iir.ai Open in urlscan Pro
2606:4700:3035::681c:1e0a Public Scan

URL:
https://iir.ai/EoxYDao
Submission: On August 10 via manual (August 10th 2020, 6:51:21 am UTC) from PH

Summary HTTP 71 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 33 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3035::681c:1e0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is iir.ai.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.

This is the only time iir.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3035::681c:1e0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	13.226.156.37 13.226.156.37	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:ff6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.178.195.173 51.178.195.173	16276 (OVH) (OVH)
3	2606:4700:10:... 2606:4700:10::6814:326f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
3	139.45.196.10 139.45.196.10	9002 (RETN-AS) (RETN-AS)
1	34.196.151.230 34.196.151.230	14618 (AMAZON-AES) (AMAZON-AES)
2	139.45.195.142 139.45.195.142	9002 (RETN-AS) (RETN-AS)
2	2600:9000:218... 2600:9000:2182:5400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.201.35 143.204.201.35	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	52.10.109.135 52.10.109.135	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:ac00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.196.14 139.45.196.14	9002 (RETN-AS) (RETN-AS)
1	139.45.195.162 139.45.195.162	9002 (RETN-AS) (RETN-AS)
1	35.156.249.121 35.156.249.121	16509 (AMAZON-02) (AMAZON-02)
2	54.185.201.68 54.185.201.68	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.226.155.119 13.226.155.119	16509 (AMAZON-02) (AMAZON-02)
10	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.138.80 104.19.138.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	18.158.16.100 18.158.16.100	16509 (AMAZON-02) (AMAZON-02)
1 2	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	23.105.245.5 23.105.245.5	7979 (SERVERS-COM) (SERVERS-COM)
2 2	76.223.7.166 76.223.7.166	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1 1	13.226.155.32 13.226.155.32	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	139.45.196.40 139.45.196.40	9002 (RETN-AS) (RETN-AS)
71	35

7 2606:4700:3035::681c:1e0a (United States)

ASN13335 (CLOUDFLARENET, US)

iir.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-37.dus51.r.cloudfront.net

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ff6 (United States)

ASN13335 (CLOUDFLARENET, US)

clk.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.195.173 (France)

ASN16276 (OVH, FR)
PTR: ip173.ip-51-178-195.eu

voltskegscurate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:326f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.10 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.151.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-151-230.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.142 (Ascension Island)

ASN9002 (RETN-AS, EU)

oufauthy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:5400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.35 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-35.fra53.r.cloudfront.net

sovieashlig.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.109.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-109-135.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:ac00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.14 (Ascension Island)

ASN9002 (RETN-AS, EU)

eikegolehem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.162 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.249.121 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.185.201.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-201-68.us-west-2.compute.amazonaws.com

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.119 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-119.dus51.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.134.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.138.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.158.16.100 (United States) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.95 (United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.7.166 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.32 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-32.dus51.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.40 (Ascension Island)

ASN9002 (RETN-AS, EU)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com 2 redirects jsc.mgid.com c.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com cdn.mgid.com	110 KB
7	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	64 KB
7	iir.ai iir.ai	227 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	158 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	181 KB
3	inpagepush.com inpagepush.com	26 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	822 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	outbrain.com 1 redirects sync.outbrain.com	821 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	747 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	steepto.com s-img.steepto.com	27 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	701 B
2	eikegolehem.com eikegolehem.com	673 B
2	google.com www.google.com
2	google-analytics.com www.google-analytics.com	18 KB
2	oufauthy.net oufauthy.net	28 KB
2	clk.sh clk.sh	78 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	onstunkyr.com onstunkyr.com	482 B
1	smadex.com 1 redirects cm.smadex.com	527 B
1	lentainform.com cm.lentainform.com	328 B
1	idealmedia.io cm.idealmedia.io	556 B
1	rtmark.net my.rtmark.net	764 B
1	sovieashlig.club sovieashlig.club
1	aphycolourses.info aphycolourses.info	24 KB
1	recaptcha.net www.recaptcha.net	909 B
1	voltskegscurate.com voltskegscurate.com	1 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	cloudfront.net dc5k8fg5ioc8s.cloudfront.net	20 KB
0	boudja.com Failed boudja.com Failed
71	33

	Domain	Requested by
7	cm.mgid.com	jsc.mgid.com
7	iir.ai	iir.ai
5	x.bidswitch.net	5 redirects
4	fonts.gstatic.com	iir.ai
3	c.mgid.com	2 redirects
3	inpagepush.com	iir.ai inpagepush.com
3	cdn.adtrue.com	iir.ai exchange.adtrue.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.outbrain.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	s-img.mgid.com	jsc.mgid.com iir.ai
2	s-img.steepto.com	iir.ai
2	track.adtrue.com	exchange.adtrue.com
2	eikegolehem.com	oufauthy.net
2	www.google.com	www.gstatic.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	exchange.adtrue.com	iir.ai cdn.adtrue.com
2	www.google-analytics.com	www.googletagmanager.com iir.ai
2	quantcast.mgr.consensu.org	iir.ai quantcast.mgr.consensu.org
2	oufauthy.net	iir.ai
2	clk.sh	iir.ai
2	fonts.googleapis.com	iir.ai jsc.mgid.com
1	onstunkyr.com
1	acdn.adnxs.com	cdn.adtrue.com
1	cm.smadex.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com
1	cm.idealmedia.io
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com	iir.ai
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	exchange.adtrue.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	ib.adnxs.com	cdn.adtrue.com
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	my.rtmark.net	inpagepush.com
1	www.gstatic.com	www.recaptcha.net
1	sovieashlig.club	dc5k8fg5ioc8s.cloudfront.net
1	aphycolourses.info	iir.ai
1	www.recaptcha.net	iir.ai
1	voltskegscurate.com	iir.ai
1	www.googletagmanager.com	iir.ai
1	dc5k8fg5ioc8s.cloudfront.net	iir.ai
0	boudja.com Failed	iir.ai
71	47

This site contains links to these domains. Also see Links.

