iir.ai Open in urlscan Pro
2606:4700:3033::681c:1f0a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clk.sh/full?api=1a83dc23a56e37f8d4635da35fc71e6a9e912db2&url=aHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZvbGRlcn...
Effective URL:
https://iir.ai/X4lv
Submission: On May 17 via api (May 17th 2020, 4:11:03 am UTC) from US

Summary HTTP 226 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 48 domains to perform 226 HTTP transactions. The main IP is 2606:4700:3033::681c:1f0a, located in United States and belongs to CLOUDFLARENET, US. The main domain is iir.ai.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 19th 2020. Valid for: 8 months.

This is the only time iir.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:20:... 2606:4700:20::681a:ff6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3033::681c:1f0a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:209... 2600:9000:2093:2c00:1a:a6:7f00:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
16	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:201... 2600:9000:2016:2e00:15:b448:1e80:21	16509 (AMAZON-02) (AMAZON-02)
1	52.84.50.14 52.84.50.14	16509 (AMAZON-02) (AMAZON-02)
10	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
12	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.182.122 52.222.182.122	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
7	104.16.107.82 104.16.107.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.108.143 104.16.108.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
2	104.16.108.139 104.16.108.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.216.134.237 52.216.134.237	16509 (AMAZON-02) (AMAZON-02)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1	52.222.182.109 52.222.182.109	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.133 91.228.74.133	27281 (QUANTCAST) (QUANTCAST)
1	52.31.182.127 52.31.182.127	16509 (AMAZON-02) (AMAZON-02)
1	54.230.55.98 54.230.55.98	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:207... 2600:9000:2070:c00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2 3	52.49.73.64 52.49.73.64	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:207... 2600:9000:2070:2800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e6:... 2606:4700:e6::ac40:c107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	34.95.76.218 34.95.76.218	15169 (GOOGLE) (GOOGLE)
2	2600:9000:201... 2600:9000:2016:3400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	54.246.118.35 54.246.118.35	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:207... 2600:9000:2070:7000:b:187f:8500:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:209... 2600:9000:2093:ce00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	18.156.186.116 18.156.186.116	16509 (AMAZON-02) (AMAZON-02)
1	52.222.182.16 52.222.182.16	16509 (AMAZON-02) (AMAZON-02)
2 2	3.218.106.131 3.218.106.131	14618 (AMAZON-AES) (AMAZON-AES)
2	2.21.38.73 2.21.38.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	116.202.160.35 116.202.160.35	24940 (HETZNER-AS) (HETZNER-AS)
2 5	52.57.190.156 52.57.190.156	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
4	108.128.27.24 108.128.27.24	16509 (AMAZON-02) (AMAZON-02)
3	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
1	159.69.60.133 159.69.60.133	24940 (HETZNER-AS) (HETZNER-AS)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
4 4	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	3.124.245.94 3.124.245.94	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2	18.185.245.187 18.185.245.187	16509 (AMAZON-02) (AMAZON-02)
226	63

3 2606:4700:20::681a:ff6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clk.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3033::681c:1f0a (United States)

ASN13335 (CLOUDFLARENET, US)

iir.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2093:2c00:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02, US)

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2016:2e00:15:b448:1e80:21 (United States)

ASN16509 (AMAZON-02, US)

d1ks8roequxbwa.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.50.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-50-14.ham50.r.cloudfront.net

d3al52d8cojds7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.182.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-122.ham50.r.cloudfront.net

boudja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.107.82 (United States)

ASN13335 (CLOUDFLARENET, US)

areasonsimon.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.108.143 (United States)

ASN13335 (CLOUDFLARENET, US)

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.108.139 (United States)

ASN13335 (CLOUDFLARENET, US)

anglishreasts.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.134.237 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.182.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-109.ham50.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.182.127 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com

tmzr.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.55.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-55-98.ham50.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:c00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.49.73.64 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:2800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e6::ac40:c107 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.76.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.76.95.34.bc.googleusercontent.com

cdn.prod.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2016:3400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.118.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2070:7000:b:187f:8500:21 (United States)

ASN16509 (AMAZON-02, US)

d7016uqa4s0lw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2093:ce00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.186.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-186-116.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.182.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-16.ham50.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.106.131 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-106-131.compute-1.amazonaws.com

api.news-headlines.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.38.73 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-73.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 116.202.160.35 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.35.160.202.116.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.190.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-190-156.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.14 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.27.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-27-24.eu-west-1.compute.amazonaws.com

intake.prod.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.123.231 (France)

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.60.133 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.60.69.159.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.2 (Mountain View, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.245.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.245.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-245-187.eu-central-1.compute.amazonaws.com

euc-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	207 KB
32	ampproject.org cdn.ampproject.org	858 KB
20	doubleclick.net 4 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	185 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	258 KB
10	themoneytizer.com ads.themoneytizer.com	166 KB
9	360yield.com 2 redirects ice.360yield.com match.360yield.com ad.360yield.com euc-ice.360yield.com	12 KB
8	google.com adservice.google.com www.google.com	952 B
7	richaudience.com shb.richaudience.com sync.richaudience.com	1 KB
7	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	170 KB
7	areasonsimon.club areasonsimon.club	8 KB
7	iir.ai iir.ai	221 KB
6	taboola.com cdn.taboola.com trc.taboola.com	307 KB
6	pubstack.io tmzr.pubstack.io cdn.prod.pubstack.io intake.prod.pubstack.io	25 KB
6	cloudfront.net dc5k8fg5ioc8s.cloudfront.net d1ks8roequxbwa.cloudfront.net d3al52d8cojds7.cloudfront.net d2zur9cc2gf1tx.cloudfront.net d7016uqa4s0lw.cloudfront.net	337 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
4	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adsrvr.org 2 redirects match.adsrvr.org	2 KB
3	onetag-sys.com onetag-sys.com	452 B
3	clk.sh 1 redirects clk.sh	78 KB
2	adform.net 2 redirects track.adform.net	753 B
2	outbrainimg.com images.outbrainimg.com	81 KB
2	news-headlines.co api.news-headlines.co Failed	825 B
2	4dex.io script.4dex.io	19 KB
2	smartadserver.com 1 redirects ww1097.smartadserver.com	659 B
2	anglishreasts.site anglishreasts.site	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	tmyzer.com c.tmyzer.com	200 B
1	adleadevent.com adtrack.adleadevent.com	517 B
1	casalemedia.com as-sec.casalemedia.com	330 B
1	quantcount.com rules.quantcount.com	967 B
1	id5-sync.com id5-sync.com Failed	435 B
1	indexww.com js-sec.indexww.com	12 KB
1	quantserve.com secure.quantserve.com	8 KB
1	zeotap.com spl.zeotap.com
1	leadplace.fr tag.leadplace.fr	3 KB
1	criteo.com gum.criteo.com	349 B
1	sascdn.com ced-ns.sascdn.com	9 KB
1	cpx.to p.cpx.to	2 KB
1	contextweb.com tag.contextweb.com	11 KB
1	themoneytizer.net g.themoneytizer.net	200 B
1	amazonaws.com s3.amazonaws.com	18 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	aphycolourses.info aphycolourses.info	14 KB
1	google.de adservice.google.de	952 B
1	boudja.com boudja.com	365 B
1	recaptcha.net www.recaptcha.net	918 B
1	googletagmanager.com www.googletagmanager.com	33 KB
226	48

	Domain	Requested by
38	tpc.googlesyndication.com	securepubads.g.doubleclick.net iir.ai cdn.ampproject.org ads.themoneytizer.com
32	cdn.ampproject.org	securepubads.g.doubleclick.net
16	securepubads.g.doubleclick.net	iir.ai securepubads.g.doubleclick.net
11	fonts.gstatic.com	iir.ai d3al52d8cojds7.cloudfront.net cdn.ampproject.org
10	ads.themoneytizer.com	iir.ai ads.themoneytizer.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
7	www.google.com	ads.themoneytizer.com iir.ai
7	areasonsimon.club	d1ks8roequxbwa.cloudfront.net d3al52d8cojds7.cloudfront.net ads.themoneytizer.com
7	iir.ai	iir.ai
6	shb.richaudience.com	ads.themoneytizer.com
5	fonts.googleapis.com	iir.ai securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	4 redirects
4	intake.prod.pubstack.io	iir.ai
4	ice.360yield.com	2 redirects
3	trc.taboola.com	cdn.taboola.com iir.ai
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com iir.ai
3	cdn.taboola.com	iir.ai cdn.taboola.com
3	ib.adnxs.com	2 redirects ads.themoneytizer.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	onetag-sys.com	ads.themoneytizer.com
3	clk.sh	1 redirects iir.ai
2	euc-ice.360yield.com
2	track.adform.net	2 redirects
2	ad.360yield.com
2	images.outbrainimg.com
2	api.news-headlines.co
2	vendorlist.consensu.org	quantcast.mgr.consensu.org
2	static.quantcast.mgr.consensu.org	ads.themoneytizer.com quantcast.mgr.consensu.org
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
2	anglishreasts.site	iir.ai
2	c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com iir.ai
2	dc5k8fg5ioc8s.cloudfront.net	iir.ai dc5k8fg5ioc8s.cloudfront.net
1	match.360yield.com
1	acdn.adnxs.com	ads.themoneytizer.com
1	sync.richaudience.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	d7016uqa4s0lw.cloudfront.net	ads.themoneytizer.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	cdn.prod.pubstack.io	tmzr.pubstack.io
1	ajax.googleapis.com	ads.themoneytizer.com
1	rules.quantcount.com	secure.quantserve.com
1	www.gstatic.com	www.recaptcha.net
1	id5-sync.com	iir.ai ads.themoneytizer.com
1	quantcast.mgr.consensu.org	iir.ai
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	tmzr.pubstack.io	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com	iir.ai
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	s3.amazonaws.com	iir.ai
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	aphycolourses.info	iir.ai
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	boudja.com	iir.ai
1	www.recaptcha.net	iir.ai
1	d3al52d8cojds7.cloudfront.net	iir.ai
1	d1ks8roequxbwa.cloudfront.net	iir.ai
1	www.googletagmanager.com	iir.ai
226	70

This site contains links to these domains. Also see Links.

Domain
clk.sh
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-19` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
misc.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
boudja.com Amazon	`2019-10-02` - `2020-11-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
areasonsimon.club CloudFlare Inc ECC CA-2	`2020-05-11` - `2020-10-09`	5 months	crt.sh
aphycolourses.info CloudFlare Inc ECC CA-2	`2020-03-30` - `2020-10-09`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
anglishreasts.site CloudFlare Inc ECC CA-2	`2020-04-08` - `2020-10-09`	6 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2020-05-08` - `2022-05-25`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-03-02` - `2020-05-31`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.prod.pubstack.io Amazon	`2019-09-18` - `2020-10-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
cdn.prod.pubstack.io GTS CA 1D2	`2020-03-19` - `2020-06-17`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
c.tmyzer.com Let's Encrypt Authority X3	`2020-04-11` - `2020-07-10`	3 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-05-13` - `2020-09-10`	4 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-04-02` - `2020-07-01`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://iir.ai/X4lv
Frame ID: 3CD7DC89B241C56CF53FEF35859DA0C4
Requests: 106 HTTP requests in this frame

Frame: https://areasonsimon.club/QkJHTzMjICQiDCN/JWlGMC56agEEZ3UJV3MpNHdBLSc2OksgNSZhUC4tMitVMC0pOx0sJzNqAQQ7JhgGKyMRDngDEzAfUTpyDw1fEC0QI0sQFRANYwAAAghjKi4TA1sMKQYecnEOP3ZqEQAeG30EECQdchc6BThfJBY9GnsGFH4WVyUlDA51ECkTN1wRAC07ZgU1MAF9E3oPC3I1chM3QAYUA390BAM0CWMDKgsacHsuFX4GChV1DXEDNQoEfBMhJgthLXYTCQMlFgAFaQA1MCt9ExQLGnUpewQOAgoVdQ50ChcjLWoABAsadS4qEBt1FhoWdlAQcmorURsDICp2JRd2B1QxAwYlWCYRdg5FGBQ3FWcEMiobdToRFhtAAAUgd3UmFDQ7YXM2IA1iIQgDB2UgGiAafg81Dg1gcjouGGJyCQA1CwcBdytRBC5yLmcELmJ9cRUuKx5mCnceGHU2Dx4jWCYDMHdLBTUjB2Q6GCQXZRQKHn4KCwR2HhUoMSghQ38OPXtbLBcBAAI
Frame ID: CB0C6FC87190113CBBBD39B60BC6C502
Requests: 1 HTTP requests in this frame

