBD0 222 KB
60 KB 86ms
40ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1827060365
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8cec1160d77c1f447c83e354b09b8bf21ec1eda8487d7610e0d6f43dcea0bd

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4482
cf-polished: origSize=227268
status: 200
last-modified: Wed, 29 Jul 2020 13:41:00 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 12C7BAE1FA81313A
x-amz-id-2: E4+9fcoe02QlOlORCeEDW9SJPxlwhxJ8AID1xALbEJFekAw90lC17t+D+lLy+/Ee+3XPPtfCl0M=
cf-bgj: minify
server: cloudflare
etag: W/"a5bb55b19ae0817cddd3d72d9b3af0d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 044f1cec1c0000cc4eac279200000001
cf-ray: 5bc530f36e17cc4e-ZRH
expires: Sun, 02 Aug 2020 05:52:44 GMT

GET
H2 200 passback
track.adtrue.com/track/ Frame 12DA 0
0 316ms
198ms Document
text/html 35.165.10.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/passback?pzoneid=18694
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1827060365
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.10.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-10-112.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/passback?pzoneid=18694
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
date: Sun, 02 Aug 2020 04:52:44 GMT
content-type: text/html
content-length: 0
server: nginx
x-host-name: java4

GET
H2 204 utx Show response
dlycritishmalco.club/ 0
405 B 116ms
116ms XHR
text/plain 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/utx?cb=JCwpLoLOizVI&top=tii.ai&tid=758838
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:46 GMT
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 4WKzoUzWn_ojY4rMDICx1nCmHIrwyBojF-Yj5StNDJsDbz33jcP-sg==

GET
H2 200 VUZISkM0JCsnfDR7Kmw2Jyp1b3ETY3oMJ2cqeyxyO3Z7cy4vJ2YpLzozLCwxOig8ZC0wMm14BSEfHzoTMA4ZCQEGAy0ZOwACA3oVERAOAHAGdjACAhExEA0rEx4PenMXEz8LKwQCBSQXETULDwUtHykYEgMCP3s6DS4NGgANDAIfJBQJBB8VFBQwfmZnAA4yejYOC...
dlycritishmalco.club/ Frame 9E24 0
0 122ms
122ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/VUZISkM0JCsnfDR7Kmw2Jyp1b3ETY3oMJ2cqeyxyO3Z7cy4vJ2YpLzozLCwxOig8ZC0wMm14BSEfHzoTMA4ZCQEGAy0ZOwACA3oVERAOAHAGdjACAhExEA0rEx4PenMXEz8LKwQCBSQXETULDwUtHykYEgMCP3s6DS4NGgANDAIfJBQJBB8VFBQwfmZnAA4yejYOC34bFz4RBgoXFw4JKCJwDx8oGAQcHxESB3gGIj4pMRwGB2N6DBsAHBobKhwcDj0kEAkwKQsWE3FyDDkAHB0qDBEJCxISJyM6BhEHOzkbABwaCBctIhomBgYnIzoGAAAnGxAAB214AQ10ZRAnByoNBhMiIREIAWU3DyJ7HA4lOggYKhoQJhMcABxzbH8bDDQeByI5FRIDGhMHE3cPHxIMKw0yBRARAHIlEBcBCAoTABofcjo1DQsaGgQxOicHLywZJRMcDR5yYGN6CBAQIhgSC2AiGiYGDwogfhUQMQY7ED8MHR0bPREaeycYCSMfEgAqJHIEBwwbHzpkBA0MGhwjIHoRFzF9eQsAEB8dGyYnGhsWGiAaPREUMW4gMDooOHcXYDN6IC1tAQ4
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /VUZISkM0JCsnfDR7Kmw2Jyp1b3ETY3oMJ2cqeyxyO3Z7cy4vJ2YpLzozLCwxOig8ZC0wMm14BSEfHzoTMA4ZCQEGAy0ZOwACA3oVERAOAHAGdjACAhExEA0rEx4PenMXEz8LKwQCBSQXETULDwUtHykYEgMCP3s6DS4NGgANDAIfJBQJBB8VFBQwfmZnAA4yejYOC34bFz4RBgoXFw4JKCJwDx8oGAQcHxESB3gGIj4pMRwGB2N6DBsAHBobKhwcDj0kEAkwKQsWE3FyDDkAHB0qDBEJCxISJyM6BhEHOzkbABwaCBctIhomBgYnIzoGAAAnGxAAB214AQ10ZRAnByoNBhMiIREIAWU3DyJ7HA4lOggYKhoQJhMcABxzbH8bDDQeByI5FRIDGhMHE3cPHxIMKw0yBRARAHIlEBcBCAoTABofcjo1DQsaGgQxOicHLywZJRMcDR5yYGN6CBAQIhgSC2AiGiYGDwogfhUQMQY7ED8MHR0bPREaeycYCSMfEgAqJHIEBwwbHzpkBA0MGhwjIHoRFzF9eQsAEB8dGyYnGhsWGiAaPREUMW4gMDooOHcXYDN6IC1tAQ4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x; csu=b62d76d8-3b4a-449a-ab06-fd7d1ff85d42; fv=rjk4qTr9rHU7qcEFqjU7rHnHpjg9vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1257
date: Sun, 02 Aug 2020 04:52:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: mNvKzFPz4ibHGY9Tr0iZo0VWEDeOJEX6J3Gbd9VTihe2LhBF80nh0A==