Domain
www.quantcast.com
clk.sh
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
voltskegscurate.com Let's Encrypt Authority X3	`2020-07-21` - `2020-10-19`	3 months	crt.sh
*.adtrue.com COMODO RSA Domain Validation Secure Server CA	`2017-08-04` - `2020-09-02`	3 years	crt.sh
misc.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-05-20` - `2020-08-18`	3 months	crt.sh
aphycolourses.info Let's Encrypt Authority X3	`2020-07-14` - `2020-10-12`	3 months	crt.sh
oufauthy.net Let's Encrypt Authority X3	`2020-05-21` - `2020-08-19`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
sovieashlig.club Amazon	`2020-07-23` - `2021-08-23`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
eikegolehem.com Let's Encrypt Authority X3	`2020-06-26` - `2020-09-24`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2019-10-29` - `2021-11-23`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh
onstunkyr.com Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://iir.ai/EoxYDao
Frame ID: ACE635C0AECE72225D2B43D7CD8D6F78
Requests: 39 HTTP requests in this frame

Frame: https://sovieashlig.club/UEk4dkwxK1sbczF0WlA5IiUFU34WbAowKDN8U04qN3xRGS9oOhYVID88XBA+PydMWCI1PR1ECgYEfR1+M3tiIgY8Lm4hGQEubR15NQhwAQMDeAwhBWAcWzUJEnleDH01CHkCHRcKfiMpYSoONR0VPFsgGQMaUUYAARx6FQcWLm0hNAk6bzQOMghvTxQWPmk4KgIIcDAgaCB7ARUZH3sOHRcuUCAAAgh/NDtgIm8nJwAReyAUBiVqRCoSIXwnOxp8cB54GBxBNBUSPlQyBQIHeTwOBn56HiMZG3sOLQYlaTcGFippJzsafG8nDhQIVhoDBiVpNykRZGEFGicYbzd9IA15GCAICEAsLxwMfSEOFjpfJyAKHFwYOxYbfREINjF2NBo4LlEuKzMFYDE7FQR9Ow81H1cXCAYfSzQJHQtuJTw0AX1OGjU+YScIOwBVITQKDXkRdB8YfRENCj5yNRo3B1Y3CRoNeRggFgxfNB4feAEhGhgTADQZAgB5RXQBC1QFajo6Vxg8bQB2TnwSL1MxKGIocRl9Nw4
Frame ID: 92DDAD25FBEDA040C536A05892B27AF6
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=18696&ref=https://iir.ai/EoxYDao&cb=4289582974&timeZone=2&adWidth=300&adHeight=250&loc=https://iir.ai/EoxYDao
Frame ID: B746EF7C0B4A50529CFF8394B867625C
Requests: 3 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v36/cmp-3pc-check.html
Frame ID: 97D5E9A00EF00E08EE5ADC0023C2062E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=normal&cb=rsurc1myndir
Frame ID: E4292A020AC9F5478CF08F6724ECFD56
Requests: 1 HTTP requests in this frame

Frame: https://eikegolehem.com/fac.php
Frame ID: B28438C135C3EBD2A98EF4A1334205B5
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=8dxyzs20dq38
Frame ID: EFA026A16EF15C403A589F3D3762C4AB
Requests: 1 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=18696&domain=iir.ai&ref=https%3A%2F%2Fiir.ai%2FEoxYDao&loc=https%3A%2F%2Fiir.ai%2FEoxYDao
Frame ID: F2FA6ABDFF7A86F7458CBB00BB15B48B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: C2FB734A39A85E8AB442E97C61E69DE1
Requests: 21 HTTP requests in this frame

Frame: https://track.adtrue.com/track/passback?pzoneid=18696
Frame ID: 71DD02D78EA64B7DE9EA4BB82C053C9F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1597042253155502949571
Frame ID: B3EF715E705FF93F1DE364AF20A8B99A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 4023CABB55457775D8D246FC8384F2EC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B5C7D5077FEC43CCD50AB655EB96E286
Requests: 1 HTTP requests in this frame

Frame: https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
Frame ID: B8711B812AC9FA9C183D17FBA55399BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

71
Requests

97 %
HTTPS

28 %
IPv6

33
Domains

47
Subdomains

35
IPs

7
Countries

1000 kB
Transfer

2605 kB
Size

0
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.quantcast.com/gdpr/consent-management-solution/
Title: upgrade

Search URL Search Domain Scan URL

URL: https://clk.sh/

Search URL Search Domain Scan URL

URL: https://clk.sh/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShrinkearnClksh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://c.mgid.com/c?pv=2&v=0|0|0|fHzdfksa2S8NqZcXfxgMatoqeRLARo2ywu7crv0ujINe2befF5NtsY4lg9jDg-Bk&cid=949756&f=1&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445621bcPLcp2ph2020081001h&psid=3487732&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzU1MjMxMzkvMzI4eDMyOC8xMzV4MHgxMDYyeDcwOC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qQXRNRE12TVRBeE9USTBMelE1TWpnME1qRTJNVGd5TW1ZME9HSTJNelEyTUdVek5qSmhZVGxqT1RKaUxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp

Request Chain 58

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc5UVFPMjJjNU9u&muidn=k79QQO22c5On HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc5UVFPMjJjNU9u&muidn=k79QQO22c5On&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k79QQO22c5On&google_ula={guid},5&google_gid=CAESEHISN7xtpiLYqXLaSbnDJ0s&google_cver=1

Request Chain 61

https://x.bidswitch.net/sync?dsp_id=303&user_id=k79QQO22c5On HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k79QQO22c5On HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&rdrctExp=true

Request Chain 63

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=603c317c-8861-4e11-ba67-ed6cf340c741&ttl=1599634253

Request Chain 64

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=5KVN0yVmXU6JcmVIZTC4&pi=mgid&tc=1

Request Chain 65

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=b0bb25c0-ba75-4a51-88ca-2e93ad49f552

Request Chain 66

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=58b7ea19-45d7-4682-ba18-8c34c42da0be HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=41427b93-fde8-4d80-b461-1802ddd13ee8&expires=10&ssp=mgid&bsw_param=58b7ea19-45d7-4682-ba18-8c34c42da0be HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=58b7ea19-45d7-4682-ba18-8c34c42da0be

Request Chain 71

https://c.mgid.com/c?pv=2&v=0|0|0|fHzdfksa2S8NqZcXfxgMatoqeRLARo2ywu7crv0ujINe2befF5NtsY4lg9jDg-Bk&cid=949756&f=1&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445621bcPLcp2ph2020081001h&psid=3487732&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzU1MjMxMzkvMzI4eDMyOC8xMzV4MHgxMDYyeDcwOC9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01qQXRNRE12TVRBeE9USTBMelE1TWpnME1qRTJNVGd5TW1ZME9HSTJNelEyTUdVek5qSmhZVGxqT1RKaUxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request EoxYDao Show response
iir.ai/ 74 KB
23 KB 306ms
283ms Document
text/html 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f21d72fca20802397aad332fca61ca4ac017665e637eb2c96048011b27d7ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: iir.ai
:scheme: https
:path: /EoxYDao
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 06:50:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dff202e925d6f042fef991cf545275ea61597042250; expires=Wed, 09-Sep-20 06:50:50 GMT; path=/; domain=.iir.ai; HttpOnly; SameSite=Lax; Secure AppSession=c6d75cefe9c7ba2cce7f355baad95254; path=/; HttpOnly; secure csrfToken=52f4d565351647e32a0c83e7e69c99801a8aa4c6f0825326047bf2168ae467e019cf5945e913a8373667b39000b1fb06a8315fbc56ab3cb56775374569de74b6; path=/; HttpOnly; secure
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 0478bbec3a0000dfcf09126200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c07c8f39db6dfcf-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
590 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 06:24:42 GMT
server: ESF
date: Mon, 10 Aug 2020 06:50:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Aug 2020 06:50:51 GMT