Frame: https://c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 784BC8A17CC1CF45E2A958B79D632D76
Requests: 1 HTTP requests in this frame

Frame: https://areasonsimon.club/bWRmVUUMBgU4egxZBHMwHwhbcHcrQVQTIV4FCmB3CVwFOi8JF1F7JgELEzEjHwsIIWsDARJwdyslBGYEXTYMEAglVQkyAQUXPAANHiM+EAAlBwEPDyoPBSUdFV0oNjIVPjA8HCkqIAxyKDwvIh8uBzU3Ai8iIAcUJwAkNgEoMgk9ASgPMAIsOCk+OR87LQobFj8mLywUPCUEFhZcLSQXAwgqVj4hKjEsMhcsUSgCFgEoJD09NC4eByEjAyA6BDgUJRcCWAciPQsJLyMABCxVHj8EBFUwFys3PScEFz8vDgchPCINOxAGFCUXBgEnNT4MKDQOByE8JUsDdw8IUxAkXik/Bi4kISxlAAssIBA9OyVWNx05LTMNETQmAgQfLzURHy8sVV8MHRRRIBQtGjYCHQ8mNQEENDolNwMANTUkFgc7PCoDcCoyNw93OAMFFhIUEDMGLicdBQQTLzUkJXQvCFcfAgMHLgMpOCMCPgwiIgoAdTohFhYmAyklAgNZLAUXJgwwMBd0LAgRBxADMS8REAE1BQMLDCIwECI7MgUDBzUhJQI9JCIvORMJIiAQLksOFTorHVkhHy1UMlEnIjkFICMQJQY+
Frame ID: 6B1CAA2BDC6F35264DD96454597D3174
Requests: 1 HTTP requests in this frame

Frame: https://areasonsimon.club/cm9DalcTDSAHaBNSIUwiAAN+T2U0SnEsM0EOL19lFlcgBT0WHHRENB4ANg4xAAAtHnkcCjdPZTRdDC4zNSFzEjUlLCs4NEIXJiMwAlgHDRlAK3BaMio7FTMeGQgIL2c7CActbwcuKgIaKC4VHhEaWgc6ETwXAAISAzkqIDExAgE5Hh4cCA4vNxsbLAFFLnEaGSQBNwseQiUmITsBGws7AjMuLiMeNwESIg00ORQgAUYGFywwQzdxARsWOA4sMTQpGSc7OwgLOwFAOCpbNTcBEiIeQhwQDhYRXws7AUAtLRI5MAEJBTIgKhAOFhEbEC80AzopHjMkPG5bMj0tcywWMyVmWBE2Fy9bFiUECChlRwwJLy8TJCsgckAtJhIdQi06KAUqLA45MRUHEiNmIwEVEmIYLRsSNSoVETMeJF8QDh80WAcoO0AoG1IHMDd7MDEjWwwzICRXEFsOFTkpXwU3ARESMiMcAgsWIFkLAR1FOnBSGzAsJzgxBSkVDGY8WBQNHhg6Kho0NhYOLTIFHAcgFisAGysCGzoqXnEYHCwEJ086NgZjKgd2DiMhLBkw
Frame ID: 250D4ACD524888674C6AE579D2B0EE73
Requests: 1 HTTP requests in this frame

Frame: https://areasonsimon.club/ZndaNk0HFTlbcgdKOBA4FBtnE38gUmhwKVUWNgN/Ak85WScCBG0YLgoYL1IrFBg0QmMIEi4TfyABDG4XMyYwVX8hIzVdDiUyPHsFXicAcw8SExtsNy40OUIaNSEWZjQJMhhyIRU+aWMAIRoTBBgPLQt/CQ4jO3MfHzs2b3ojIDZdGAwEDFcVKyUUdARUES14NyceC0IVIRA+eh4KIApBLhU6HAInMzQfXA4MEAB6JBIVFWQpHhQScCoxMAhYDzEhP3keKCIKdCoBOw9ndDNFOXcICxMdZh4eMxd0PR4UG1V5IA0+WA8xIgB8fwUxAGd4HhQbUiY0EHdCNycAKnIrMRQcbB8FHBdaPhE2DnMqPjMtdS4+NSJvCDAdOHcfDCJobDQuDW5TBCVOOFUINy8AQRsKMDAGPTMZGHMXJSEJeCVWQDtOBwglMFU8NCM1VAAxFBxzfSAQOHcpUSUNeDoiGS5+FAgECWx9PxkTBwhWNR4HIyQlFHIXVSIAbCYkDhRBIh4lDVI1MB0UcC81NhV7GCNFPgcEETIedHszGgh0F1UtDGwPLwA5cAARMRsQJxUYNEZwDR9pZwJeFhhvIVADP0U
Frame ID: E3AA0BC6A6489CF9C947341E4F6E6CF9
Requests: 1 HTTP requests in this frame

Frame: https://areasonsimon.club/TVpQdEcsODMZeCxnMlIyPzZtUXULf2IyI347PEF1KWIzGy0pKWdaJCE1JRAhPzU+AGkjPyRRdQs8CiEjLD5gEwAGHgEmIzUfJSQsPX9iMh8FHCQmdA8eHCcsFBA4InEMGBU5AwxuNDAweR4ZHQkPPBQ1EysbHQ0GFSo/IRQcHxsgdgY4NzU3Ag8gQRY0A3VGBQsCBiYeHm4YPjB4bB0lcycYE0Q1CSA/OQoVLRM/ESorHiV3JRkDB3AYND8eJCMIGBYRKWkzHCg9GDlAdwwjMyMLfmMVNywPazEccyAfAz11GDQgIgwnKQUWESlpHiUVOQxjFy4YNCAiIyB3PxsiGx8JFnZ4LgZHJHoYKhMNBDNgJwwqbiU4KwdsGUcNPQsXLhAuAmkyIghqIzkgADYTIw0iFBdFHykgCREOOhg5FQIuLBE3FjUdFzIGKQ0/IQ4POT86PwcuBgMBOQtiLhEsDTw1IiEiIBV3CyIBPBE8GBMfAwczNxElGzkSFncff2IyFH4IIyETfAMZRisIPyclLywPZAUfDhQkMh99GxkeMBk5ETZ1Lw8CTAV+A3VGBQhpPzYOJz12HjQiNCBJHSseOT0ANRw2ET57bgUg
Frame ID: F7A9EA9838E653A88D34A82CC43EE047
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1589688629752
Frame ID: D63C883982E49E8F1BC7FCC0903F7FF6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 60BD75206A1629BA520C1C0B05C9F442
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v33/cmp-3pc-check.html
Frame ID: 339AC600FA5E2B8778595E30FE8D29D8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=wjj3vj9zotke
Frame ID: 56E90EEA7F4A77C790EEB8373F3C513A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 0CD1CB923FCE11D6F05BABE7C19A8BB4
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=fe8iughf2v8e
Frame ID: 8EBEB19657DEAB025123BC780CE5E666
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 791BF197407B993AAB8B3417079BAF56
Requests: 17 HTTP requests in this frame

Frame: https://areasonsimon.club/WU5KU3c4LCk+SDhzKHUCKyJ3dkUfa3gVE25+e2UCKC9+IEc1OWQwGzY7LjUFNiA+fRk8Om9hMTMbJ2sNCwYLKzYffiMHDgAJHGAbERQMIDM/CwxjNQwPOBseEx0pFyJrAwtjMB8MfjkgPhw9FTQ+IhIEPhwFCyA4PSITdkUbCiZjHQ0WGxgvCioECkc1HQMRPS8ZMgYPHBlyEC8dehADEBcdEwY+DBkiYkcPGQg1MCAlGB4mAyoHEU8xDDIJRBQgLjc2IH4vGRApKBMGPTAPJhoZDxkINS8dKhwKMWACEwY9MBYtHhUIGRMkNTR/HAoxYB0EEjZ8fAgQHHQfIhYdMgkYYTEaCAw8Njp/fzsgCxR4Aj82Cx0pNj0eITw1G38cNC9odj4UDT0FCwsmAQA9Ky4SfyZgLwgDJBQ0GA8SOjEPFwk4MjoIfzomCAwwAhotDAs9PRMqe2MzFzYPYzMyCz4FIBg+CD0TESgMJDEAKRwlNC4MeQINFAQLG0cKLz0gMhMlH2A0NRstADM9KwgbExwDDGYvEAsDYTQ1C2w5BDYgOm40KAgoMUIJIDtmQG0qMBkZ
Frame ID: 6811A128E6CFED4D865CD366548EFD4D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 6F2D00C2507F40B529A13FD4A756BDE4
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 9B386486C2928E915DEDFE24E7E8B47F
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js
Frame ID: 08AD1F41769286FD2D9B8D1E8702F005
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 58723319C64CBF66F3CC22EAFB77735A
Requests: 1 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Frame ID: 61A33FBA77A799C61A339A15C165DDB0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: B23F22A42BFA899CCB12AD8DB31D73FF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 6216F63D853E4C1F80AA69B40ACA031A
Requests: 7 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7447682694
Frame ID: 874B050A0076C063CBE6127FFB407E24
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1589688639978
Frame ID: 86A3D33F628F414BE70CBF48B36487FB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: D02BE0743F0D8C04D830384A423F2AB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clk.sh/full?api=1a83dc23a56e37f8d4635da35fc71e6a9e912db2&url=aHR0cHM6Ly9kcml2ZS5nb2... HTTP 301
https://iir.ai/X4lv Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

226
Requests

99 %
HTTPS

37 %
IPv6

48
Domains

70
Subdomains

63
IPs

9
Countries

3130 kB
Transfer

8880 kB
Size

14
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.sh/

Search URL Search Domain Scan URL

URL: https://clk.sh/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://clk.sh/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://clk.sh/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShrinkearnClksh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clk.sh/full?api=1a83dc23a56e37f8d4635da35fc71e6a9e912db2&url=aHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZvbGRlcnZpZXc%2FaWQ9MEIyNlYxbDRjOEM4SFMwSTRaMUJhVEZWamREUSZ1c3A9c2hhcmluZw%3D%3D&type=2 HTTP 301
https://iir.ai/X4lv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 63

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOSlMPK2CihYNruDjQ03aSKLJwO1i_cK_MVlhDkg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/3/7/3.gif?puid=1d0b5ec0-b935-4800-90bc-3b6cd48dd18f&gdpr=1&gdpr_consent= HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F6%2F4.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F6%2F4.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1 HTTP 302
https://id5-sync.com/c/12/103/6/4.gif?puid=69e6257b72526337dcaa4cddf2e7c59d&gdpr=1&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/10/5/5.gif?puid=7892004141704046155&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/19/4/6.gif?puid=1a19bf907847da0040e9ff0ea7779cdc&gdpr=1&gdpr_consent= HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/12/101/3/7.gif?puid=d62cc146-a377-4f72-9665-92b8794cd9d2&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/2/8.gif?puid=595be331-97f4-11ea-a011-426c53b1b576&gdpr=1&gdpr_consent=