GET
H2 204 utx Show response
dlycritishmalco.club/ 0
405 B 199ms
199ms XHR
text/plain 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/utx?cb=rxBtp4wz7csR&top=tii.ai&tid=816960
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:46 GMT
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: jqTz7v3ePd6MPJtq5nnAia_qSH-bMlMt8MRA4DJ9D4DC0A6NdEzHYg==

GET
H2 200 I3tBHl0kdyECBTt5HDouLls2GzwNVgEZL310MksKeHkPLTssZSU0Pw17QjVdO2kxIFV5eQ89SyJCGBYddUsBHTV9Zi0eNHpBFEs
dlycritishmalco.club/d3htSDEWGg4lDhZFD25EBRRQbQMxXV8OVUUUXi4AGUhecVwNGUMrXRgNCS5DGBYZZl8SDEh6d0QbOHljEhYgG3gdQA4ccCITIx1VOyklPF4jPSMQew4xOwBgMQ8mP0YgMzUvdj46OCdXDj03GXcUTSYwBDgpXzsIMABdH1I/GwsAYz0P... Frame E270 0
0 118ms
118ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/d3htSDEWGg4lDhZFD25EBRRQbQMxXV8OVUUUXi4AGUhecVwNGUMrXRgNCS5DGBYZZl8SDEh6d0QbOHljEhYgG3gdQA4ccCITIx1VOyklPF4jPSMQew4xOwBgMQ8mP0YgMzUvdj46OCdXDj03GXcUTSYwBDgpXzsIMABdH1I/GwsAYz0PNA5GJD4+cUIjFDgOYSNMPxxWFAs9L1oyPS4BCDQABRB+MzolAFlDSyIKaBE9KiBbJz03LlcvKiQZABwfIApaFjAXIxRFOi4aRSIeBQZXJi0oI2EATDoAZh8SPiAFJjQDGngmAFltAzUcKCB1NC8FImIcMi8NXFo6IgR0JRMJDVkzPSl4WTEQNA96MzU/D1YhFzQySTApAzgURT4+HWciHl8OYjA6Bn1hNSI6GUZCSD4NfBMyKSdXIRMjcX8fQDwPWD1MNXh3NTQHI3g/OhonVTIfXBtpQl1fDmIbSSsudjEyNR1VTxwoIHU2ERp7dgA9NCl2OkA/I3tBHl0kdyECBTt5HDouLls2GzwNVgEZL310MksKeHkPLTssZSU0Pw17QjVdO2kxIFV5eQ89SyJCGBYddUsBHTV9Zi0eNHpBFEs
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /d3htSDEWGg4lDhZFD25EBRRQbQMxXV8OVUUUXi4AGUhecVwNGUMrXRgNCS5DGBYZZl8SDEh6d0QbOHljEhYgG3gdQA4ccCITIx1VOyklPF4jPSMQew4xOwBgMQ8mP0YgMzUvdj46OCdXDj03GXcUTSYwBDgpXzsIMABdH1I/GwsAYz0PNA5GJD4+cUIjFDgOYSNMPxxWFAs9L1oyPS4BCDQABRB+MzolAFlDSyIKaBE9KiBbJz03LlcvKiQZABwfIApaFjAXIxRFOi4aRSIeBQZXJi0oI2EATDoAZh8SPiAFJjQDGngmAFltAzUcKCB1NC8FImIcMi8NXFo6IgR0JRMJDVkzPSl4WTEQNA96MzU/D1YhFzQySTApAzgURT4+HWciHl8OYjA6Bn1hNSI6GUZCSD4NfBMyKSdXIRMjcX8fQDwPWD1MNXh3NTQHI3g/OhonVTIfXBtpQl1fDmIbSSsudjEyNR1VTxwoIHU2ERp7dgA9NCl2OkA/I3tBHl0kdyECBTt5HDouLls2GzwNVgEZL310MksKeHkPLTssZSU0Pw17QjVdO2kxIFV5eQ89SyJCGBYddUsBHTV9Zi0eNHpBFEs
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x; csu=b62d76d8-3b4a-449a-ab06-fd7d1ff85d42; fv=rjk4qTr9rHU7qcEFqjU7rHnHpjg9vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1268
date: Sun, 02 Aug 2020 04:52:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: QMzVLlMlnxXSieH3NuQBZnLh4YEWiDKgIZXMb-piPofnZVH4ACLYKw==