GET
H2 200 styles.min.css
iir.ai/cloud_theme/build/css/ 189 KB
31 KB 22ms
22ms Stylesheet
text/css 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1885078
status: 200
cf-request-id: 0478bbed590000dfcf09132200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5c07c8f559cedfcf-FRA
expires: Tue, 18 Aug 2020 11:12:52 GMT

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 50 KB
20 KB 348ms
228ms Script
text/plain 13.226.156.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-37.dus51.r.cloudfront.net
Software: /
Resource Hash: 6444acf273b971ab602403fcb858442b0503fa9b6ee98d2a534fef3ba18cf8ca

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 19758
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
x-amz-cf-id: JvtG11FhK5GdxQqqIPozQzHsyRmoVlLIUVgSdtNtA661UbMvNMSJNA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
34 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5923e43ed07f1648786aa192b0bd7452d6b2f5eea526905e81677397327fc7c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34851
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Aug 2020 06:50:51 GMT

GET
H2 200 hmpglogo228x70.png
clk.sh/webroot/modern_theme/img/ 3 KB
3 KB 152ms
13ms Image
image/png 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/modern_theme/img/hmpglogo228x70.png

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18552365
cf-polished: origSize=3621
status: 200
content-length: 2976
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 04:31:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Thu, 07 Jan 2021 13:24:45 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 0478bbef43000016ee1b3ef200000001
accept-ranges: bytes
cf-ray: 5c07c8f86ea916ee-FRA
cf-bgj: imgq:100

GET
H/1.1 200
OK 14505 Show response
voltskegscurate.com/teCeQ2PKrSkm9dWj/ 0
1 KB 231ms
55ms Script
text/html 51.178.195.173
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://voltskegscurate.com/teCeQ2PKrSkm9dWj/14505

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

51.178.195.173 , France, ASN16276 (OVH, FR),

Reverse DNS

ip173.ip-51-178-195.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 06:50:51 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H2 200 sw_2735511.js Show response
iir.ai/ 93 KB
34 KB 21ms
21ms Script
application/javascript 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/sw_2735511.js

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1564279
status: 200
cf-request-id: 0478bbee5a0000dfcf09147200000001
last-modified: Wed, 08 Jan 2020 13:23:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5c07c8f6fd75dfcf-FRA
expires: Sat, 22 Aug 2020 04:19:29 GMT

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 30ms
11ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 03:52:05 GMT
server: cloudflare
age: 24536476
etag: W/"5d941ee5-1c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5c07c8f7c9d9dfc3-FRA
cf-request-id: 0478bbeeda0000dfc3ab9dd200000001
expires: Sun, 25 Oct 2020 07:09:35 GMT

GET
H2 200 ads.js Show response
iir.ai/js/ 192 B
241 B 11ms
11ms Script
application/javascript 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/js/ads.js?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1885078
status: 200
cf-request-id: 0478bbee750000dfcf0914a200000001
last-modified: Mon, 02 Dec 2019 16:40:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5c07c8f72ddbdfcf-FRA
expires: Tue, 18 Aug 2020 11:12:52 GMT

GET
H2 200 script.min.js Show response
iir.ai/cloud_theme/build/js/ 202 KB
57 KB 23ms
23ms Script
application/javascript 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1736637
status: 200
cf-request-id: 0478bbee820000dfcf0914b200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5c07c8f73e28dfcf-FRA
expires: Thu, 20 Aug 2020 04:26:51 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
909 B 55ms
16ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a859156782f0106672ead92632bc57b6555bc16479dacfb839a5c3dc2d095412

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 473
x-xss-protection: 1; mode=block
expires: Mon, 10 Aug 2020 06:50:51 GMT

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 Newbackground.jpg
clk.sh/webroot/img/ 74 KB
74 KB 123ms
14ms Image
image/jpeg 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/img/Newbackground.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15976003
cf-polished: origSize=92083
status: 200
content-length: 75966
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jun 2018 10:09:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Sat, 06 Feb 2021 09:04:07 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 0478bbef43000016ee1b3f0200000001
accept-ranges: bytes
cf-ray: 5c07c8f86eaa16ee-FRA
cf-bgj: imgq:100

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Wed, 08 Jul 2020 23:44:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 2790384
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:44:27 GMT

GET
H/1.1 200
OK 3487732 Show response
inpagepush.com/400/ 65 KB
24 KB 246ms
84ms Script
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3487732

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

a6bc756db2c4f1f691b626d60e9d1e8aa3c52df64ffda2e62276c81c20ae766d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 261ee111c319ffea615a6db965fa2199
Pragma: no-cache
Date: Mon, 10 Aug 2020 06:50:51 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 NkhYSjBNais9b0M6NGgKFCAsPkBFcndlWV86ditZGTsvFQIBe21%2FAQdmMjkSGmorJ1YUcmlmEkIpPxVZUmpiaAgGfWByCBRkejlFVBcxLgIUcnp4AgF6aHlWB2VuKFVQZWxzAQ9lOnpRB2U9eAIALG99AFQpYSkSSw Show response
aphycolourses.info/ 58 KB
24 KB 454ms
185ms Script
application/javascript 34.196.151.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/NkhYSjBNais9b0M6NGgKFCAsPkBFcndlWV86ditZGTsvFQIBe21%2FAQdmMjkSGmorJ1YUcmlmEkIpPxVZUmpiaAgGfWByCBRkejlFVBcxLgIUcnp4AgF6aHlWB2VuKFVQZWxzAQ9lOnpRB2U9eAIALG99AFQpYSkSSw
Requested by: Host: iir.ai
URL: https://iir.ai/sw_2735511.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.151.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-151-230.compute-1.amazonaws.com
Software: / Express
Resource Hash: a8d04be62e40ad4e64e1560f21b061d91f576079e748c7ee68d2a1ad0913f122