Request Chain 185

https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp&c=DE&user_id=3329793d-dc31-4c7b-8d10-3682791decd7&publisher_key=ADMVN0301PH&sub_id=default&provider_id=30&uipa=mtG1lJiYmc43mc42oa==&req_id=bd98a222ae8286b7ad3b269a21d6a7bbdc766_ADMVN0301PH&click_id=us_9f834fcb-8867-47ef-8752-d18421b6d9b8030mtG1lJiYmc43mc42oa==&bid_amount=0.030418&sub_id_original=832300&language=en&imp=http%3A%2F%2Flog.outbrainimg.com%2FloggerServices%2FwidgetGlobalEvent%3FrId%3D56a1e95de76fceaedccf2ed00669c560%26pvId%3D56a1e95de76fceaedccf2ed00669c560%26sid%3D7252960%26pid%3D39036%26idx%3D0%26wId%3D294%26pad%3D1%26org%3D0%26tm%3D0%26eT%3D0%26p_key%3DADMVN0301PH%26provider%3D30 HTTP 307
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Request Chain 194

https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp&c=DE&user_id=3329793d-dc31-4c7b-8d10-3682791decd7&publisher_key=ADMVN0301PH&sub_id=default&provider_id=30&uipa=mtG1lJiYmc43mc42oa==&req_id=729856e7b69cefdbc8ca470d6a74364a6954b_ADMVN0301PH&click_id=us_b0136d14-c62a-4d95-a714-b3e1f8445a9b030mtG1lJiYmc43mc42oa==&bid_amount=0.030418&sub_id_original=832300&language=en&imp=http%3A%2F%2Flog.outbrainimg.com%2FloggerServices%2FwidgetGlobalEvent%3FrId%3D074a1441784500a2747e4565e3aad284%26pvId%3D074a1441784500a2747e4565e3aad284%26sid%3D7252960%26pid%3D39036%26idx%3D0%26wId%3D294%26pad%3D1%26org%3D0%26tm%3D0%26eT%3D0%26p_key%3DADMVN0301PH%26provider%3D30 HTTP 307
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Request Chain 202

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bd784068fc264%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22c59b3370-0a17-49cc-8105-80da2227f51f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22176e46a2d7e6128%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%22e95de76d-c965-425f-96e4-5e1bddf2efbd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221828b54bf717819%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22ae5ed581-3c3d-48c1-becd-d42706574636%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%221971e0be6e26e87%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%2288fef07c-0ee6-445f-8db8-ed67e41a71bd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%2220a43c31fad3d1a%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%2215120401-1cf9-44de-9704-53d9c74b02bc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bd784068fc264%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22c59b3370-0a17-49cc-8105-80da2227f51f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22176e46a2d7e6128%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%22e95de76d-c965-425f-96e4-5e1bddf2efbd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221828b54bf717819%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22ae5ed581-3c3d-48c1-becd-d42706574636%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%221971e0be6e26e87%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%2288fef07c-0ee6-445f-8db8-ed67e41a71bd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%2220a43c31fad3d1a%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%2215120401-1cf9-44de-9704-53d9c74b02bc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Request Chain 203

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216692ab669c9c6%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2277316d21-bc82-49b0-afcf-6a800d736ae9%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216692ab669c9c6%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2277316d21-bc82-49b0-afcf-6a800d736ae9%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 218

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9=

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NFlpgWw5SbqVRK2Wi4n0pw&google_cm&publisher_dsp_id=340 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NFlpgWw5SbqVRK2Wi4n0pw&google_cm=&publisher_dsp_id=340&google_tc= HTTP 302
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDbl-WTRVR3_mVkTB4pDh5g&google_cver=1

Request Chain 227

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=adda9fec-18d2-4942-8a78-04b540612150

Request Chain 228

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&google_tc= HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESEB292DtqJwt58C5mYl4cl8I&google_cver=1

Request Chain 229

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590898243&external_user_id=6679322291230803371

Request Chain 230

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA HTTP 302
https://euc-ice.360yield.com/match?external_user_id=8081740177344610286&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA

226 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request X4lv Show response
iir.ai/
Redirect Chain

https://clk.sh/full?api=1a83dc23a56e37f8d4635da35fc71e6a9e912db2&url=aHR0cHM6Ly9kcml2ZS5nb29nbGUuY29tL2ZvbGRlcnZpZXc%2FaWQ9MEIyNlYxbDRjOEM4SFMwSTRaMUJhVEZWamREUSZ1c3A9c2hhcmluZw%3D%3D&type=2
https://iir.ai/X4lv

43 KB
17 KB

412ms
388ms

Document
text/html

2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f747fda0651d0cd70ff49113de0d7792e48be3f8da83c63c1919ed02305527ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: iir.ai
:scheme: https
:path: /X4lv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da6769bd718bc79f24241b96ebb9e90941589688626; expires=Tue, 16-Jun-20 04:10:26 GMT; path=/; domain=.iir.ai; HttpOnly; SameSite=Lax; Secure AppSession=4ef9912073abe2ad538086e9bba792ad; path=/; HttpOnly; secure csrfToken=c5645f5d7b506b687df51513a24776956122d120ce0bc509a13d95fef51a59d8bd486383ce67dd2ff19513938a11c494cb932c5f1eaf08b534ada6c5a8380e16; path=/; HttpOnly; secure
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 594a7d1b0c7bd6dd-FRA
content-encoding: br
cf-request-id: 02c26c84e20000d6dd55034200000001

Redirect headers

status: 301
date: Sun, 17 May 2020 04:10:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d809bd70215428b71c76ef28ad90f820f1589688625; expires=Tue, 16-Jun-20 04:10:25 GMT; path=/; domain=.clk.sh; HttpOnly; SameSite=Lax; Secure AppSession=deba6e927e725d43947e77d041f33113; path=/; HttpOnly; secure csrfToken=cb892da89ddf676d2519a1f32356ffbae331c10cfe4cce764b768b609b238d9e147bbc88b37428745b24b1f5c78d799ff54c29be21a1d79c7fb7e693c566acd0; path=/; HttpOnly; secure
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://iir.ai/X4lv
pragma: no-cache
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 594a7d17dee91f35-FRA
cf-request-id: 02c26c82e700001f3582b11200000001

GET
H2 200 css
fonts.googleapis.com/ 3 KB
994 B 28ms
16ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 May 2020 04:10:26 GMT
server: ESF
date: Sun, 17 May 2020 04:10:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 May 2020 04:10:26 GMT

GET
H2 200 styles.min.css
iir.ai/cloud_theme/build/css/ 189 KB
31 KB 16ms
15ms Stylesheet
text/css 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2307480
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c866d0000d6dd55047200000001
cf-ray: 594a7d1d7903d6dd-FRA
expires: Wed, 20 May 2020 11:12:25 GMT

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 50 KB
20 KB 218ms
187ms Script
text/plain 2600:9000:2093:2c00:1a:a6:7f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e501993864daeb57d86a50de3302d801ba7eac77e4d3c2833de2b9e6211574f5

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 19762
via: 1.1 376388af58845ad0897ba599cce4d92f.cloudfront.net (CloudFront)
x-amz-cf-id: p7BVPCzkKcvq4UvBm2x9HyWrBCyHLj9BdPdPF9Ms_lUQfJCAc_dj7A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 82 KB
33 KB 35ms
18ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5198df46935ff6e7b1fd4ce8b313c15676a0fcd0b1dd740e1127baaac9f51430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33121
x-xss-protection: 0
last-modified: Sun, 17 May 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 May 2020 04:10:27 GMT

GET
H2 200 hmpglogo228x70.png
clk.sh/webroot/modern_theme/img/ 3 KB
3 KB 17ms
11ms Image
image/png 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/modern_theme/img/hmpglogo228x70.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11198741
cf-polished: origSize=3621
status: 200
content-length: 2976
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 04:31:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Thu, 07 Jan 2021 13:24:45 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c876100001f3582b6c200000001
accept-ranges: bytes
cf-ray: 594a7d1f0c561f35-FRA
cf-bgj: imgq:100

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 47 KB
15 KB 42ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

637c8149532e04cb953a9c5ed5153207e37381bae0ec2ebff89e1804e7e84ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "518 / 337 of 1000 / last-modified: 1589573962"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14772
x-xss-protection: 0
expires: Sun, 17 May 2020 04:10:27 GMT

GET
H2 200 / Show response
d1ks8roequxbwa.cloudfront.net/ 166 KB
71 KB 293ms
244ms Script
text/plain 2600:9000:2016:2e00:15:b448:1e80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:2e00:15:b448:1e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d140678ef34a4759361f150d8d8e8f79f3aad7ca5e27168f8cc6ec84c6f02ea4

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C2
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 72542
via: 1.1 26d7ab8ad101f56719c67579c002221d.cloudfront.net (CloudFront)
x-amz-cf-id: GXrIgrnGVcMqVgqwnfDus4FMlFET-DbWdwo0Rz3ZN-boh6Q_iuYitg==

GET
H2 200 sw_2735511.js Show response
iir.ai/ 93 KB
34 KB 18ms
17ms Script
application/javascript 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/sw_2735511.js

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1986795
status: 200
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Jan 2020 13:23:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c874c0000d6dd55051200000001
cf-ray: 594a7d1eeb7bd6dd-FRA
expires: Sun, 24 May 2020 04:17:09 GMT

GET
H/1.1 200
OK / Show response
d3al52d8cojds7.cloudfront.net/ 305 KB
110 KB 369ms
319ms Script
text/plain 52.84.50.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.84.50.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-50-14.ham50.r.cloudfront.net
Software: /
Resource Hash: b62351fb016a4cf695a2c9d54094490d459c856dc3ed9eddc250e5f4631037f1

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
X-Amz-Cf-Pop: HAM50-C2
X-Cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 112259
Via: 1.1 3ef9a20d3fa6ab2cb9dbcc2f635621ce.cloudfront.net (CloudFront)
X-Amz-Cf-Id: EoVAc_Q9_LQuuj6uDpv1U7y3QBEPAdvKa-ibnxIlaXnvf8C-X2YfsQ==

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
8 KB 47ms
13ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
server: nginx
x-powered-by: PHP/5.4.45
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7677
expires: Mon, 18 May 2020 04:09:51 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 60 KB
10 KB 42ms
8ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 8ddab07193e55bb90bcfde3d72b1e1d2b74fb04cfcd6a6c268a053d2a6b592c1

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9922
expires: Mon, 18 May 2020 04:09:35 GMT

GET
H2 200 ads.js Show response
iir.ai/js/ 192 B
264 B 24ms
18ms Script
application/javascript 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/js/ads.js?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2307480
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Dec 2019 16:40:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c87690000d6dd55054200000001
cf-ray: 594a7d1f0bd5d6dd-FRA
expires: Wed, 20 May 2020 11:12:26 GMT

GET
H2 200 script.min.js Show response
iir.ai/cloud_theme/build/js/ 202 KB
57 KB 29ms
23ms Script
application/javascript 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2307480
status: 200
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c87690000d6dd55055200000001
cf-ray: 594a7d1f0bd6d6dd-FRA
expires: Wed, 20 May 2020 11:12:26 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
918 B 66ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eeee06dff51b711e5ba293b08bc85a3d1b57d80be4e7cc05d5989467cbbe4300

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Sun, 17 May 2020 04:10:27 GMT

GET
H2 200 popunder.gif
boudja.com/ 35 B
365 B 262ms
210ms Image
image/gif 52.222.182.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://boudja.com/popunder.gif
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.182.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-182-122.ham50.r.cloudfront.net
Software: openresty/1.15.8.2 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
server: openresty/1.15.8.2
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
content-type: image/gif
status: 200
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront)
x-amz-cf-id: i0rtpHFIbTS4YbxBFi9M32uvdXwXW-mCSTtP2O5RG8-muE-vAIFqtw==

GET
H2 200 Newbackground.jpg
clk.sh/webroot/img/ 74 KB
74 KB 17ms
12ms Image
image/jpeg 2606:4700:20::681a:ff6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clk.sh/webroot/img/Newbackground.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8622379
cf-polished: origSize=92083
status: 200
content-length: 75966
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Jun 2018 10:09:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Sat, 06 Feb 2021 09:04:07 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c876100001f3582b6d200000001
accept-ranges: bytes
cf-ray: 594a7d1f0c571f35-FRA
cf-bgj: imgq:100