GET
H2 200 J0ktAD8PQCJjZyEeIgoA
dlycritishmalco.club/dGE5UVcVA1o8aBVcW3ciBg0EdGUyRAsXM0YNCjdmGlEKaDoOABcyOxsUXTclGw9NfzkRFRxjES02bCkjLRtwZx4DLH8VBEQNegdjMgNxAwEhIE10ZTIrUWUaLCJVKR4iEVoQDxMUdgAGAitQZAYtUgFlEQMCaTBlGyN4PSBRU3syAgcm... Frame 2C63 0
0 115ms
115ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/dGE5UVcVA1o8aBVcW3ciBg0EdGUyRAsXM0YNCjdmGlEKaDoOABcyOxsUXTclGw9NfzkRFRxjES02bCkjLRtwZx4DLH8VBEQNegdjMgNxAwEhIE10ZTIrUWUaLCJVKR4iEVoQDxMUdgAGAitQZAYtUgFlEQMCaTBlGyN4PSBRU3syAgcmYRUnDDl8BwMkMgwAAQwwSh0BNS5hAhoYIGhoAxIpDSMBHBlJMAFNNX47BgAlXiE0ODJ0NBQMBUgVPBwzeDsWHSZoCzISKQw1ExgsDzABTTVhAicEOQgfHBIpDDUCEyh+NwEfWXtiFQQ5CB8DPzVOExUfNAEdMFk4cgM5DEQLExxFOHszOj4EbwMzBgd8BB4jCAk5FiE4eBY6GAdsYGMDK045EDUmUiMUNSNjHzoiKGwAHkIre2kaLBtBIQ8NNHIwOj4FbQANGwd/ZBk2JlEhD0Uvex4UGyx8ByNMB1AlADU2DDgPGDRsHR8xK2wQEQUtaCUGNxtNYBQiM2gzFB8oewcNHCpvKQI1NgkkDzUFbjAuEyh4AHEeElY/J0ktAD8PQCJjZyEeIgoA
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /dGE5UVcVA1o8aBVcW3ciBg0EdGUyRAsXM0YNCjdmGlEKaDoOABcyOxsUXTclGw9NfzkRFRxjES02bCkjLRtwZx4DLH8VBEQNegdjMgNxAwEhIE10ZTIrUWUaLCJVKR4iEVoQDxMUdgAGAitQZAYtUgFlEQMCaTBlGyN4PSBRU3syAgcmYRUnDDl8BwMkMgwAAQwwSh0BNS5hAhoYIGhoAxIpDSMBHBlJMAFNNX47BgAlXiE0ODJ0NBQMBUgVPBwzeDsWHSZoCzISKQw1ExgsDzABTTVhAicEOQgfHBIpDDUCEyh+NwEfWXtiFQQ5CB8DPzVOExUfNAEdMFk4cgM5DEQLExxFOHszOj4EbwMzBgd8BB4jCAk5FiE4eBY6GAdsYGMDK045EDUmUiMUNSNjHzoiKGwAHkIre2kaLBtBIQ8NNHIwOj4FbQANGwd/ZBk2JlEhD0Uvex4UGyx8ByNMB1AlADU2DDgPGDRsHR8xK2wQEQUtaCUGNxtNYBQiM2gzFB8oewcNHCpvKQI1NgkkDzUFbjAuEyh4AHEeElY/J0ktAD8PQCJjZyEeIgoA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x; csu=b62d76d8-3b4a-449a-ab06-fd7d1ff85d42; fv=rjk4qTr9rHU7qcEFqjU7rHnHpjg9vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1250
date: Sun, 02 Aug 2020 04:52:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: Gb_Hdal7b7grtif0W-Zs_G23Tov2TykMFSl7YnHHlhKKiE8HxLioTQ==

GET
H2 204 utx Show response
dlycritishmalco.club/ 0
404 B 118ms
118ms XHR
text/plain 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/utx?cb=Y94xe9EKyKD9&top=tii.ai&tid=773609
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:46 GMT
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA54
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: lB63QMu3vSuAvYhpNiar478Qzf87Uma2V0EKCp1a3-AL0FfB5nmugQ==