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e725-AQfZED75G5QJXYETzHGYKBgDZho"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK apu.php Show response
oufauthy.net/ 3 KB
2 KB 212ms
52ms XHR
application/json 139.45.195.142
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oufauthy.net/apu.php?zoneid=3491150&oo=1

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.142 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

afe22e200cb88583eb9d835bc4e3389a6e14a0ba76e029a2f54c39aee3b7ae5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 06:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 91bafe5e366e00b76c8dea7dcfa21ce0
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
oufauthy.net/ 81 KB
25 KB 260ms
88ms Script
application/javascript 139.45.195.142
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://oufauthy.net/tag.min.js

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.142 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

7f71b511136787451588194ce0d62e382fd3e39ee383d26a879b69e0fe9be1f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 06:50:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 25298
X-Trace-Id: 0ca1d443e74e32820f3a95d3023bf030
Pragma: no-cache
Last-Modified: Fri, 07 Aug 2020 14:09:14 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 footer.jpg
iir.ai/cloud_theme/build/img/ 6 KB
6 KB 16ms
16ms Image
image/jpeg 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iir.ai/cloud_theme/build/img/footer.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4550200
status: 200
content-length: 6152
cf-request-id: 0478bbef370000dfcf09155200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5c07c8f858bfdfcf-FRA
expires: Fri, 18 Jun 2021 14:54:10 GMT

GET
H2 200 fontawesome-webfont.woff2
iir.ai/cloud_theme/build/fonts/ 75 KB
76 KB 13ms
13ms Font
font/woff2 2606:4700:3035::681c:1e0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::681c:1e0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://iir.ai

Response headers

date: Mon, 10 Aug 2020 06:50:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 321116
status: 200
content-length: 77160
cf-request-id: 0478bbef370000dfcf09156200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5c07c8f858c2dfcf-FRA
expires: Thu, 13 Aug 2020 13:38:54 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Tue, 14 Jul 2020 13:19:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 2309473
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Wed, 14 Jul 2021 13:19:38 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1578345
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 23 Jul 2021 00:25:06 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 257 KB
70 KB 41ms
18ms Script
text/javascript 2600:9000:2182:5400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92622defbe69d5f485b731c66b75275c2fa89f0ca76e915cfd05007f0a9ce626

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 10 Aug 2020 06:45:26 GMT
content-encoding: gzip
last-modified: Thu, 06 Aug 2020 19:37:14 GMT
server: AmazonS3
age: 616
etag: W/"8a2ea0668531111412b611a5b20bc2c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: I98eQdm9Nb9FeQ5FNiAzpL-d20-9AOAhym5Ig3wy_1aw6ucYiLjlmg==
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)

GET
H2 200 NDtgIm8nJwAReyAUBiVqRCoSIXwnOxp8cB54GBxBNBUSPlQyBQIHeTwOBn56HiMZG3sOLQYlaTcGFippJzsafG8nDhQIVhoDBiVpNykRZGEFGicYbzd9IA15GCAICEAsLxwMfSEOFjpfJyAKHFwYOxYbfREINjF2NBo4LlEuKzMFYDE7FQR9Ow81H1cXCAYfSzQJH...
sovieashlig.club/UEk4dkwxK1sbczF0WlA5IiUFU34WbAowKDN8U04qN3xRGS9oOhYVID88XBA+PydMWCI1PR1ECgYEfR1+M3tiIgY8Lm4hGQEubR15NQhwAQMDeAwhBWAcWzUJEnleDH01CHkCHRcKfiMpYSoONR0VPFsgGQMaUUYAARx6FQcWLm0hNAk6bzQO... Frame 92DD 0
0 218ms
133ms Document
text/html 143.204.201.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sovieashlig.club/UEk4dkwxK1sbczF0WlA5IiUFU34WbAowKDN8U04qN3xRGS9oOhYVID88XBA+PydMWCI1PR1ECgYEfR1+M3tiIgY8Lm4hGQEubR15NQhwAQMDeAwhBWAcWzUJEnleDH01CHkCHRcKfiMpYSoONR0VPFsgGQMaUUYAARx6FQcWLm0hNAk6bzQOMghvTxQWPmk4KgIIcDAgaCB7ARUZH3sOHRcuUCAAAgh/NDtgIm8nJwAReyAUBiVqRCoSIXwnOxp8cB54GBxBNBUSPlQyBQIHeTwOBn56HiMZG3sOLQYlaTcGFippJzsafG8nDhQIVhoDBiVpNykRZGEFGicYbzd9IA15GCAICEAsLxwMfSEOFjpfJyAKHFwYOxYbfREINjF2NBo4LlEuKzMFYDE7FQR9Ow81H1cXCAYfSzQJHQtuJTw0AX1OGjU+YScIOwBVITQKDXkRdB8YfRENCj5yNRo3B1Y3CRoNeRggFgxfNB4feAEhGhgTADQZAgB5RXQBC1QFajo6Vxg8bQB2TnwSL1MxKGIocRl9Nw4
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.35 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-35.fra53.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: sovieashlig.club
:scheme: https
:path: /UEk4dkwxK1sbczF0WlA5IiUFU34WbAowKDN8U04qN3xRGS9oOhYVID88XBA+PydMWCI1PR1ECgYEfR1+M3tiIgY8Lm4hGQEubR15NQhwAQMDeAwhBWAcWzUJEnleDH01CHkCHRcKfiMpYSoONR0VPFsgGQMaUUYAARx6FQcWLm0hNAk6bzQOMghvTxQWPmk4KgIIcDAgaCB7ARUZH3sOHRcuUCAAAgh/NDtgIm8nJwAReyAUBiVqRCoSIXwnOxp8cB54GBxBNBUSPlQyBQIHeTwOBn56HiMZG3sOLQYlaTcGFippJzsafG8nDhQIVhoDBiVpNykRZGEFGicYbzd9IA15GCAICEAsLxwMfSEOFjpfJyAKHFwYOxYbfREINjF2NBo4LlEuKzMFYDE7FQR9Ow81H1cXCAYfSzQJHQtuJTw0AX1OGjU+YScIOwBVITQKDXkRdB8YfRENCj5yNRo3B1Y3CRoNeRggFgxfNB4feAEhGhgTADQZAgB5RXQBC1QFajo6Vxg8bQB2TnwSL1MxKGIocRl9Nw4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
content-type: text/html
content-length: 1231
date: Mon, 10 Aug 2020 06:50:51 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: N545FtzeK2tApbH_Ef6SpxWh_ut3NDATr1-PGBmsoh5M-xuG6RP6yw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 2112
date: Mon, 10 Aug 2020 06:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 10 Aug 2020 08:15:39 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame B746 3 KB
3 KB 631ms
203ms Script
application/javascript 52.10.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18696&ref=https://iir.ai/EoxYDao&cb=4289582974&timeZone=2&adWidth=300&adHeight=250&loc=https://iir.ai/EoxYDao
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.109.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-109-135.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: bc226be67858a6d4c1eb769fd61ad88e115e4f02094c9b7170fbfdc201a650b2