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 20ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Sat, 16 May 2020 07:41:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 73712
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sun, 16 May 2021 07:41:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 4448
date: Sun, 17 May 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sun, 17 May 2020 04:56:19 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 36ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=iir.ai

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=iir.ai

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020050602.js Show response
securepubads.g.doubleclick.net/gpt/ 243 KB
87 KB 15ms
15ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 17:23:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89224
x-xss-protection: 0
expires: Sun, 17 May 2020 04:10:27 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
196 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=7425239&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2FX4lv&ul=en-us&de=UTF-8&dt=ClkSh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1880816280&gjid=10894562&cid=1499951929.1589688627&tid=UA-113561579-2&_gid=850002515.1589688627&_r=1&gtm=2ou561&z=1754100737

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set JWlGMC56agEEZ3UJV3MpNHdBLSc2OksgNSZhUC4tMitVMC0pOx0sJzNqAQQ7JhgGKyMRDngDEzAfUTpyDw1fEC0QI0sQFRANYwAAAghjKi4TA1sMKQYecnEOP3ZqEQAeG30EECQdchc6BThfJBY9GnsGFH4WVyUlDA51ECkTN1wRAC07ZgU1MAF9E3oPC3I1chM3Q...
areasonsimon.club/QkJHTzMjICQiDCN/ Frame CB0C 0
0 197ms
165ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/QkJHTzMjICQiDCN/JWlGMC56agEEZ3UJV3MpNHdBLSc2OksgNSZhUC4tMitVMC0pOx0sJzNqAQQ7JhgGKyMRDngDEzAfUTpyDw1fEC0QI0sQFRANYwAAAghjKi4TA1sMKQYecnEOP3ZqEQAeG30EECQdchc6BThfJBY9GnsGFH4WVyUlDA51ECkTN1wRAC07ZgU1MAF9E3oPC3I1chM3QAYUA390BAM0CWMDKgsacHsuFX4GChV1DXEDNQoEfBMhJgthLXYTCQMlFgAFaQA1MCt9ExQLGnUpewQOAgoVdQ50ChcjLWoABAsadS4qEBt1FhoWdlAQcmorURsDICp2JRd2B1QxAwYlWCYRdg5FGBQ3FWcEMiobdToRFhtAAAUgd3UmFDQ7YXM2IA1iIQgDB2UgGiAafg81Dg1gcjouGGJyCQA1CwcBdytRBC5yLmcELmJ9cRUuKx5mCnceGHU2Dx4jWCYDMHdLBTUjB2Q6GCQXZRQKHn4KCwR2HhUoMSghQ38OPXtbLBcBAAI
Requested by: Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:27 GMT
Content-Type: text/html
Content-Length: 1222
Connection: keep-alive
Set-Cookie: __cfduid=df2bab9d29817134ce9a17cc05c1bb9121589688627; expires=Tue, 16-Jun-20 04:10:27 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d1fff27d8b5-AMS
cf-request-id: 02c26c87fe0000d8b56e10a200000001

GET
H/1.1 200
OK a2pZaksQSCodFB4YNUhxSQItHjsYUHZFIgIYdwsiRBkuNXlcWWxfelpEMxlpR0gqBy1JUGhGaR8LPjUiD0hjSHNbX2FSc0lGexk%2BCTUwDnlJUHtYeVxYaVktWkdvCC4NR21TelJHO1oqWkc8WHldDm5dewkLYAlpFg Show response
aphycolourses.info/ 33 KB
14 KB 139ms
106ms Script
application/javascript 104.16.108.143
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/a2pZaksQSCodFB4YNUhxSQItHjsYUHZFIgIYdwsiRBkuNXlcWWxfelpEMxlpR0gqBy1JUGhGaR8LPjUiD0hjSHNbX2FSc0lGexk%2BCTUwDnlJUHtYeVxYaVktWkdvCC4NR21TelJHO1oqWkc8WHldDm5dewkLYAlpFg
Requested by: Host: iir.ai
URL: https://iir.ai/sw_2735511.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.108.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: dd652691db14dae5724c542669dcb78ea1a1dea90318e4200034e35ac9ef24b4

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:27 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
X-Powered-By: Express
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 02c26c880400009ce24c93a200000001
Server: cloudflare
ETag: W/"8421-/l/jo+bY4a/W7gg3An89B71HA3M"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CF-RAY: 594a7d200b279ce2-AMS
Access-Control-Allow-Headers: X-Requested-With,content-type

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Thu, 23 Apr 2020 17:39:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2025070
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 23 Apr 2021 17:39:17 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
23 KB 216ms
215ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589688627&dt=1589688627198&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=165&adks=3801215253&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

c710ccfd585bd35f98106d667eb2f424ad41d74002068e9adb28029a3b23af84

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16991366620240286116/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16991366620240286116/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM-OuM-DuukCFY2Zdwod8iUIeg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16991366620240286116/728x90/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16991366620240286116/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16991366620240286116/728x90/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM-OuM-DuukCFY2Zdwod8iUIeg&gqi=&layout=/sadbundle/%24csp%253Der3%24/16991366620240286116/728x90/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22471
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 17 May 2020 04:10:27 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 60ms
14ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 415 B
442 B 318ms
318ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1589688627&dt=1589688627208&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3714533483&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=128&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b1bf38291a98d60fdd65f878d9d85c4c825a13937ad4aa09accc2bad62c1e58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 784B 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sun, 17 May 2020 04:10:27 GMT
expires: Mon, 17 May 2021 04:10:27 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7defd63fadb32e56f1c2ac0d85b6fe527a5d6e739cb085eed1d3df2cc19710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1589543025455122"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27726
x-xss-protection: 0
expires: Sun, 17 May 2020 04:10:27 GMT

GET
H/1.1 200
OK popunder.gif
anglishreasts.site/ 35 B
704 B 51ms
22ms Image
image/gif 104.16.108.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglishreasts.site/popunder.gif
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.108.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 May 2020 04:10:27 GMT
CF-Cache-Status: HIT
Server: cloudflare
Age: 17515
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 594a7d229ea0bf46-AMS
cf-request-id: 02c26c89a30000bf46cb98b200000001

GET
H/1.1 200
OK push Show response
areasonsimon.club/ 16 KB
8 KB 676ms
675ms XHR
text/plain 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/push?tid=832300&red=1&cs=anYyeExbQAIeLl9AAEx4UhMFHHxa&abt=0&v=0.5.26.4&sm=83&k=daily%20india%20make%20with%20money%20highest%20paying%20best%20shortener&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fiir.ai%2FX4lv&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_OPE2=1589688627638&crc=1
Requested by: Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77aca46b5bd076dfa8d00ce2d1efb64be1a9f9cf19e711d97b26e6471c257c4

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:28 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
CF-RAY: 594a7d22c986d8b5-AMS
P3P: CP="NID DSP ALL COR"
access-control-allow-origin: https://iir.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
Connection: keep-alive
Content-Type: text/plain
Content-Length: 7485
cf-request-id: 02c26c89bd0000d8b56e114200000001

GET
H/1.1 200
OK Cookie set Bi4kISxlAAssIBA9OyVWNx05LTMNETQmAgQfLzURHy8sVV8MHRRRIBQtGjYCHQ8mNQEENDolNwMANTUkFgc7PCoDcCoyNw93OAMFFhIUEDMGLicdBQQTLzUkJXQvCFcfAgMHLgMpOCMCPgwiIgoAdTohFhYmAyklAgNZLAUXJgwwMBd0LAgRBxADMS8REAE1BQMLD...
areasonsimon.club/bWRmVUUMBgU4egxZBHMwHwhbcHcrQVQTIV4FCmB3CVwFOi8JF1F7JgELEzEjHwsIIWsDARJwdyslBGYEXTYMEAglVQkyAQUXPAANHiM+EAAlBwEPDyoPBSUdFV0oNjIVPjA8HCkqIAxyKDwvIh8uBzU3Ai8iIAcUJwAkNgEoMgk9ASgPMAI... Frame 6B1C 0
0 101ms
100ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/bWRmVUUMBgU4egxZBHMwHwhbcHcrQVQTIV4FCmB3CVwFOi8JF1F7JgELEzEjHwsIIWsDARJwdyslBGYEXTYMEAglVQkyAQUXPAANHiM+EAAlBwEPDyoPBSUdFV0oNjIVPjA8HCkqIAxyKDwvIh8uBzU3Ai8iIAcUJwAkNgEoMgk9ASgPMAIsOCk+OR87LQobFj8mLywUPCUEFhZcLSQXAwgqVj4hKjEsMhcsUSgCFgEoJD09NC4eByEjAyA6BDgUJRcCWAciPQsJLyMABCxVHj8EBFUwFys3PScEFz8vDgchPCINOxAGFCUXBgEnNT4MKDQOByE8JUsDdw8IUxAkXik/Bi4kISxlAAssIBA9OyVWNx05LTMNETQmAgQfLzURHy8sVV8MHRRRIBQtGjYCHQ8mNQEENDolNwMANTUkFgc7PCoDcCoyNw93OAMFFhIUEDMGLicdBQQTLzUkJXQvCFcfAgMHLgMpOCMCPgwiIgoAdTohFhYmAyklAgNZLAUXJgwwMBd0LAgRBxADMS8REAE1BQMLDCIwECI7MgUDBzUhJQI9JCIvORMJIiAQLksOFTorHVkhHy1UMlEnIjkFICMQJQY+
Requested by: Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: csu=3329793d-dc31-4c7b-8d10-3682791decd7; fv=rjk5pjg5pdgGqGEFqjY4qTY5qTs6vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Type: text/html
Content-Length: 1271
Connection: keep-alive
Set-Cookie: __cfduid=d2ebc3130939b4696296e68993e4a06b31589688629; expires=Tue, 16-Jun-20 04:10:29 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d2e1d48d8b5-AMS
cf-request-id: 02c26c90cf0000d8b56e143200000001

GET
H/1.1 200
OK Cookie set cm9DalcTDSAHaBNSIUwiAAN+T2U0SnEsM0EOL19lFlcgBT0WHHRENB4ANg4xAAAtHnkcCjdPZTRdDC4zNSFzEjUlLCs4NEIXJiMwAlgHDRlAK3BaMio7FTMeGQgIL2c7CActbwcuKgIaKC4VHhEaWgc6ETwXAAISAzkqIDExAgE5Hh4cCA4vNxsbLAFFLnEaGSQBN...
areasonsimon.club/ Frame 250D 0
0 120ms
102ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/cm9DalcTDSAHaBNSIUwiAAN+T2U0SnEsM0EOL19lFlcgBT0WHHRENB4ANg4xAAAtHnkcCjdPZTRdDC4zNSFzEjUlLCs4NEIXJiMwAlgHDRlAK3BaMio7FTMeGQgIL2c7CActbwcuKgIaKC4VHhEaWgc6ETwXAAISAzkqIDExAgE5Hh4cCA4vNxsbLAFFLnEaGSQBNwseQiUmITsBGws7AjMuLiMeNwESIg00ORQgAUYGFywwQzdxARsWOA4sMTQpGSc7OwgLOwFAOCpbNTcBEiIeQhwQDhYRXws7AUAtLRI5MAEJBTIgKhAOFhEbEC80AzopHjMkPG5bMj0tcywWMyVmWBE2Fy9bFiUECChlRwwJLy8TJCsgckAtJhIdQi06KAUqLA45MRUHEiNmIwEVEmIYLRsSNSoVETMeJF8QDh80WAcoO0AoG1IHMDd7MDEjWwwzICRXEFsOFTkpXwU3ARESMiMcAgsWIFkLAR1FOnBSGzAsJzgxBSkVDGY8WBQNHhg6Kho0NhYOLTIFHAcgFisAGysCGzoqXnEYHCwEJ086NgZjKgd2DiMhLBkw
Requested by: Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: csu=3329793d-dc31-4c7b-8d10-3682791decd7; fv=rjk5pjg5pdgGqGEFqjY4qTY5qTs6vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Type: text/html
Content-Length: 1251
Connection: keep-alive
Set-Cookie: __cfduid=d2ebc3130939b4696296e68993e4a06b31589688629; expires=Tue, 16-Jun-20 04:10:29 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d2ebdf5d8b5-AMS
cf-request-id: 02c26c91340000d8b56e147200000001