GET
H2 200 dWJ7Jw9aUxoxDH8SIAE1WER3KzJjXgBHYm92eA
dlycritishmalco.club/WjY0SnI7VFcnTTsLVmwHKFoJb0AcEwYMFmhaByxDNAYHcx8gVxopHjVDUCwANVhAZBw/QhF4NDJUcAtAO1tHGiprUXkcMDJsYSYWOWFDBzMNWn4BJTFjcgggLXhWPTt/BHYIHDVyYSA7L3dcCxcfZ1MEMB9BfA4kb2RiekIQblgcKg1d... Frame 1E66 0
0 117ms
116ms Document
text/html 52.222.174.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlycritishmalco.club/WjY0SnI7VFcnTTsLVmwHKFoJb0AcEwYMFmhaByxDNAYHcx8gVxopHjVDUCwANVhAZBw/QhF4NDJUcAtAO1tHGiprUXkcMDJsYSYWOWFDBzMNWn4BJTFjcgggLXhWPTt/BHYIHDVyYSA7L3dcCxcfZ1MEMB9BfA4kb2RiekIQblgcKg1dRBgnPV5jHTAAdXMtIxJyYQs+GHQNAiQtY3wCJClnfD0CCG5iISMbUXYpJGoPbgEVD29jIUc/d3Z+OhlRDRAlGAJxAkM9YmMZHhB3UxM2GGRcHCUxD24SNGtudx9HP3dyISgOWgALJjEPbhIzH3F6HAIDVENnPB5iWH4zDE5bKDMcYHYOBTF+Yx84CmFnJTQYYAUMKi1vYB00LnNje0Y/dFMLJBh1WAUqPXRVCwUbfHIbIDtydSYmAmdiCSELf3MJIxdTbHsBCmJYf0AeWlgMKhgCdx1DLlB8LTA4Ylh+MwhnRwQ2D3xSHkMxR3YbJD5kYnI1H3QNHTEbe3IdIzV9dT1KE2NTLToMcAwFMQxsZx8Vb1J2PSQ/dWJ7Jw9aUxoxDH8SIAE1WER3KzJjXgBHYm92eA
Requested by: Host: d2l3f1n039mza.cloudfront.net
URL: https://d2l3f1n039mza.cloudfront.net/JTXZKUGZyAiM0W3pDcmhVdQ%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.174.197 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-174-197.fra54.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: dlycritishmalco.club
:scheme: https
:path: /WjY0SnI7VFcnTTsLVmwHKFoJb0AcEwYMFmhaByxDNAYHcx8gVxopHjVDUCwANVhAZBw/QhF4NDJUcAtAO1tHGiprUXkcMDJsYSYWOWFDBzMNWn4BJTFjcgggLXhWPTt/BHYIHDVyYSA7L3dcCxcfZ1MEMB9BfA4kb2RiekIQblgcKg1dRBgnPV5jHTAAdXMtIxJyYQs+GHQNAiQtY3wCJClnfD0CCG5iISMbUXYpJGoPbgEVD29jIUc/d3Z+OhlRDRAlGAJxAkM9YmMZHhB3UxM2GGRcHCUxD24SNGtudx9HP3dyISgOWgALJjEPbhIzH3F6HAIDVENnPB5iWH4zDE5bKDMcYHYOBTF+Yx84CmFnJTQYYAUMKi1vYB00LnNje0Y/dFMLJBh1WAUqPXRVCwUbfHIbIDtydSYmAmdiCSELf3MJIxdTbHsBCmJYf0AeWlgMKhgCdx1DLlB8LTA4Ylh+MwhnRwQ2D3xSHkMxR3YbJD5kYnI1H3QNHTEbe3IdIzV9dT1KE2NTLToMcAwFMQxsZx8Vb1J2PSQ/dWJ7Jw9aUxoxDH8SIAE1WER3KzJjXgBHYm92eA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/gOfb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x; csu=b62d76d8-3b4a-449a-ab06-fd7d1ff85d42; fv=rjk4qTr9rHU7qcEFqjU7rHnHpjg9vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

status: 200
content-type: text/html
content-length: 1257
date: Sun, 02 Aug 2020 04:52:46 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: NFBobRhrFlLxCg3aUG14GAldJV1SC0S2RrOOxhU6oa7GAAT_Bx1NmQ==

GET
H2 200 css
fonts.googleapis.com/ Frame BBD0 2 KB
670 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Aug 2020 04:19:29 GMT
server: ESF
date: Sun, 02 Aug 2020 04:52:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Aug 2020 04:52:46 GMT

GET
DATA 200
OK truncated
/ Frame BBD0 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame BBD0 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/gOfb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://tii.ai

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 494171
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 1 Show response
servicer.mgid.com/892972/ Frame BBD0 996 B
1 KB 79ms
77ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/892972/1?w=300&h=250&cols=1&pv=5&cbuster=1596343966764387285559&uniqId=08b23&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Ftii.ai%2FgOfb&lu=https%3A%2F%2Ftii.ai%2FgOfb&pageView=1&pvid=173ad83dc2dac1cb297&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48a93c28de6b9beea484b002472d5e6d225e63fb47f45176f6518070a0e7a83

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc5310069b2cc4e-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 044f1cf43e0000cc4eac2c5200000001

GET
H2 200 i.js Show response
cm.mgid.com/ Frame BBD0 1 KB
706 B 79ms
77ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1596343966848104892584
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c660a16b0daf12b1ec6676765017b51e84117af04129b07ead8045de97d4f0

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c495910c-ca95-442d-8353-a13c92386931
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044f1cf4910000cc4eac2cc200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53100e9facc4e-ZRH

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 8B65 19 B
276 B 123ms
123ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=159634396685282543576
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: af9bb9f1-f733-4d9b-8e8e-7916a18b329f
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044f1cf4930000cc4eac2cf200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53100ea02cc4e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc*.webp Show response
s-img.mgid.com/g/3931461/492x328/0x65x546x364/ Frame BBD0 12 KB
13 KB 82ms
38ms Fetch
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-img.mgid.com/g/3931461/492x328/0x65x546x364/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23f80f6286e980d6a791a2454efe2899bce79acc25dfd5546064cd80a8d638ef

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:46 GMT
cf-cache-status: HIT
x-mg-request-uuid: b18f513f-a1f6-4f7c-8faa-9626443c77a4
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12772
cf-request-id: 044f1cf4c00000cc5a9c874200000001
last-modified: Thu, 07 May 2020 07:16:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bc531013dd3cc5a-ZRH