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 06:50:52 GMT
server: nginx
x-adtrue-instance: java2
content-length: 3342
content-type: application/javascript

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/ 332 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b397871dff384aab300554a8f1745d86e020edd55dea9f1ad58209a1b7563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 04:06:51 GMT
server: sffe
age: 566889
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133278
x-xss-protection: 0
expires: Tue, 03 Aug 2021 17:22:42 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=823575779&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2FEoxYDao&ul=en-us&de=UTF-8&dt=ClkSh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1532631051&gjid=232589519&cid=546387881.1597042252&tid=UA-113561579-2&_gid=1615408783.1597042252&_r=1&gtm=2ou7v1&z=330033000

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v36/ Frame 97D5 0
0 30ms
9ms Document
text/html 2600:9000:2182:ac00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v36/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v36/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 06 Aug 2020 19:37:10 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 10 Aug 2020 06:40:21 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: iLgfYvT9XFP_DooGq4Xb9yjTohqx4YdNk67f3oSGT3A1jQd04cCG9w==
age: 631

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame E429 0
0 23ms
23ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=normal&cb=rsurc1myndir

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hcuaZZMBvOXjLFKWwvyhOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&size=normal&cb=rsurc1myndir
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Aug 2020 06:50:51 GMT
content-security-policy: script-src 'report-sample' 'nonce-hcuaZZMBvOXjLFKWwvyhOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10327
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v36/ 251 KB
69 KB 12ms
11ms Script
text/javascript 2600:9000:2182:ac00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v36/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:ac00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 408d8f9b5fdf7974eef1099412560e69fb10151f8fe8ebf2b593014a1df5585b

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:39:49 GMT
content-encoding: gzip
last-modified: Thu, 06 Aug 2020 19:37:09 GMT
server: AmazonS3
age: 1467
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 78dAViyRBmTx8NxsJtZ9tQvgE7NjHV3ztAJaM64L-xY1wCedSCR5ug==
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)

POST
H/1.1 200
OK options Show response
eikegolehem.com/ 0
673 B 59ms
59ms XHR
text/html 139.45.196.14
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eikegolehem.com/options?option_args=CM6K1QESIDlkMjA4ZDFiYjUwYjRiNzRiZjczYjA1MTA0YWI0Nzg4Gi9odHRwOi8vb3VmYXV0aHkubmV0L2FwdS5waHA/em9uZWlkPTM0OTExNTAmb289MSIWaHR0cHM6Ly9paXIuYWkvRW94WURhbw==

Requested by

Host: oufauthy.net
URL: https://oufauthy.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 10 Aug 2020 06:50:52 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 0
X-Trace-Id: a701f4e761cdf3eb453fc4b36c330025
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=utf8
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 204
No Content fac.php
eikegolehem.com/ Frame B284 0
0 222ms
48ms Document
text/html 139.45.196.14
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://eikegolehem.com/fac.php

Requested by

Host: oufauthy.net
URL: https://oufauthy.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.14 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: eikegolehem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/EoxYDao
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

Server: nginx
Date: Mon, 10 Aug 2020 06:50:52 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 95c5cf6569f261dd50fa465d2bed0dee
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 vendorlist.json Show response
quantcast.mgr.consensu.org/ 99 KB
18 KB 48ms
13ms XHR
application/json 2600:9000:2182:5400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 20:05:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 297912
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Mon, 03 Aug 2020 23:14:43 GMT
server: AmazonS3
etag: W/"9d5567acc5800c173d7ed398461c0af8"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: application/json
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ooD3tCBi6y_v3ZeY7LijXOxs8O_omqcnfYd1wbLjwdkHKP57tQVgZg==

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
764 B 243ms
54ms XHR
application/json 139.45.195.162
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.162 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

000d73f35ffef9e09565ba26a2b6d5001c43a82f5e68bc7d12fb614bbc82aaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 06:50:52 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://iir.ai
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame EFA0 0
0 19ms
19ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=8dxyzs20dq38

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IU7gZ7o6RDdDE6U4Y1YJJWnN/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DLInNPB3DMLvFstRyuIT9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=IU7gZ7o6RDdDE6U4Y1YJJWnN&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=8dxyzs20dq38
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 10 Aug 2020 06:50:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-DLInNPB3DMLvFstRyuIT9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
259 B 172ms
63ms XHR
application/json 35.156.249.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.249.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-249-121.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:52 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://iir.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 prebid3.16.0.js Show response
cdn.adtrue.com/pb/ Frame B746 175 KB
56 KB 16ms
16ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18696&ref=https://iir.ai/EoxYDao&cb=4289582974&timeZone=2&adWidth=300&adHeight=250&loc=https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 02:42:42 GMT
server: cloudflare
age: 9340005
etag: W/"5e9d0c22-2bc02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5c07c8fcde18dfc3-FRA
cf-request-id: 0478bbf20a0000dfc3aba63200000001
expires: Mon, 19 Apr 2021 04:24:07 GMT

GET
H2 200 request
track.adtrue.com/track/ Frame F2FA 0
0 652ms
206ms Document
text/html 54.185.201.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=18696&domain=iir.ai&ref=https%3A%2F%2Fiir.ai%2FEoxYDao&loc=https%3A%2F%2Fiir.ai%2FEoxYDao
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18696&ref=https://iir.ai/EoxYDao&cb=4289582974&timeZone=2&adWidth=300&adHeight=250&loc=https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.201.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-201-68.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=18696&domain=iir.ai&ref=https%3A%2F%2Fiir.ai%2FEoxYDao&loc=https%3A%2F%2Fiir.ai%2FEoxYDao
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
date: Mon, 10 Aug 2020 06:50:52 GMT
content-type: text/html
content-length: 397
server: nginx
x-host-name: java4

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B746 19 B
701 B 150ms
48ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 06:50:52 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: 4dd63b42-a19a-4bd5-9de4-1a5269722e0c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 3487732 Show response
inpagepush.com/500/ 2 KB
2 KB 155ms
155ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=&oaid=95467ff78b324d359e7278bc1df14796&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fiir.ai%2FEoxYDao&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