GET
H/1.1 200
OK Cookie set CQ4jO3MfHzs2b3ojIDZdGAwEDFcVKyUUdARUES14NyceC0IVIRA+eh4KIApBLhU6HAInMzQfXA4MEAB6JBIVFWQpHhQScCoxMAhYDzEhP3keKCIKdCoBOw9ndDNFOXcICxMdZh4eMxd0PR4UG1V5IA0+WA8xIgB8fwUxAGd4HhQbUiY0EHdCNycAKnIrMRQcbB8FH...
areasonsimon.club/ZndaNk0HFTlbcgdKOBA4FBtnE38gUmhwKVUWNgN/Ak85WScCBG0YLgoYL1IrFBg0QmMIEi4TfyABDG4XMyYwVX8hIzVdDiUyPHsFXicAcw8SExtsNy40OUIaNSEWZjQJMhhyIRU+aWMAIRoTBBgPLQt/ Frame E3AA 0
0 111ms
111ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/ZndaNk0HFTlbcgdKOBA4FBtnE38gUmhwKVUWNgN/Ak85WScCBG0YLgoYL1IrFBg0QmMIEi4TfyABDG4XMyYwVX8hIzVdDiUyPHsFXicAcw8SExtsNy40OUIaNSEWZjQJMhhyIRU+aWMAIRoTBBgPLQt/CQ4jO3MfHzs2b3ojIDZdGAwEDFcVKyUUdARUES14NyceC0IVIRA+eh4KIApBLhU6HAInMzQfXA4MEAB6JBIVFWQpHhQScCoxMAhYDzEhP3keKCIKdCoBOw9ndDNFOXcICxMdZh4eMxd0PR4UG1V5IA0+WA8xIgB8fwUxAGd4HhQbUiY0EHdCNycAKnIrMRQcbB8FHBdaPhE2DnMqPjMtdS4+NSJvCDAdOHcfDCJobDQuDW5TBCVOOFUINy8AQRsKMDAGPTMZGHMXJSEJeCVWQDtOBwglMFU8NCM1VAAxFBxzfSAQOHcpUSUNeDoiGS5+FAgECWx9PxkTBwhWNR4HIyQlFHIXVSIAbCYkDhRBIh4lDVI1MB0UcC81NhV7GCNFPgcEETIedHszGgh0F1UtDGwPLwA5cAARMRsQJxUYNEZwDR9pZwJeFhhvIVADP0U
Requested by: Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: csu=3329793d-dc31-4c7b-8d10-3682791decd7; fv=rjk5pjg5pdgGqGEFqjY4qTY5qTs6vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Type: text/html
Content-Length: 1272
Connection: keep-alive
Set-Cookie: __cfduid=dedea7f70cee98ff2d57ef44a2a1ba4651589688629; expires=Tue, 16-Jun-20 04:10:29 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d2f191a0b33-AMS
cf-request-id: 02c26c916b00000b3389a67200000001

GET
H/1.1 200
OK Cookie set IQ4POT86PwcuBgMBOQtiLhEsDTw1IiEiIBV3CyIBPBE8GBMfAwczNxElGzkSFncff2IyFH4IIyETfAMZRisIPyclLywPZAUfDhQkMh99GxkeMBk5ETZ1Lw8CTAV+A3VGBQhpPzYOJz12HjQiNCBJHSseOT0ANRw2ET57bgUg
areasonsimon.club/TVpQdEcsODMZeCxnMlIyPzZtUXULf2IyI347PEF1KWIzGy0pKWdaJCE1JRAhPzU+AGkjPyRRdQs8CiEjLD5gEwAGHgEmIzUfJSQsPX9iMh8FHCQmdA8eHCcsFBA4InEMGBU5AwxuNDAweR4ZHQkPPBQ1EysbHQ0GFSo/IRQcHxsgdgY4NzU... Frame F7A9 0
0 110ms
110ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/TVpQdEcsODMZeCxnMlIyPzZtUXULf2IyI347PEF1KWIzGy0pKWdaJCE1JRAhPzU+AGkjPyRRdQs8CiEjLD5gEwAGHgEmIzUfJSQsPX9iMh8FHCQmdA8eHCcsFBA4InEMGBU5AwxuNDAweR4ZHQkPPBQ1EysbHQ0GFSo/IRQcHxsgdgY4NzU3Ag8gQRY0A3VGBQsCBiYeHm4YPjB4bB0lcycYE0Q1CSA/OQoVLRM/ESorHiV3JRkDB3AYND8eJCMIGBYRKWkzHCg9GDlAdwwjMyMLfmMVNywPazEccyAfAz11GDQgIgwnKQUWESlpHiUVOQxjFy4YNCAiIyB3PxsiGx8JFnZ4LgZHJHoYKhMNBDNgJwwqbiU4KwdsGUcNPQsXLhAuAmkyIghqIzkgADYTIw0iFBdFHykgCREOOhg5FQIuLBE3FjUdFzIGKQ0/IQ4POT86PwcuBgMBOQtiLhEsDTw1IiEiIBV3CyIBPBE8GBMfAwczNxElGzkSFncff2IyFH4IIyETfAMZRisIPyclLywPZAUfDhQkMh99GxkeMBk5ETZ1Lw8CTAV+A3VGBQhpPzYOJz12HjQiNCBJHSseOT0ANRw2ET57bgUg
Requested by: Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: csu=3329793d-dc31-4c7b-8d10-3682791decd7; fv=rjk5pjg5pdgGqGEFqjY4qTY5qTs6vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Type: text/html
Content-Length: 1274
Connection: keep-alive
Set-Cookie: __cfduid=d2ebc3130939b4696296e68993e4a06b31589688629; expires=Tue, 16-Jun-20 04:10:29 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-Ranges: bytes
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d2f9ed7d8b5-AMS
cf-request-id: 02c26c91bb0000d8b56e149200000001

GET
H/1.1 200
OK faa1f63da8 Show response
s3.amazonaws.com/8ad36f1aaf8e7d1ff69fcd103e9c1737bada154ca8b66b088fb180de9dd/ 17 KB
18 KB 400ms
113ms XHR
binary/octet-stream 52.216.134.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/8ad36f1aaf8e7d1ff69fcd103e9c1737bada154ca8b66b088fb180de9dd/faa1f63da8
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.134.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6bba33743ffacde5c607cbdd2de13c04e2cb02727068edc8859b395b68e3f383

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:31 GMT
x-amz-meta-pragma: no-cache
x-amz-request-id: 9CB539907D66AB72
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length: 17348
x-amz-id-2: yCP7G3rczJn4XwkVhVX2WNDSRtVhoXtVk7f6R0QVFfNC/Cbugsd+zU1U0eQnEzQNeNtoHp4sxVc=
Last-Modified: Sun, 17 May 2020 00:15:04 GMT
Server: AmazonS3
ETag: "5cc9cf821f13817fff95188b20e2d23e"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 404ms
404ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie=ID%3D041b6a6b7a415b90%3AT%3D1589688627%3AS%3DALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw&cookie_enabled=1&bc=31&abxe=1&lmt=1589688629&dt=1589688629723&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=299&adks=3880278309&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=21&icsg=2140814&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x314&msz=945x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a59bfd2e9e280d6bfc4a6f5cfa2fd8aaf3c5ca1d7db00224bccc79b1a0d32fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 636ms
635ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie=ID%3D041b6a6b7a415b90%3AT%3D1589688627%3AS%3DALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw&cookie_enabled=1&bc=31&abxe=1&lmt=1589688629&dt=1589688629732&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=614&adks=2252918807&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=25&icsg=8563258&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x629&msz=945x280&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

27caf6c5bbdda20effaf7aa49d678656bbf9edfafcdb435898a7a723937942c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10947
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 845ms
845ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2C2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_ex1&cookie=ID%3D041b6a6b7a415b90%3AT%3D1589688627%3AS%3DALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw&cookie_enabled=1&bc=31&abxe=1&lmt=1589688629&dt=1589688629737&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=50&adks=1372485172&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=29&icsg=34253034&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b3a71c301b44349358adfef1a14f519ed14a7c57bf5c9f44d387a4f6e56199c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11992
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 1001ms
1001ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie=ID%3D041b6a6b7a415b90%3AT%3D1589688627%3AS%3DALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw&cookie_enabled=1&bc=31&abxe=1&lmt=1589688629&dt=1589688629741&dlt=1589688626792&idt=389&frm=20&biw=1600&bih=1200&oid=3&adxs=392&adys=1109&adks=2688864132&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=33&icsg=137012138&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

6b05744bd366334526e95100c02d84e39efef19fb4045931a7c62ed26f960cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11863
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
12 KB 1217ms
1217ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2649940683256553&correlator=983025264782531&output=ldjh&impl=fif&adsid=NT&eid=21066031%2C21065513&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200517&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie=ID%3D041b6a6b7a415b90%3AT%3D1589688627%3AS%3DALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw&cookie_enabled=1&bc=31&abxe=1&lmt=1589688629&dt=1589688629747&dlt=1589688626792&idt=389&frm=20&biw=1585&bih=1200&oid=3&adxs=643&adys=934&adks=363645630&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FX4lv&dssz=37&icsg=548048554&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x250&msz=945x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1499951929.1589688627&ga_sid=1589688627&ga_hid=7425239&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

42eefefaab1100bf292d201ea64f011bde4ce727687d4b7216cf321a7bdbf617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12432
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 132ms
33ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Server: nginx
X-IPLB-Instance: 29894
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 8ms
7ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Mon, 18 May 2020 04:09:49 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 9ms
8ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Mon, 18 May 2020 04:09:46 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 297ms
99ms Script
application/x-javascript 198.148.27.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 58ms
13ms Script
application/javascript 52.222.182.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1ad45
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.182.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-182-109.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 May 2020 16:01:42 GMT
Content-Encoding: UTF-8
Connection: keep-alive
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 43728
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3bfd04a794dcee9eaf362ae07e8fbe20.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: T6igaoKaT5EUE4WpTmO1fYVS2JerK6ZaYfcFvg1YZKupQ4-qj3PJRA==

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

27 KB
9 KB

44ms
8ms

Script
application/x-javascript

68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 10:06:15 GMT
server: ECS (fcn/40E6)
cache-control: max-age=86400
age: 64994
etag: "308b0663b760da8cd1006f7a3f2458d5:1589537175"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
x-n: S
accept-ranges: bytes
content-length: 8932

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sun, 17 May 2020 04:10:28 GMT
cache-control: private
content-length: 159
content-type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
349 B 51ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
server: Microsoft-IIS/10.0
date: Sun, 17 May 2020 04:10:29 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 151ms
39ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame D63C 0
0 80ms
26ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1589688629752

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1589688629752
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame 60BD 0
0 51ms
28ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
date: Sun, 17 May 2020 04:10:29 GMT
content-type: text/html
set-cookie: __cfduid=daad24a8affc5a103e9dce57ce9231dc41589688629; expires=Tue, 16-Jun-20 04:10:29 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=7a2385f7-8ecd-41c7-483a-ab8da7d3e8d3; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=7a2385f7-8ecd-41c7-483a-ab8da7d3e8d3; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=%01%9E%AE%E7%E6%A7%CFU%F2%09xF%BC%8CM%02%B0%B0%F8os%E6%7F%DB%88%B3%C8a%13%BB%99%0C%3E%0E.%FC%C1%28%C0%07%8A%B1Q%B8%81%3B%D8_%15u%09%BBu%26q%B0%25%25%5Em%C4%A8Y%F6%CD%EE%10%C0%ED%E7%02%16%92%BC%D3%F28%92%F5%9B%BC%C3%ECdi%D9%09%88%BC%A2S%B8n%B9%A4%A8e; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 594a7d30282b97d8-FRA
content-encoding: br
cf-request-id: 02c26c921a000097d883b7d200000001