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame BBD0 2 KB
1 KB 31ms
30ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 6456
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 044f1cf4990000cc4eac2d5200000001
cf-ray: 5bc53100fa0ecc4e-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc*.webp
s-img.mgid.com/g/3931461/492x328/0x65x546x364/ Frame BBD0 12 KB
13 KB 29ms
29ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3931461/492x328/0x65x546x364/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M1NzQwMTZiYzIwMDFkMDdkNzUyZTg0YmFmMDU3N2VkLmpwZWc*.webp
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23f80f6286e980d6a791a2454efe2899bce79acc25dfd5546064cd80a8d638ef

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:46 GMT
cf-cache-status: HIT
age: 2538906
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12772
cf-request-id: 044f1cf4990000cc4eac2d4200000001
last-modified: Wed, 01 Apr 2020 04:14:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bc53100fa0ccc4e-ZRH
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame F9E7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

98ms
32ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1596343966848104892584
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/gOfb
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=20274
Expires: Sun, 02 Aug 2020 10:30:41 GMT
Date: Sun, 02 Aug 2020 04:52:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 02 Aug 2020 04:52:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame BBD0 0
554 B 125ms
76ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k71K0T12BpQl
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53101be41cc5a-ZRH
content-type: image/gif
cf-request-id: 044f1cf5100000cc5a8e2c8200000001

GET
H2

200

m
cm.mgid.com/ Frame BBD0
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=b7ce8ebd-7c97-46c8-b5a7-adcf9a9f5d54

43 B
227 B

74ms
74ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=b7ce8ebd-7c97-46c8-b5a7-adcf9a9f5d54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: d8cc9d47-f35b-4d20-8c2c-1109d20af1fe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53105feeacc4e-ZRH
content-type: image/gif
cf-request-id: 044f1cf7bb0000cc4eac2f9200000001
server: cloudflare

Redirect headers

date: Sun, 02 Aug 2020 04:52:47 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=b7ce8ebd-7c97-46c8-b5a7-adcf9a9f5d54
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame BBD0 0
328 B 227ms
74ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k71K0T12BpQl
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame BBD0
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=9PSJUM0wspF6Js0q4rD3&pi=mgid&tc=1

43 B
310 B

132ms
131ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=9PSJUM0wspF6Js0q4rD3&pi=mgid&tc=1
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: e2341282-ccc6-4794-8e0c-ea046634a160
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc531026b94cc4e-ZRH
content-type: image/gif
cf-request-id: 044f1cf5830000cc4eac2db200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT, Sun, 02 Aug 2020 04:52:47 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=9PSJUM0wspF6Js0q4rD3&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame BBD0
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=70&user_id=8864304224196295632&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=189ba111-1337-465d-905c-4519aa804293

43 B
275 B

123ms
123ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=189ba111-1337-465d-905c-4519aa804293
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: b0e86ab6-8eb8-475d-9b4a-24f4d2422a27
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc531028ba8cc4e-ZRH
content-type: image/gif
cf-request-id: 044f1cf5920000cc4eac2e6200000001
server: cloudflare

Redirect headers

status: 302
date: Sun, 02 Aug 2020 04:52:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=189ba111-1337-465d-905c-4519aa804293
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/ Frame BBD0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azcxSzBUMTJCcFFs&muidn=k71K0T12BpQl
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azcxSzBUMTJCcFFs&muidn=k71K0T12BpQl&google_tc=
https://cm.mgid.com/google?muidn=k71K0T12BpQl&google_ula={guid},5&google_gid=CAESEHd39Vr0RVk4oLcGgyvT6us&google_cver=1

0
295 B

122ms
122ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k71K0T12BpQl&google_ula={guid},5&google_gid=CAESEHd39Vr0RVk4oLcGgyvT6us&google_cver=1
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53101eafecc4e-ZRH
content-type: text/plain
cf-request-id: 044f1cf52f0000cc4eac2d9200000001

Redirect headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:46 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k71K0T12BpQl&google_ula={guid},5&google_gid=CAESEHd39Vr0RVk4oLcGgyvT6us&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame BBD0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=0238cd04-1e77-4aa0-acc4-815acba71e4f&ttl=1598935967

43 B
290 B

75ms
74ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=0238cd04-1e77-4aa0-acc4-815acba71e4f&ttl=1598935967
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 742fbc3a-8bae-4ac2-8a27-4200fb8ff58e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc531023b5fcc4e-ZRH
content-type: image/gif
cf-request-id: 044f1cf5630000cc4eac2da200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=0238cd04-1e77-4aa0-acc4-815acba71e4f&ttl=1598935967
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

1011
jadserve.postrelease.com/suid/ Frame BBD0
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k71K0T12BpQl
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k71K0T12BpQl
https://jadserve.postrelease.com/suid/1011?vk=189ba111-1337-465d-905c-4519aa804293

43 B
538 B

577ms
192ms

Image
image/gif

52.52.244.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=189ba111-1337-465d-905c-4519aa804293
Requested by: Host: tii.ai
URL: https://tii.ai/gOfb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.244.32 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-244-32.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:47 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

status: 302
date: Sun, 02 Aug 2020 04:52:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //jadserve.postrelease.com/suid/1011?vk=189ba111-1337-465d-905c-4519aa804293
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
DATA 200
OK truncated
/ Frame BBD0 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23f80f6286e980d6a791a2454efe2899bce79acc25dfd5546064cd80a8d638ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 112D 0
0 86ms
27ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/gOfb
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/gOfb