6969116c9c4235d066c68e0117cc300640a84dbee343f672a07a7e2037eb51ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 10 Aug 2020 06:50:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: ed0ee056da0598cede17770240bf25d7
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://iir.ai
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame C2FB 692 B
550 B 20ms
19ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 06:49:22 GMT
server: cloudflare
age: 27559660
etag: W/"5833ea72-2b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5c07c8fe1915dfc3-FRA
cf-request-id: 0478bbf2d20000dfc3aba75200000001
expires: Sun, 20 Sep 2020 07:23:12 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame C2FB 511 B
598 B 202ms
202ms Script
application/javascript 52.10.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18696&divid=2020242450
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.109.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-109-135.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: ed5fe8c0f8e654e6dac62fd28cbb928ea2549f015eb184b73c737b2399dd1536

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 10 Aug 2020 06:50:52 GMT
server: nginx
content-length: 511
content-type: application/javascript

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
484 B 152ms
50ms XHR
text/html 13.226.155.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1597042252609;AdShort%20Media%20Advertising;https%3A%2F%2Fiir.ai%2FEoxYDao;;;;;b,off,false,,1,en,36,213,true,false,false;displayConsentUi:mandatory,;GDPR-ayrjpc87hkl82bzmhzb2
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v36/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.119 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-119.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:45:32 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
vary: Origin
age: 321
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: FCHruHAl32bKqQr3-JeRO-vlYtW12GIgMfkiQs7b601rHGLac3IRdA==

GET
H2 200 exchange.adtrue.com.892972.js Show response
jsc.mgid.com/e/x/ Frame C2FB 219 KB
59 KB 164ms
63ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18696&divid=2020242450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c35c0b94fbe110e770168db60fb0487552d45e281c4f15f4f5c1c70e9e07d93c

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:52 GMT
content-encoding: br
cf-cache-status: HIT
age: 1386
cf-polished: origSize=224400
status: 200
last-modified: Thu, 06 Aug 2020 13:25:53 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31C22E4A2E2A2026
x-amz-id-2: wrjajMGAZQDMW0/0fyX6kEyHVHxtMry63oW3mqEZ6G9VPLHkwXLOluotLAdCd+3pQ+/vLxClhWw=
cf-bgj: minify
server: cloudflare
etag: W/"0950b2dd3ff6fea24e5cd89294807e41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 0478bbf4300000fa68c2af6200000001
cf-ray: 5c07c9004c2ffa68-AMS
expires: Mon, 10 Aug 2020 07:50:52 GMT

GET
H2 200 passback
track.adtrue.com/track/ Frame 71DD 0
0 230ms
206ms Document
text/html 54.185.201.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/passback?pzoneid=18696
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18696&divid=2020242450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.185.201.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-185-201-68.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/passback?pzoneid=18696
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/EoxYDao
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

status: 200
date: Mon, 10 Aug 2020 06:50:52 GMT
content-type: text/html
content-length: 0
server: nginx
x-host-name: java1

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
s-img.steepto.com/g/5523139/328x328/135x0x1062x708/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|fHzdfksa2S8NqZcXfxgMatoqeRLARo2ywu7crv0ujINe2befF5NtsY4lg9jDg-Bk&cid=949756&f=1&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445621bcPLcp2ph20200...
https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp

13 KB
14 KB

154ms
54ms

Image
image/webp

104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340669d513240dda4db4af2817d0deccfdcf1ede6b4ef369c0174d43714569ed

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: HIT
age: 2906586
status: 200
content-length: 13732
cf-request-id: 0478bbf5460000d9258d22d200000001
last-modified: Tue, 07 Jul 2020 15:27:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5c07c90209ccd925-AMS
expires: Tue, 10 Aug 2021 06:50:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:52 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4c4dd6a4-4b5b-4e8b-bb0b-b3a03ad27322
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9008bbfc769-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0478bbf4540000c76972002200000001
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ Frame C2FB 2 KB
670 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 05:05:10 GMT
server: ESF
date: Mon, 10 Aug 2020 06:50:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Aug 2020 06:50:52 GMT

GET
DATA 200
OK truncated
/ Frame C2FB 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame C2FB 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/EoxYDao

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://iir.ai

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1192458
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 1 Show response
servicer.mgid.com/892972/ Frame C2FB 1000 B
1 KB 100ms
99ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/892972/1?w=300&h=250&cols=1&pv=5&cbuster=1597042253045987549704&uniqId=0fe82&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Fiir.ai%2FEoxYDao&lu=https%3A%2F%2Fiir.ai%2FEoxYDao&pageView=1&pvid=173d722dcf5a2f6aa00&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af578e8e3d3bd9b01e9ab608695a03e87a787e7fa3902d24fee5129a4cf999cf

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c901be37fa68-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0478bbf5110000fa68c2b00200000001

GET
H2 200 i.js Show response
cm.mgid.com/ Frame C2FB 1 KB
717 B 97ms
96ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1597042253151859916177
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fa75dd6c9b38d0a6c2c91f5e2f18faac01e0342b26d258b39c6753a17f1dd3

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c883b659-1a8f-423f-963d-2b212872a376
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0478bbf57b0000fa68c2b05200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9025f06fa68-AMS

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame B3EF 19 B
277 B 98ms
98ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1597042253155502949571
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: ea493daf-a36b-4179-b581-c12979449aa1
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0478bbf57d0000fa68c2b06200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9026f10fa68-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp Show response
s-img.mgid.com/g/3805472/492x328/0x0x492x328/ Frame C2FB 22 KB
22 KB 143ms
51ms Fetch
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-img.mgid.com/g/3805472/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: HIT
x-mg-request-uuid: 8a490578-dafd-4350-b781-53487a954821
age: 2566701
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22464
cf-request-id: 0478bbf5d700000b638aab5200000001
last-modified: Thu, 07 May 2020 10:31:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5c07c902fca10b63-AMS

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame C2FB 2 KB
1 KB 55ms
53ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 482
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0478bbf5820000fa68c2b07200000001
cf-ray: 5c07c9026f17fa68-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
s-img.mgid.com/g/3805472/492x328/0x0x492x328/ Frame C2FB 22 KB
22 KB 57ms
56ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805472/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
Requested by: Host: iir.ai
URL: https://iir.ai/EoxYDao
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: HIT
age: 8127919
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22464
cf-request-id: 0478bbf57e0000c7697200e200000001
last-modified: Wed, 03 Jul 2019 13:04:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5c07c9026ec2c769-AMS
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 4023
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