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 21 KB
8 KB 45ms
9ms Script
application/x-javascript 91.228.74.133
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17-May-2020 04:10:29 GMT
Server: QS
Etag: M0-004a9efe
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Strict-Transport-Security: max-age=86400
Content-Length: 8025
Expires: Sun, 24 May 2020 04:10:29 GMT

GET
H2 200 3eb726df-5241-4879-9ab8-4279ae83044a Show response
tmzr.pubstack.io/v1/tag/ 1 KB
841 B 100ms
32ms Script
application/javascript 52.31.182.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/3eb726df-5241-4879-9ab8-4279ae83044a
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.182.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-182-127.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 17c809f33251051ffa22b0e53d65920647d693d53c465c591db3250502f2b1b0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:29 GMT
cache-control: private, max-age=120
content-encoding: gzip
content-length: 722
content-type: application/javascript

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 61ms
14ms Script
text/javascript 54.230.55.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.55.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-55-98.ham50.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 16 May 2020 11:34:35 GMT
Via: 1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 59754
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: HAM50-C1
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: O_qxyy0SLLHc3ZPvjUH8AitVHtpG2Q-efj0dCebiQTU18OhX4r9RZA==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 35 KB
12 KB 31ms
8ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:29 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 May 2020 03:15:34 GMT
Server: Apache
ETag: "9057d4-8bc6-5a5cf75b03ed0"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=468
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12312
Expires: Sun, 17 May 2020 04:18:17 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 394 KB
126 KB 10ms
7ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5dfc9288f5281f2c559f14d366adf563f1a17b987554876469b161fe48abeed1

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
last-modified: Mon, 11 May 2020 21:35:02 GMT
server: nginx
etag: "33d3f-62974-5a5661e999b3b"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 128463
expires: Mon, 18 May 2020 04:09:49 GMT

GET
H2 200 footer.jpg
iir.ai/cloud_theme/build/img/ 6 KB
6 KB 19ms
16ms Image
image/jpeg 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iir.ai/cloud_theme/build/img/footer.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7491489
status: 200
content-length: 6152
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c92070000d6dd550f9200000001
accept-ranges: bytes
cf-ray: 594a7d300b3ad6dd-FRA
expires: Fri, 19 Feb 2021 11:12:19 GMT

GET
H2 200 fontawesome-webfont.woff2
iir.ai/cloud_theme/build/fonts/ 75 KB
76 KB 15ms
12ms Font
font/woff2 2606:4700:3033::681c:1f0a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iir.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://iir.ai

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 226257
status: 200
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-request-id: 02c26c92060000d6dd550f8200000001
accept-ranges: bytes
cf-ray: 594a7d300b38d6dd-FRA
expires: Thu, 21 May 2020 13:19:31 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://iir.ai

Response headers

date: Mon, 11 May 2020 17:33:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 470216
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Tue, 11 May 2021 17:33:33 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 264 KB
76 KB 52ms
17ms Script
text/javascript 2600:9000:2070:c00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:c00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f670db094f8157451312a2d25ce34fd67f622e07d356f9db841224cceeeed2d

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 03:59:11 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 20:38:20 GMT
server: AmazonS3
age: 1115
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: h28QtdyLGshUVVmfEpGTPvwRvLdGcx4JktXT_oF3M2Z7UctKUOIfBQ==
via: 1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)

GET
H2 200 MN045OEZUIVdeeUMnXQV+B3sBAH4RJEpXKEdzfUwpWhlUWhBcFh9MPFNzCx4qViBeBWBSIFoFdxEvXVp7B2hNSClcc0xWIlIoUFYjU2hMWXtaIUNRKlsvHAoAAmAJHXQHZlRZJV4gTVc1X2sKemMFflBWMlIiHAp2Wi9aHXQHIUoddAc2HAp2Bn5mCXJoex-AddAc... Show response
dc5k8fg5ioc8s.cloudfront.net/ 302 B
555 B 182ms
180ms Script
text/plain 2600:9000:2093:2c00:1a:a6:7f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/MN045OEZUIVdeeUMnXQV+B3sBAH4RJEpXKEdzfUwpWhlUWhBcFh9MPFNzCx4qViBeBWBSIFoFdxEvXVp7B2hNSClcc0xWIlIoUFYjU2hMWXtaIUNRKlsvHAoAAmAJHXQHZlRZJV4gTVc1X2sKemMFflBWMlIiHAp2Wi9aHXQHIUoddAc2HAp2Bn5mCXJoex-AddAcvSUgqUjlcWi1eOhwKAAJ9DhZ1AWsLCG5cJk1VKhJ8eh10ByJQUyMSfAlfI1QlVhFjBX5aUDRYI1wddHF5DRZ2GX0OCn8Zfw8BYwV+SlkgVjxQHXRxewoPaAR4H017
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:2c00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4943a1deb973aa7dc30efda4bf30f9683c11397e03d16ee6385cd99db5ad1e87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 278
via: 1.1 376388af58845ad0897ba599cce4d92f.cloudfront.net (CloudFront)
x-amz-cf-id: -cFJLa3zVqQJ-Wg79MJdkiac6FK2rwVGwJBJPMyY_8L7zks6sAdfMg==

GET

8.gif
id5-sync.com/c/12/108/2/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent=
https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOSlMPK2CihYNruDjQ03aSKLJwO1i_cK_MVlhDkg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd...
https://id5-sync.com/c/12/3/7/3.gif?puid=1d0b5ec0-b935-4800-90bc-3b6cd48dd18f&gdpr=1&gdpr_consent=
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F6%2F4.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F6%2F4.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D&xl8blockcheck=1
https://id5-sync.com/c/12/103/6/4.gif?puid=69e6257b72526337dcaa4cddf2e7c59d&gdpr=1&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F5%2F5.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/10/5/5.gif?puid=7892004141704046155&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
https://id5-sync.com/c/12/19/4/6.gif?puid=1a19bf907847da0040e9ff0ea7779cdc&gdpr=1&gdpr_consent=
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
https://id5-sync.com/c/12/101/3/7.gif?puid=d62cc146-a377-4f72-9665-92b8794cd9d2&gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F2%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
https://id5-sync.com/c/12/108/2/8.gif?puid=595be331-97f4-11ea-a011-426c53b1b576&gdpr=1&gdpr_consent=

0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/ 299 KB
122 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/JPZ52lNx97aD96bjM7KaA0bo/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 21:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 May 2020 19:09:25 GMT
server: sffe
age: 110038
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124431
x-xss-protection: 0
expires: Sat, 15 May 2021 21:36:31 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
535 B 56ms
48ms XHR
application/json 52.49.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.73.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-73-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b9b3ddaacf3434213c39c2c424828a1d047b65a5dd09bf824095c8630501aa82

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://iir.ai
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 16 Jun 2020 04:10:29 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
967 B 46ms
14ms Script
application/x-javascript 2600:9000:2070:2800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 03:57:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 799
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: VYJrOe9ktkAZkoc0PYMKH03iUc6TS8j1y-1fpmUFMLYAYCp8FX-BvQ==
via: 1.1 fd2461c1fc276b0abb08db5092b879f2.cloudfront.net (CloudFront)

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
746 B 33ms
16ms Script
application/javascript 2606:4700:e6::ac40:c107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:29 GMT
content-encoding: br
cf-cache-status: HIT
age: 801
status: 200
x-amz-request-id: 7E2F992343116AD7
x-amz-id-2: nmmr0UrBkvVpjftHGu5p6CU04sxhGduqLBsvh9rnUeGjmG6nY23UipPqJyn6TSm0xvmlFUBXVjI=
last-modified: Mon, 06 Apr 2020 11:18:51 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 02c26c929f0000c2d697b8f200000001
cf-ray: 594a7d30fe00c2d6-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 18:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 897279
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 May 2021 18:55:50 GMT

GET
H2 200 monitoring-502ee69.js Show response
cdn.prod.pubstack.io/ 76 KB
24 KB 24ms
7ms XHR
application/javascript 34.95.76.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.pubstack.io/monitoring-502ee69.js
Requested by: Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/3eb726df-5241-4879-9ab8-4279ae83044a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.76.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.76.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2aa8fcceee410223c34cec4f9d1ccbb677ca16bfa138098e6e501289f8d86675

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 03:27:12 GMT
content-encoding: gzip
age: 2597
x-guploader-uploadid: AAANsUk12PdPnr_fYDCcvML5ESlGWJYd_OiuUFXwB7Cd9FcaYBb1-Tq-0gEUtWHKwLu7nfq7JnRNDepKOVWcG2CKJ47ltnOQpw
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 23904
last-modified: Fri, 15 May 2020 20:00:48 GMT
server: UploadServer
etag: "380f616ac542da4e7a56dd727d86bf06"
vary: Accept-Encoding
x-goog-hash: crc32c=IoGJhQ==, md5=OA9hasVC2k56Vt1yfYa/Bg==
x-goog-generation: 1589572848126838
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 23904
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 17 May 2020 04:27:12 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v33/ Frame 339A 0
0 48ms
14ms Document
text/html 2600:9000:2016:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v33/cmp-3pc-check.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v33/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 14 May 2020 20:38:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 17 May 2020 03:57:57 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 8640a37b586353bc916562c577770223.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: MNAQhcyyaWb5aJWpLHt-bgI37pi6QmPXTeCzfqjqwS93kl2hglDSFg==
age: 1292

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
330 B 38ms
18ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fiir.ai%2FX4lv&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:30 GMT
Server: Apache
Content-Type: text/plain
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 17 May 2020 04:10:30 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 62 KB
18 KB 34ms
20ms Fetch
application/javascript 2606:4700:e6::ac40:c107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1440
status: 200
x-amz-request-id: A0FB1D9DF0DF5F5B
x-amz-id-2: LeOfYIsxsVVG4gnLxZ8wgKbhgDVwDxxRMk+NiWPIR61Xl+MkZoWK21dcxKWk+gm4di12RbnjBgA=
last-modified: Mon, 06 Apr 2020 11:18:49 GMT
server: cloudflare
etag: W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 02c26c92fb000097249f033200000001
cf-ray: 594a7d319ba89724-FRA

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 56E9 0
0 32ms
32ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=wjj3vj9zotke

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eT+L9W+8dkP/z7PFX5YlYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&size=normal&cb=wjj3vj9zotke
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 17 May 2020 04:10:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-eT+L9W+8dkP/z7PFX5YlYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10633
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v33/ 257 KB
74 KB 18ms
17ms Script
text/javascript 2600:9000:2016:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2016:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0698cc3dda9964a86ee88a18cc88e2b9ffa64dd4e36785d8a748ba827e5b0984

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:06:17 GMT
content-encoding: gzip
last-modified: Thu, 14 May 2020 20:38:14 GMT
server: AmazonS3
age: 254
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: FY9n9OlLONwuRG3WYgrHtKLcQ2rfUM96GnFPzy3HoEwl17i_pYgS_w==
via: 1.1 8640a37b586353bc916562c577770223.cloudfront.net (CloudFront)

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
517 B 147ms
48ms XHR
application/x-javascript 54.246.118.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:30 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 May 2020 04:10:30 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 8emM2Rk5FF18ic01QB3V6TQ%3D%3D Show response
d7016uqa4s0lw.cloudfront.net/ 305 KB
110 KB 240ms
199ms Script
text/plain 2600:9000:2070:7000:b:187f:8500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7016uqa4s0lw.cloudfront.net/8emM2Rk5FF18ic01QB3V6TQ%3D%3D
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:7000:b:187f:8500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 376bd91cc0e6421b9314fcde31139b23a7d3994853bae82a3ffc4c0c2c272ab0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:30 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C3
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 112258
via: 1.1 37a8538fed1be46ab7adb41198e40182.cloudfront.net (CloudFront)
x-amz-cf-id: 9m61XlFpaIYi2_K8aJkVHSxUbc65jpQMO0b3kiKlCS7W2OuEjItiCg==