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 02 Aug 2020 04:52:47 GMT
Age: 7601307
X-Served-By: cache-lga21948-LGA, cache-hhn4079-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 5087169
X-Timer: S1596343967.499024,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 c
c.mgid.com/ Frame BBD0 43 B
282 B 167ms
159ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=300|200|28|mSBRfiJwJATx5AIvB6NVOm5H6sSiJNFkcTrplqos_tLgdGdRNjzCKKSUysNA_95C&fw=1&extjs=66046&imgdim=1&cid=892972&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=0251105b-d47c-11ea-80d0-d094662c24f7&tt=Direct&pageImp=1&muid=k71K0T12BpQl&cbuster=1596343967991268140113&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/gOfb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:48 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 7892744b-5cb4-48b3-9c32-78ce0e62093a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53108194acc4e-ZRH
content-type: image/gif
cf-request-id: 044f1cf90d0000cc4eac308200000001
server: cloudflare

GET getImage
ngp1.intnotif.club/adServe/wpnFeed/ 0
0

GET /
dspaction.wpu.sh/dsp/cpc/icon/ 0
0

GET
H2

200

79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png
www.ssaimg.com/~ByK2p5GkPWA/ Frame 3D1B
Redirect Chain

https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=Yc-Trx6tRF0fH1QEtxmHXVt248FJq917Hy1WQF77YQqnzyzi9t46Yg_Jqg4-fS1Fks_HPKn3o2pQuFdF2la3v1Cq9ObtFtDm-335keLThj3SufHYG7E6mdWapcQQjuZ1v9TCJVEGqLehBh...
https://www.ssaimg.com/~ByK2p5GkPWA/79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png

12 KB
12 KB

117ms
28ms

Image
image/png

94.31.29.131
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ssaimg.com/~ByK2p5GkPWA/79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.131 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.131.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:49 GMT
last-modified: Fri, 11 Oct 2019 22:04:43 GMT
server: NetDNA-cache/2.2
etag: "5da0fc7b-2e8e"
x-cache: HIT
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 11918

Redirect headers

status: 302
date: Sun, 02 Aug 2020 04:52:49 GMT
server: nginx
access-control-allow-origin: *
content-length: 0
location: https://www.ssaimg.com/~ByK2p5GkPWA/79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a.png
access-control-allow-methods: POST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5LzBlN2VmNDZhODgxYTE4Y2U1ZTQ2OTk0MDMxZDQ2OGU0LmpwZWc%2A.webp
s-img.adskeeper.co.uk/g/6362889/328x328/0x0x492x328/ Frame 3D1B
Redirect Chain

https://dspaction.wpu.sh/dsp/cpc/icon/?payload=oyPA-7qI7sdFR2iKflzlj2FTrW_-RgER-K6AI7NgygZ94_Mym2swMq4lS_WNv7P4g1keBO6s2-eAJC7hj7gzXfAXlr3X3AuYiE4Y52QeLfjnU1-_a-myA61x9fnebWK288_V5xyMWWwC5bt8kdi5RC...
https://abc13.feed-xml.com/tracking/icon?adid=0D25F50441416396_465466_534659
https://c.adskeeper.co.uk/c?pv=2&v=0|0|0|76TVja7DsCALPjjzaxgGUtJTXZ-7SIyfNHe5dGAJ7WSS6w5NdnYG89yQ-93Pii9X&cid=939495&f=1&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=01125bb0-d47c-11ea-97f7-...
https://s-img.adskeeper.co.uk/g/6362889/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5LzBlN2VmNDZhODgxYTE4Y2U1ZTQ2OTk0MDMxZDQ2OGU0LmpwZWc%2A.webp