149ms
49ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1597042253151859916177
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/EoxYDao
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9471
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=53566
Expires: Mon, 10 Aug 2020 21:43:39 GMT
Date: Mon, 10 Aug 2020 06:50:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 10 Aug 2020 06:50:53 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

google
cm.mgid.com/ Frame C2FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc5UVFPMjJjNU9u&muidn=k79QQO22c5On
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azc5UVFPMjJjNU9u&muidn=k79QQO22c5On&google_tc=
https://cm.mgid.com/google?muidn=k79QQO22c5On&google_ula={guid},5&google_gid=CAESEHISN7xtpiLYqXLaSbnDJ0s&google_cver=1

0
96 B

95ms
94ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k79QQO22c5On&google_ula={guid},5&google_gid=CAESEHISN7xtpiLYqXLaSbnDJ0s&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c903b8c1fa68-AMS
content-type: text/plain
cf-request-id: 0478bbf6520000fa68c2b0d200000001

Redirect headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k79QQO22c5On&google_ula={guid},5&google_gid=CAESEHISN7xtpiLYqXLaSbnDJ0s&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame C2FB 0
556 B 201ms
98ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k79QQO22c5On
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9039c8b9c1b-AMS
content-type: image/gif
cf-request-id: 0478bbf64300009c1bc6872200000001

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame C2FB
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k79QQO22c5On
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k79QQO22c5On
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&rdrctExp=true

0
470 B

124ms
124ms

Image
text/plain

70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&rdrctExp=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 06:50:54 GMT
Cache-Control: no-cache
X-TraceId: a0b8dc30d9bc687adbad6c38a5b6e121
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=58b7ea19-45d7-4682-ba18-8c34c42da0be&rdrctExp=true
Date: Mon, 10 Aug 2020 06:50:53 GMT
X-TraceId: b2968919f90d228e8775fcbc197d3a34
Content-Length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame C2FB 0
328 B 287ms
91ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k79QQO22c5On
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/ Frame C2FB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=603c317c-8861-4e11-ba67-ed6cf340c741&ttl=1599634253

43 B
219 B

97ms
97ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=603c317c-8861-4e11-ba67-ed6cf340c741&ttl=1599634253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 65de9322-a399-478d-b816-5f1db4d2ba63
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c90469fffa68-AMS
content-type: image/gif
cf-request-id: 0478bbf6bf0000fa68c2b13200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=603c317c-8861-4e11-ba67-ed6cf340c741&ttl=1599634253
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/ Frame C2FB
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=5KVN0yVmXU6JcmVIZTC4&pi=mgid&tc=1

43 B
210 B

95ms
95ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=5KVN0yVmXU6JcmVIZTC4&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: c40febc6-c0b3-4dea-bba9-26e81424c006
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9048a26fa68-AMS
content-type: image/gif
cf-request-id: 0478bbf6d00000fa68c2b15200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT, Mon, 10 Aug 2020 06:50:53 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=5KVN0yVmXU6JcmVIZTC4&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame C2FB
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=b0bb25c0-ba75-4a51-88ca-2e93ad49f552

43 B
468 B

96ms
95ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=b0bb25c0-ba75-4a51-88ca-2e93ad49f552
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:54 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 0db1f4ed-7a5f-4c6a-97af-44a166d650a4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c907eee2fa68-AMS
content-type: image/gif
cf-request-id: 0478bbf8ee0000fa68c2b3e200000001
server: cloudflare

Redirect headers

date: Mon, 10 Aug 2020 06:50:53 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=b0bb25c0-ba75-4a51-88ca-2e93ad49f552
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/ Frame C2FB
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=58b7ea19-45d7-4682-ba18-8c34c42da0be
https://x.bidswitch.net/sync?dsp_id=340&user_id=41427b93-fde8-4d80-b461-1802ddd13ee8&expires=10&ssp=mgid&bsw_param=58b7ea19-45d7-4682-ba18-8c34c42da0be
https://cm.mgid.com/m?cdsp=433145&c=58b7ea19-45d7-4682-ba18-8c34c42da0be

43 B
369 B

98ms
98ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=58b7ea19-45d7-4682-ba18-8c34c42da0be
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:53 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 73fccd6a-86e4-4b32-b33e-0e6b0b6cff3c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c9063ccefa68-AMS
content-type: image/gif
cf-request-id: 0478bbf7de0000fa68c2b31200000001
server: cloudflare

Redirect headers

status: 302
date: Mon, 10 Aug 2020 06:50:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=58b7ea19-45d7-4682-ba18-8c34c42da0be
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
DATA 200
OK truncated
/ Frame C2FB 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c
c.mgid.com/ Frame C2FB 43 B
289 B 94ms
93ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=300|200|28|0pWbWeuwUHq4JUTYo_xptqMlevSzXdghLmUgDPxUNLeiLq3TplMgs3IOPgiH5ypS&fw=1&extjs=66046&imgdim=1&cid=892972&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=d560dac1-dad5-11ea-9565-d094662c24f7&tt=Direct&pageImp=1&muid=k79QQO22c5On&cbuster=1597042254342357471708&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:50:54 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 3fb38142-56a7-4d1b-a565-88bbd615e17e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c909c911c769-AMS
content-type: image/gif
cf-request-id: 0478bbfa1e0000c7697207c200000001
server: cloudflare

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B5C7 0
0 127ms
41ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/EoxYDao
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://iir.ai/EoxYDao

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 10 Aug 2020 06:50:55 GMT
Age: 8299595
X-Served-By: cache-lga21948-LGA, cache-hhn4063-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 1589956
X-Timer: S1597042256.608902,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK Cj2SgYiSa1n3-vGCk-_1m0DKOYect59sAOvimMNqwRmhnToHuB78W_VT42BKFvPRkqrBki5fNI81fFzUwmvB1cV9p7MUvNXSUxM-HEUferN-UK7QIbafqNvf0CbeaCIX4d8JjgLyNLu1_7KhDNBcUc7wTqRjQGuS53Ktly7WVSqye0ZkCf892pqJeG3gn1tPwG9LD...
onstunkyr.com/impression/ 43 B
482 B 213ms
54ms Image
image/gif 139.45.196.40
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/Cj2SgYiSa1n3-vGCk-_1m0DKOYect59sAOvimMNqwRmhnToHuB78W_VT42BKFvPRkqrBki5fNI81fFzUwmvB1cV9p7MUvNXSUxM-HEUferN-UK7QIbafqNvf0CbeaCIX4d8JjgLyNLu1_7KhDNBcUc7wTqRjQGuS53Ktly7WVSqye0ZkCf892pqJeG3gn1tPwG9LDK3cZrQiyeUzu1tRn_NSG6792bL95Ip3n6u4i4Q=?z=3487732&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fiir.ai%2FEoxYDao&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.40 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 5f6dcce7798b82dec15af7112eb7bc5b
Pragma: no-cache
Date: Mon, 10 Aug 2020 06:51:02 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
s-img.steepto.com/g/5523139/328x328/135x0x1062x708/ Frame B871
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|fHzdfksa2S8NqZcXfxgMatoqeRLARo2ywu7crv0ujINe2befF5NtsY4lg9jDg-Bk&cid=949756&f=1&h2=uMBDuuyVyPyEF0oxkZrWtvN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445621bcPLcp2ph20200...
https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp