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 96 KB
18 KB 80ms
48ms XHR
application/json 2600:9000:2093:ce00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:ce00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 14 May 2020 16:41:21 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 214150
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 May 2020 16:00:38 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: oryAqtW55oj7QvuzASYlO.XAkJkJoBG.
via: 1.1 6582c239f47eb90b881c158927e7aa19.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: rsthetmIL6KoVSizL0PlZnxtVAexEWw8p4szEJXjd7-yupQ5BXfBUw==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 0CD1 204 KB
57 KB 95ms
27ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/
Origin: https://iir.ai

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 0CD1 204 KB
57 KB 74ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 0CD1 16 KB
6 KB 107ms
39ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5877
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cf1fef681ae7494f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 0CD1 98 KB
30 KB 105ms
37ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48920
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30100
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "023298bf906f9a2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 0CD1 4 KB
2 KB 104ms
36ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1637
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eed6b15e1dd2165d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 0CD1 48 KB
15 KB 102ms
35ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52119
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15361
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d0b45204c403cb94"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0CD1 5 KB
761 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 May 2020 04:10:30 GMT
server: ESF
date: Sun, 17 May 2020 04:10:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 May 2020 04:10:30 GMT

GET
DATA 200
OK truncated
/ Frame 0CD1 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 283bdb4de61fb1f655270024a9f22f97a9bad05bc590a3f120d8ce67c6cde30b

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ 21 KB
7 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 15078
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7437
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 23:59:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1b9b229ae83eaa45"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 23:59:12 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD1 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61292
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD1 295 B
398 B 46ms
44ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0CD1 0
0 50ms
49ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKaIMTjBavj4e6TGioOJp6ze5YUN50eVYl8QGMu2BtKbJLbuNOlZOl4fWtHL8KGqUlG5Ob
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0CD1 0
0 51ms
49ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C218zNbnAXu6jLrGorATN2bWQBPXtop5dyZOCteIKhpKgiowOEAEgiLGRH2CV4pCCoAegAeaVyvYCyAEBqQJJt7z0_1CBPuACAKgDAcgDCqoE2gFP0NxILOnvZwgWkWANm3s0dUP1IHIA5rmmpnazXXMS_d3EwpiaWbeI8osiSer1euAwfBJhBAKBH5V6riBOSxfus0GHnVARBnP1DIrkxKsdKb7liqSqRzcClvIYddAj_Aa9smBq3JWHsUuBQTROgdYbfZLmtjGVSt42TrUAS_oDHo1UO-SERrhev9Rw3nyIqkL19c-PJfF58L_iZa4wCvx6wRag5nR6AifnCarSbyYsEg54c1A9LSza9ewrUZ2ybm_cLTA80uMiQShV6d39B-JuNe-c-Gd_Ky-Z6cAE1Ybzvt4C4AQBkgUECAQYAZIFBAgFGASAB4LqtYkBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKW0EdIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTC4gUBw&sigh=05zVdmr-kX0&tpd=AGWhJmtciMuzv1qwcSUdx819XWPjwQqPDcrztQ4CR5771PCZGg
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0CD1 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://iir.ai

Response headers

date: Sat, 16 May 2020 07:48:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 73323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 16 May 2021 07:48:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 0CD1 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://iir.ai

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2781811
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 8EBE 0
0 41ms
41ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=fe8iughf2v8e

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q5fjjrfN6xgqZ2BA7ezQ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=JPZ52lNx97aD96bjM7KaA0bo&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=fe8iughf2v8e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 17 May 2020 04:10:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-q5fjjrfN6xgqZ2BA7ezQ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1182
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 purposes-es.json Show response
vendorlist.consensu.org/ 4 KB
2 KB 14ms
14ms XHR
application/json 2600:9000:2093:ce00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/purposes-es.json?timestamp=1589688630310
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2093:ce00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01b0ea0798221a956d710ce61b9c4195d7cff368c372f51c52ee3faadd1d6081

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 00:34:42 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 185749
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 May 2020 16:21:33 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: adk1uruQWqDQXGn0oOrKlgWkVYakWj5h
via: 1.1 6582c239f47eb90b881c158927e7aa19.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: HAM50-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: AR9JGeujy1D-QnwQQvRGH51cqqmsKQbnYzsstIXBr6jWCTa-ZQ4TuA==

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 791B 204 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/
Origin: https://iir.ai

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 791B 204 KB
56 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 791B 16 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5877
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cf1fef681ae7494f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 791B 98 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48920
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30100
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "023298bf906f9a2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 791B 4 KB
2 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1637
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eed6b15e1dd2165d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 791B 48 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52119
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15361
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d0b45204c403cb94"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 791B 5 KB
715 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 May 2020 04:10:30 GMT
server: ESF
date: Sun, 17 May 2020 04:10:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 May 2020 04:10:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 791B 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61292
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 791B 295 B
353 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
DATA 200
OK truncated
/ Frame 791B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cae9edcfb437e24e01ecf0423d50cbf88025e19df5ea7f79a6f800c58fe9d31d

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 791B 0
0 14ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbVRY1dig07Lj803FJuaeGUvS5ECrjaMehNNVMGHRelS1s9PAOBDqJVztoPFiNsZwJlLA9
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 791B 0
0 18ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cys_HNrnAXoefBpmOrAST2bHYAbjFgOBcsv6I47YKsJAfEAEgiLGRH2CV4pCCoAegAe3pqIoDyAEBqQJJH9SBeieyPuACAKgDAcgDCqoE1QFP0DQzD1Ghi0YR6Ss3S5vmo5spJE94zBu_YI5s1JvLxR2QlwERUz4jQ4rluPk0x92rzCTw_4dIfxuRty2YUayNS0TSFA0gN1ffqCxNYCs_EMeIxck5POK22teR32X57_mugxOJF39Ew-aHz0jgAaiYXU94BA2AePk7uaAVwtnTeLGYNcO4T25zaCJOGnWYeuyT60IvkQt7TikeLB_oG-kmtYuCL3hJwFLHcTi6xxin7UQTQgxuMBtBTxqGO7diivixGY-cFSMLIMSQlQcBZN_oTjpu40DABNb22MakAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAf7ldd1qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJP4D9IICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tNDg1MjkxNTkwNTkzNjEyNIAKA8gLAdgTDQ&sigh=cIuLt995E4Q&tpd=AGWhJmvNhlSfTaX5Qq9tZUuFE3ZW6vmyngsYLcYZwhQi1xNN3A
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
259 B 34ms
19ms XHR
application/json 18.156.186.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.156.186.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-186-116.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:30 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://iir.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET
H/1.1 200
OK Cookie set fzsgCxR4Aj82Cx0pNj0eITw1G38cNC9odj4UDT0FCwsmAQA9Ky4SfyZgLwgDJBQ0GA8SOjEPFwk4MjoIfzomCAwwAhotDAs9PRMqe2MzFzYPYzMyCz4FIBg+CD0TESgMJDEAKRwlNC4MeQINFAQLG0cKLz0gMhMlH2A0NRstADM9KwgbExwDDGYvEAsDYTQ1C2w5B...
areasonsimon.club/WU5KU3c4LCk+SDhzKHUCKyJ3dkUfa3gVE25+e2UCKC9+IEc1OWQwGzY7LjUFNiA+fRk8Om9hMTMbJ2sNCwYLKzYffiMHDgAJHGAbERQMIDM/CwxjNQwPOBseEx0pFyJrAwtjMB8MfjkgPhw9FTQ+IhIEPhwFCyA4PSITdkUbCiZjHQ0WGxg... Frame 6811 0
0 315ms
315ms Document
text/html 104.16.107.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://areasonsimon.club/WU5KU3c4LCk+SDhzKHUCKyJ3dkUfa3gVE25+e2UCKC9+IEc1OWQwGzY7LjUFNiA+fRk8Om9hMTMbJ2sNCwYLKzYffiMHDgAJHGAbERQMIDM/CwxjNQwPOBseEx0pFyJrAwtjMB8MfjkgPhw9FTQ+IhIEPhwFCyA4PSITdkUbCiZjHQ0WGxgvCioECkc1HQMRPS8ZMgYPHBlyEC8dehADEBcdEwY+DBkiYkcPGQg1MCAlGB4mAyoHEU8xDDIJRBQgLjc2IH4vGRApKBMGPTAPJhoZDxkINS8dKhwKMWACEwY9MBYtHhUIGRMkNTR/HAoxYB0EEjZ8fAgQHHQfIhYdMgkYYTEaCAw8Njp/fzsgCxR4Aj82Cx0pNj0eITw1G38cNC9odj4UDT0FCwsmAQA9Ky4SfyZgLwgDJBQ0GA8SOjEPFwk4MjoIfzomCAwwAhotDAs9PRMqe2MzFzYPYzMyCz4FIBg+CD0TESgMJDEAKRwlNC4MeQINFAQLG0cKLz0gMhMlH2A0NRstADM9KwgbExwDDGYvEAsDYTQ1C2w5BDYgOm40KAgoMUIJIDtmQG0qMBkZ
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.107.82 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: areasonsimon.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: csu=3329793d-dc31-4c7b-8d10-3682791decd7; fv=rjk5pjg5pdgGqGEFqjY4qTY5qTs6vdw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Date: Sun, 17 May 2020 04:10:30 GMT
Content-Type: text/html
Content-Length: 1257
Connection: keep-alive
Set-Cookie: __cfduid=dad2ed66543a86ea7dc01f95f5ba61e331589688630; expires=Tue, 16-Jun-20 04:10:30 GMT; path=/; domain=.areasonsimon.club; HttpOnly; SameSite=Lax; Secure
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 594a7d358d20d8b5-AMS
cf-request-id: 02c26c95740000d8b56e161200000001

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 6F2D 204 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/
Origin: https://iir.ai

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 6F2D 204 KB
56 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6F2D 16 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5877
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cf1fef681ae7494f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6F2D 98 KB
29 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48920
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30100
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "023298bf906f9a2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6F2D 4 KB
2 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1637
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eed6b15e1dd2165d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6F2D 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52119
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15361
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d0b45204c403cb94"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6F2D 7 KB
775 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 May 2020 04:10:30 GMT
server: ESF
date: Sun, 17 May 2020 04:10:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 May 2020 04:10:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F2D 2 KB
3 KB 8ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61292
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F2D 295 B
356 B 12ms
10ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/14490606474457959613/ Frame 6F2D 22 KB
22 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14490606474457959613/2076313506083323656

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d45dd84477be5b89fb8da95273325a01810fb7c41515c05789c7db2666312612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 02:20:04 GMT
x-content-type-options: nosniff
age: 6626
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22440
x-xss-protection: 0
last-modified: Thu, 07 May 2020 13:31:11 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 02:20:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12554713804455015874/ Frame 6F2D 16 KB
16 KB 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12554713804455015874/downsize_200k_v1?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

179836e37a19db6a2f6fcb8d1669ca77da7fedd0670a9a1edf6c9b284bdbf847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 02:12:21 GMT
x-content-type-options: nosniff
age: 7089
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16078
x-xss-protection: 0
last-modified: Thu, 07 May 2020 13:30:56 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 02:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 6F2D 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6F2D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14a0cdcbea2411d61eeed78faee99571d52414f5cebb0bc6272e35382a36effe