7 KB
7 KB

26ms
25ms

Image
image/webp

104.19.131.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/6362889/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5LzBlN2VmNDZhODgxYTE4Y2U1ZTQ2OTk0MDMxZDQ2OGU0LmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.131.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0ceb5094018090c6119b432413e70541d79e6e7f56f2ef5618194a426d04cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 02 Aug 2020 04:52:49 GMT
cf-cache-status: HIT
x-mg-request-uuid: 753d0f16-7c7e-4bfc-839b-f9b9b64d5255
age: 993686
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7250
cf-request-id: 044f1cff530000cc460da62200000001
last-modified: Tue, 21 Jul 2020 16:51:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5bc531121826cc46-ZRH
expires: Mon, 02 Aug 2021 04:52:49 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Aug 2020 04:52:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: f48b3076-dcbc-4fd6-b82c-a43d3b8ca8c1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.adskeeper.co.uk/g/6362889/328x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMjQ3MzE5LzBlN2VmNDZhODgxYTE4Y2U1ZTQ2OTk0MDMxZDQ2OGU0LmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bc53111af74cc46-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 044f1cff060000cc460da5e200000001
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Domain: ngp1.intnotif.club
URL: https://ngp1.intnotif.club/adServe/wpnFeed/getImage?ai=Yc-Trx6tRF0fH1QEtxmHXVt248FJq917Hy1WQF77YQqnzyzi9t46Yg_Jqg4-fS1Fks_HPKn3o2pQuFdF2la3v1Cq9ObtFtDm-335keLThj3SufHYG7E6mdWapcQQjuZ1v9TCJVEGqLehBhR7gerpiAJWN6TaQxxcVSCEaRO-2-ifOUdH6cAG6Qaed-85hi-87743JG46ESVaFNaPDpg5Mn6eCYj_eyf8TMmrDkAxhAHTllLA-x6tEbAkeY2kVNY_vzpjeRBVTTJbc2y-_jcEJ0AkIfAaTE_XECPI7ULUd1M6USJIz9Ds683wDOKOxTBr7Ji3MNYjHvF0VTpg_JhsyRY-LeV1_Ej_C8NxS5cLiilgfYyck3t-d1ISasF5sjd5BY2JweuCldCPzg6QlwLkWwm5Re8bvImKkvsrjw1fCiWJVm7mn0rhf0pLLEj1TG9P0KK9IoCO2jfCtaU2Gxperfb6gQ3hM34layTOboEUiCC1WWqxc2ECe06zTI7JQ0WHpnetQYisziL5Vm9r6zltt62sJdKBcx7FXKIN23qnVG91UQvf6Ju71DnRkLFiWGFzONZJ0lOcum_rIp8mbwbJ6P9v1gu8wHeu

Domain: dspaction.wpu.sh
URL: https://dspaction.wpu.sh/dsp/cpc/icon/?payload=oyPA-7qI7sdFR2iKflzlj2FTrW_-RgER-K6AI7NgygZ94_Mym2swMq4lS_WNv7P4g1keBO6s2-eAJC7hj7gzXfAXlr3X3AuYiE4Y52QeLfjnU1-_a-myA61x9fnebWK288_V5xyMWWwC5bt8kdi5RCsSgFBj_MAt2cXF6kmzpSj5sW-tW0n7o1xtP4MWdGLMN7ZZvvfB0Dq-UBKZ46iz9oz6RQAP78xMQRtFwdwqqjKx7yZxunhBvJ_Qsxymcw7QTKLrjIoVwd10fCv5hN8GX3IvwKY_TJOciIO7d98Wr_lxPgm3JkXUciTRZRh3fPnT8MD-lE93Jkj1sGYjgFnl26yBe-JQWdPc0TrtKj_T1KUbBOC5OzxW-REj5VqHWPBpf-4ARNGcR250MFQSRTQwV43g9IMZQRGl39l5aXD3SyCyKrYBDmI-yoEDglipGtrjTqQN06l_lLz3vyi5a-qaSQeFLgdsIdNMO3IojdeDwSbzT6dldBq853YnE0CWyozXiaEddp9JfSHZSjy_EiUqzVNxpZxffoVvT4lq_pwK24Jy2DUnlrJn6Gj6O8A8kK2ydC2BFNfFHKvmTN2GpEXF0XKSUcceoLK3ghurd5CCfu4w_vszpRnyNcLjKcR2g-m1QIC2KyNb5SxpudXp3_zj9p5h3gPx2iYLJgylXylXBHyBKjUQykz4GW4CZmviqccusog3vphB7Mrdlt6SRfgctQ..

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adtrue.com/	1970-01-19 11:25:44	Name: _gat_gtag_UA_66441855_40 Value: 1
.adtrue.com/	1970-01-19 11:27:10	Name: _gid Value: GA1.2.742369699.1596343965
dlycritishmalco.club/	1970-01-19 11:25:44	Name: ut Value: x
tii.ai/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C892972%22%3A%7B%22page%22%3A1%2C%22time%22%3A1596343966847%7D%7D
tii.ai/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
.dlycritishmalco.club/	1970-01-19 20:11:19	Name: fv Value: rjk4qTr9rHU7qcEFqjU7rHnHpjg9vdw=
tii.ai/	1969-12-31 23:59:59	Name: ab Value: 2
.adtrue.com/	1970-01-20 04:56:55	Name: _ga Value: GA1.2.1221568196.1596343965
.tii.ai/	1970-01-19 11:25:44	Name: _gat_gtag_UA_113561579_1 Value: 1
dlycritishmalco.club/	1969-12-31 23:59:59	Name: csu Value: b62d76d8-3b4a-449a-ab06-fd7d1ff85d42
.tii.ai/	1970-01-19 12:08:55	Name: __cfduid Value: d09575576bd99d0aaa93198d066feccab1596343962
.tii.ai/	1970-01-20 04:56:55	Name: _ga Value: GA1.2.101567397.1596343963
tii.ai/	1969-12-31 23:59:59	Name: csrfToken Value: 89488700c5369d65f3b3feca55ad08e7dee2292b8bec0b50c4edebf597f74e2dca27fb9ac5ef3f573cfb4bfec4d0c25ee54418d8828b8072a580aa0156b821c9
tii.ai/	1969-12-31 23:59:59	Name: AppSession Value: 5ffe7c5be737404f3967eaaf4f512cad
.tii.ai/	1970-01-19 11:27:10	Name: _gid Value: GA1.2.354561588.1596343963