13 KB
14 KB

52ms
52ms

Image
image/webp

104.19.138.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.138.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340669d513240dda4db4af2817d0deccfdcf1ede6b4ef369c0174d43714569ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 06:51:02 GMT
cf-cache-status: HIT
age: 2906595
status: 200
content-length: 13732
cf-request-id: 0478bc18330000d9258d3d9200000001
last-modified: Tue, 07 Jul 2020 15:27:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5c07c939ec02d925-AMS
expires: Tue, 10 Aug 2021 06:51:02 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Aug 2020 06:51:02 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 54f03289-6c9c-4294-a44c-90212661b30f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/5523139/328x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c07c938dc94c769-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0478bc17880000c769721a5200000001
server: cloudflare

GET
H/1.1 204
No Content 3487732 Show response
inpagepush.com/500/ 0
645 B 173ms
61ms XHR
text/plain 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=6445621&oaid=95467ff78b324d359e7278bc1df14796&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fiir.ai%2FEoxYDao&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/EoxYDao
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 9e2b4ee92a0414640389cc791a733da1
Pragma: no-cache
Date: Mon, 10 Aug 2020 06:51:02 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Origin: https://iir.ai
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Expires: Wed, 31 Dec 1969 19:00:00 EST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v36/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	debug	URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ams.creativecdn.com
aphycolourses.info
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
boudja.com
c.mgid.com
cdn.adtrue.com
cdn.mgid.com
clk.sh
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
creativecdn.com
dc5k8fg5ioc8s.cloudfront.net
eikegolehem.com
eus.rubiconproject.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
iir.ai
inpagepush.com
jsc.mgid.com
match.adsrvr.org
my.rtmark.net
onstunkyr.com
oufauthy.net
quantcast.mgr.consensu.org
rtb-usw.mfadsrvr.com
s-img.mgid.com
s-img.steepto.com
secure-assets.rubiconproject.com
servicer.mgid.com
sovieashlig.club
static.quantcast.mgr.consensu.org
sync.outbrain.com
track.adtrue.com
voltskegscurate.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
boudja.com
104.111.230.142
104.16.199.73
104.19.133.78
104.19.134.78
104.19.135.78
104.19.138.80
13.226.155.119
13.226.155.32
13.226.156.37
139.45.195.142
139.45.195.162
139.45.196.10
139.45.196.14
139.45.196.40
143.204.201.35
151.101.113.108
172.217.21.226
18.158.16.100
185.184.8.30
185.33.221.15
23.105.245.5
2600:9000:2182:5400:9:46dc:4700:93a1
2600:9000:2182:ac00:9:46dc:4700:93a1
2606:4700:10::6814:326f
2606:4700:20::681a:ff6
2606:4700:3035::681c:1e0a
2a00:1450:4001:800::2004
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:815::2008
2a00:1450:4001:816::200e
2a00:1450:4001:817::2003
34.196.151.230
35.156.249.121
35.212.212.222
51.178.195.173
52.10.109.135
54.185.201.68
70.42.32.95
76.223.7.166
000d73f35ffef9e09565ba26a2b6d5001c43a82f5e68bc7d12fb614bbc82aaee
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
210e8c57220cc2bdc452bbae6cf87d8eb9b6a539b7b6799c812cba32a63803bb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
340669d513240dda4db4af2817d0deccfdcf1ede6b4ef369c0174d43714569ed
38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
3f21d72fca20802397aad332fca61ca4ac017665e637eb2c96048011b27d7ca8
408d8f9b5fdf7974eef1099412560e69fb10151f8fe8ebf2b593014a1df5585b
49fa75dd6c9b38d0a6c2c91f5e2f18faac01e0342b26d258b39c6753a17f1dd3
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5923e43ed07f1648786aa192b0bd7452d6b2f5eea526905e81677397327fc7c4
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5
62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5
6444acf273b971ab602403fcb858442b0503fa9b6ee98d2a534fef3ba18cf8ca
6969116c9c4235d066c68e0117cc300640a84dbee343f672a07a7e2037eb51ed
7f71b511136787451588194ce0d62e382fd3e39ee383d26a879b69e0fe9be1f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92622defbe69d5f485b731c66b75275c2fa89f0ca76e915cfd05007f0a9ce626
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3
a6bc756db2c4f1f691b626d60e9d1e8aa3c52df64ffda2e62276c81c20ae766d
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a859156782f0106672ead92632bc57b6555bc16479dacfb839a5c3dc2d095412
a8d04be62e40ad4e64e1560f21b061d91f576079e748c7ee68d2a1ad0913f122
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
af578e8e3d3bd9b01e9ab608695a03e87a787e7fa3902d24fee5129a4cf999cf
afe22e200cb88583eb9d835bc4e3389a6e14a0ba76e029a2f54c39aee3b7ae5b
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b49b397871dff384aab300554a8f1745d86e020edd55dea9f1ad58209a1b7563
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
bc226be67858a6d4c1eb769fd61ad88e115e4f02094c9b7170fbfdc201a650b2
c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184
c35c0b94fbe110e770168db60fb0487552d45e281c4f15f4f5c1c70e9e07d93c
cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5fe8c0f8e654e6dac62fd28cbb928ea2549f015eb184b73c737b2399dd1536
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

iir.ai Open in urlscan Pro 2606:4700:3035::681c:1e0a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

97 %HTTPS

28 %IPv6

33 Domains

47 Subdomains

35 IPs

7 Countries

1000 kBTransfer

2605 kBSize

0 Cookies

11 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

iir.ai Open in urlscan Pro
2606:4700:3035::681c:1e0a Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

97 %
HTTPS

28 %
IPv6

33
Domains

47
Subdomains

35
IPs

7
Countries

1000 kB
Transfer

2605 kB
Size

0
Cookies

71 HTTP transactions
3 data transactions