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	debug	URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abc13.feed-xml.com
acdn.adnxs.com
ams.creativecdn.com
aphycolourses.info
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
boudja.com
c.adskeeper.co.uk
c.mgid.com
c1.adform.net
cdn.adtrue.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
d1ks8roequxbwa.cloudfront.net
d2l3f1n039mza.cloudfront.net
d3al52d8cojds7.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
dlycritishmalco.club
dspaction.wpu.sh
ettyjokilint.club
eus.rubiconproject.com
exchange.adtrue.com
fenailany.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
jadserve.postrelease.com
jsc.mgid.com
match.adsrvr.org
ngp1.intnotif.club
quantcast.mgr.consensu.org
rtb-usw.mfadsrvr.com
s-img.adskeeper.co.uk
s-img.mgid.com
s3.amazonaws.com
secure-assets.rubiconproject.com
servicer.mgid.com
shrinkearn.com
static.quantcast.mgr.consensu.org
tii.ai
track.adtrue.com
vendorlist.consensu.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
www.ssaimg.com
x.bidswitch.net
boudja.com
d3al52d8cojds7.cloudfront.net
dspaction.wpu.sh
ngp1.intnotif.club
104.111.230.142
104.16.221.74
104.19.131.80
104.19.133.78
104.19.134.78
108.168.193.183
13.35.253.207
13.35.254.87
138.201.239.18
143.204.208.29
143.204.89.126
151.101.113.108
172.217.18.162
185.184.8.30
185.33.221.13
23.105.245.4
23.227.131.133
2600:9000:2057:5000:1:af78:4c0:93a1
2600:9000:214f:400:9:46dc:4700:93a1
2600:9000:214f:5200:9:46dc:4700:93a1
2600:9000:214f:8a00:3:99db:e580:21
2606:4700:10::6814:326f
2606:4700:20::6819:842c
2606:4700:3037::ac43:976d
2a00:1450:4001:801::2004
2a00:1450:4001:808::200e
2a00:1450:4001:814::2003
2a00:1450:4001:816::2008
2a00:1450:4001:818::2003
2a00:1450:4001:81f::200a
34.246.123.201
35.156.249.121
35.165.10.112
35.212.212.222
37.157.2.236
51.178.195.173
52.216.140.14
52.222.174.197
52.52.244.32
52.58.74.100
52.86.219.129
54.149.11.161
94.31.29.131
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e42c2ab4a560cd4a2be587847ef95de9a330bd1d717da32eab5ee2048a43bc7
23f80f6286e980d6a791a2454efe2899bce79acc25dfd5546064cd80a8d638ef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3559d7775cf7a8ba83152013893c921c2e845639a507424ca967d7bdd8976cc5
38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276
3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
43c660a16b0daf12b1ec6676765017b51e84117af04129b07ead8045de97d4f0
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
51ddb9e33f565949cd20591a0c4e154f8482165ff0c04503d45feb4ddcd62f3c
5473df52a14c0356aec01678c4eb7b16c1311a18519f7c1fc8d37bb7cafe9dda
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5
62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5
7245e9f7a69e849babc1e8b45af7272396890c8c7f8a938e871437615576a263
79e7e30de78d18ca9131be73e383db1c9faaecf9401c54c00ea5a1853c9c6f5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840a035b9cce21e929aaac168a18f0ffce4e4b4e1abf19e98164d491f97e8117
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85c7e27ea6f4ccf37bb86b29da54e250006ef4ee1137c9da9f1880ba6b84df67
8b80635d65f907b3eccd5b25b9ce269f3ea4ae3ff47ac34d59e533dc782aef80
8f8cec1160d77c1f447c83e354b09b8bf21ec1eda8487d7610e0d6f43dcea0bd
8fee5d08f0c5de46971a69552c03dd5cd371b1b1e738872f0f882b9cc0526f8b
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a02f96cfc9407ea221d62bd3404a88078c854b20647b5ebcd8a091b6490d70cf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a97ba49246a5342385a512cb930ddbc7119f71fdcaede7f398ed2c1c45396315
a9d9cba47e028112043893dbbc7a506286f838c40c621bd97d1466341dae3d2e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
ba0ceb5094018090c6119b432413e70541d79e6e7f56f2ef5618194a426d04cf
bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66
bc5e66a8c833e1063b73f601cf5aaea30c401d38d75f2527520871bb05a8db62
c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184
c48a93c28de6b9beea484b002472d5e6d225e63fb47f45176f6518070a0e7a83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

tii.ai Open in urlscan Pro 2606:4700:3037::ac43:976d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

79 Requests

94 %HTTPS

30 %IPv6

34 Domains

53 Subdomains

35 IPs

9 Countries

1207 kBTransfer

3016 kBSize

15 Cookies

10 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tii.ai Open in urlscan Pro
2606:4700:3037::ac43:976d Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

94 %
HTTPS

30 %
IPv6

34
Domains

53
Subdomains

35
IPs

9
Countries

1207 kB
Transfer

3016 kB
Size

15
Cookies

79 HTTP transactions
3 data transactions