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F2D 0
0 23ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSid7M5rAyjL6VdFwrTEyyq54FLpXDHiky903aYXFKWU5w_JSUc8Nz9E5C8CSSdbEzGqqvo
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6F2D 0
0 28ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CySRpNrnAXqf8FJCT3gOZkozAA5jugaFdlrj7ga0L-uvS4LIBEAEgiLGRH2CV4pCCoAegAc_lqtoCyAEJqQJJH9SBeieyPuACAKgDAcgDCqoE2gFP0I1nD6f9NwWHTyw9ka_czb9VRWZL5eZ7XMUUOMNfsBMTerpNOGZsspxagdq14NzuELKtdkQ_V9K7nsZLrQoGWOxUZEHptpnzEp0_W2h14ImiuDdaHTbk5rRuVRYdj7Pby-ryjpqD-aePxHqZZ8zBkr_ByToj-XgwhSPHcN-2oYXXg2vJwMSr3To_3h8H0erSuQddS_Ch69TPy1YfgGWbmDqTpfdpMWKilmVPHxjLL3V6ay9eWhQxi5F_02W-p6qI1f5w69yT7EwBhzT-cLNaUzFqnx-L0030gcAEx-SOsvMC4AQBoAYugAeZmtWlAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBDSkATSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAI&sigh=-K0SGLoNmCI&template_id=484&tpd=AGWhJmtw0hnCU_VnUMrO0FjpKgUK2t-ZqTt-mAV4EiLaR6_UeA
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 9B38 204 KB
56 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/
Origin: https://iir.ai

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 9B38 204 KB
56 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48917
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 9B38 16 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5877
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cf1fef681ae7494f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 9B38 98 KB
29 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48920
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30100
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "023298bf906f9a2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 9B38 4 KB
2 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52121
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1637
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eed6b15e1dd2165d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 9B38 48 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52119
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15361
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d0b45204c403cb94"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B38 4 KB
675 B 21ms
19ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 May 2020 04:10:30 GMT
server: ESF
date: Sun, 17 May 2020 04:10:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 May 2020 04:10:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B38 295 B
356 B 6ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12626067462066618870/ Frame 9B38 9 KB
9 KB 7ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12626067462066618870/downsize_200k_v1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fda3056632194238e89c073c85b03aa3727b3a9755f15f6d6b5cfcedbb54c342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 12:18:13 GMT
x-content-type-options: nosniff
age: 2303537
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9006
x-xss-protection: 0
last-modified: Wed, 15 Apr 2020 09:48:10 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Apr 2021 12:18:13 GMT

GET
DATA 200
OK truncated
/ Frame 9B38 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3699e38d01ef59bc52ce944726178ac186225aa75d8eb68629c411c37729b9eb

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B38 2 KB
3 KB 14ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 May 2020 02:30:18 GMT
x-content-type-options: nosniff
server: cafe
age: 6012
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 18 May 2020 02:30:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B38 0
0 22ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS46vFh3sKXII4cUyzybLQDM5ZmCZofgvhwcI0tsbXDM2JInAEa2abETIA8QiaDEGrHfriO
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B38 0
0 26ms
17ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY_XBNrnAXvmfIdTX3gOhhbDAA5rE86FdxoaZ5aILv-EeEAEgiLGRH2CV4pCCoAegAaze4vYCyAEBqQLNAlbo2DV7PuACAKgDAaoE1wFP0P0BbZwpglJcVGI8-8cLlaSGg7XrNWAePg90pIXb39AYtQNdiZdXD3OuyNxfzi3gvT_V52QSz6uc2sSIxYU_CVVSSpdQp6_KNP6gvuV9GIz8E3aOCHFHAbbW1trqXlSvNzEpOnBSFXPFLFez1hFzE-fZgYL2l2SBAVHVUwM704bTiGzFH9SOVDsVP9F5gfPH6e1L-4VF--6T7DcGO2gL5Hijg9w9gHsMWZ5V4hL0ODGY9JUHeVS6PQhOaim4tMtqRX9_8fBMHqhO4GBOVUHta3A_VjaxTsAEw9v9_fYC4AQBgAeLteawAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBC20gnSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=S9qyQq9qyLU&template_id=5001&tpd=AGWhJmuZETwQnelVNiGlCCfyEoHlNQVvwdGt5dSJhao8Nns9lw
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 791B 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://iir.ai

Response headers

date: Sat, 16 May 2020 07:48:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 73323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sun, 16 May 2021 07:48:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 791B 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Origin: https://iir.ai

Response headers

date: Tue, 14 Apr 2020 23:26:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2781811
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 14 Apr 2021 23:26:59 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD1 2 KB
3 KB 6ms
4ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61292
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0CD1 295 B
357 B 11ms
10ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20773
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK popunder.gif
anglishreasts.site/ 35 B
704 B 20ms
19ms Image
image/gif 104.16.108.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://anglishreasts.site/popunder.gif
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.108.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Sun, 17 May 2020 04:10:30 GMT
CF-Cache-Status: HIT
Server: cloudflare
Age: 17518
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 594a7d376b37bf46-AMS
cf-request-id: 02c26c96a20000bf46cb9bc200000001

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6F2D 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://iir.ai

Response headers

date: Wed, 15 Apr 2020 00:22:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2778496
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 15 Apr 2021 00:22:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 6F2D 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://iir.ai

Response headers

date: Mon, 13 Apr 2020 13:00:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2905824
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 13 Apr 2021 13:00:06 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 9B38 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://iir.ai

Response headers

date: Wed, 13 May 2020 00:51:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:26 GMT
server: sffe
age: 357517
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Thu, 13 May 2021 00:51:53 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 9B38 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin: https://iir.ai

Response headers

date: Mon, 13 Apr 2020 11:22:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:18 GMT
server: sffe
age: 2911654
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Tue, 13 Apr 2021 11:22:56 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 791B 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61293
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 791B 295 B
362 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20774
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 08AD 204 KB
56 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/
Origin: https://iir.ai

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48918
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005012256000/ Frame 08AD 204 KB
56 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48918
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57019
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bf14143de8659308"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:13 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 08AD 16 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52122
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5877
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cf1fef681ae7494f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 08AD 98 KB
29 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 48921
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30100
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 14:35:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "023298bf906f9a2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 14:35:10 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 08AD 120 KB
31 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-animation-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b386f64be2a20d29378b254c10cb28928526c898e715043375de66c9365e4eb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 1536
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31167
x-xss-protection: 0
server: sffe
date: Sun, 17 May 2020 03:44:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c2dc7be11b665118"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 17 May 2021 03:44:55 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 08AD 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52122
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1637
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eed6b15e1dd2165d"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005012256000/v0/ Frame 08AD 48 KB
15 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52120
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15361
x-xss-protection: 0
server: sffe
date: Sat, 16 May 2020 13:41:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d0b45204c403cb94"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 13:41:51 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08AD 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61293
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08AD 295 B
358 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20774
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
DATA 200
OK truncated
/ Frame 08AD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79a2ff87a74b4bd7e1524e36f50c7eb9cdb529ba121bcf4a9199480408ea977b

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 08AD 0
0 28ms
13ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9UbCMz18sGAzhk_PF-OiMPiJO7i36_xQwWemP-W6restypLQE2n42mTo1iKGuBmuaFtAh
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 08AD 0
0 33ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPMRdNrnAXummK8Kz3gOgl43oDIaIhqNclJff1PYJv-EeEAEgiLGRH2CV4pCCoAegAfXTqLoDyAEJqQJJH9SBeieyPuACAKgDAcgDCKoE2gFP0FXij761RiwnL-wNu0kIq1nRredsZSs8zDyAUXQG9YNwLeIZmZNYbwGMAmONSg-lVs87n3Wl5W-5axUiU_S7eSRweFlayIBVru9jWhZSnhaF6Wc63ORw5I7f9j9_xWCYWmEBp8P7GMYXckxsM7vuw4e6u7Jz9CvPLKMV230Qo52Tuq2bkQuO8b8IuP-XuAUMu1x1eoeUWLs-jFE6al3_ZoS_6R1rMD9frIkuQVlLwqQaFQfMnBLFMDAsNz00xTIYHUwmd54yvmfLdcPY5m1K9YfV2jm1gPuMgMAEuPz99qUC4AQBkgUECAQYAZIFBAgFGASgBi6AB_Or10WoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQif8G0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi00ODUyOTE1OTA1OTM2MTI0gAoDyAsB2BMN&sigh=kz0mgVkE0jo&template_id=419&tpd=AGWhJmsQ4KJlMjVHhTMfq4YvYFRzrrVwQcACHMvdkoDWMwIVmQ
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 hg.jpg
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 53 KB
53 KB 25ms
9ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/hg.jpg

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2d74a262fd28b1102556d9163c3dbe617fceb57e75ee9254412c74910128b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 20:46:47 GMT
x-content-type-options: nosniff
age: 2877824
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54091
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Apr 2021 20:46:47 GMT

GET
H2 200 text.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 3 KB
3 KB 24ms
9ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/text.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8d2d4a3900f9ce5ff1692710a7a5b8ccc66b4923a75ddd5a152bf7b359496e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:43:09 GMT
x-content-type-options: nosniff
age: 2762842
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Apr 2021 04:43:09 GMT

GET
H2 200 einfache.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 560 B
682 B 23ms
8ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/einfache.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c3d138e8b0499b98307622598614ffa4069cdb2bb345c27eefe5d28e56496c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 May 2020 07:57:41 GMT
x-content-type-options: nosniff
age: 72770
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 07:57:41 GMT

GET
H2 200 schnelle.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 586 B
685 B 26ms
11ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/schnelle.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae215315beb044da100a1fc80fc8badbc67b3d0bc4ad38fc549c21537bb9a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 May 2020 08:02:05 GMT
x-content-type-options: nosniff
age: 72506
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 08:02:05 GMT

GET
H2 200 innovative.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 639 B
739 B 23ms
8ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/innovative.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b62215a2a4be26526b4e2ae3b5093bfa3b8d348f93d705c12f2cd3e000dc661c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 17:49:31 GMT
x-content-type-options: nosniff
age: 2024460
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 17:49:31 GMT

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 2 KB
2 KB 26ms
12ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/cta.png

Requested by

Host: iir.ai
URL: https://iir.ai/X4lv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7317d07a120585719417777d0c910ce8adaf5983fb70d6e8bf8877bd000f3632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 23:08:42 GMT
x-content-type-options: nosniff
age: 2782909
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2258
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:08:42 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F2D 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61293
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6F2D 295 B
359 B 8ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20774
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B38 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 May 2020 02:30:18 GMT
x-content-type-options: nosniff
server: cafe
age: 6013
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2471
x-xss-protection: 0
expires: Mon, 18 May 2020 02:30:18 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9B38 295 B
359 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20774
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 47ms
14ms XHR
text/html 52.222.182.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1589688631192;Moneytizer;https%3A%2F%2Fiir.ai%2FX4lv;;;;;b,off,false,,1,es,33,202,true,false,false;displayConsentUi:mandatory,;GDPR-apjio8jn8atmq6cgpldg
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.182.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-182-16.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 01:31:57 GMT
via: 1.1 8546619508b421ce9fe06c7b912968a9.cloudfront.net (CloudFront)
vary: Origin
age: 9515
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
x-amz-cf-id: Wqp-viVhBEGOvWdzBKaAC7Dz__C-vly7QpJVIah-Cv7mS9g-4KI7mg==

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08AD 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 61293
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 17 May 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 08AD 295 B
359 B 10ms
8ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 16 May 2020 22:24:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20774
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 17 May 2020 22:24:17 GMT

GET
H2 200 hg.jpg
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 53 KB
53 KB 8ms
5ms Image
image/jpeg 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/hg.jpg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2d74a262fd28b1102556d9163c3dbe617fceb57e75ee9254412c74910128b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 13 Apr 2020 20:46:47 GMT
x-content-type-options: nosniff
age: 2877824
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54091
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Apr 2021 20:46:47 GMT

GET
H2 200 text.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/text.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8d2d4a3900f9ce5ff1692710a7a5b8ccc66b4923a75ddd5a152bf7b359496e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 Apr 2020 04:43:09 GMT
x-content-type-options: nosniff
age: 2762842
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2582
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Apr 2021 04:43:09 GMT

GET
H2 200 einfache.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 560 B
627 B 11ms
9ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/einfache.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25c3d138e8b0499b98307622598614ffa4069cdb2bb345c27eefe5d28e56496c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 May 2020 07:57:41 GMT
x-content-type-options: nosniff
age: 72770
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 560
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 07:57:41 GMT

GET
H2 200 schnelle.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 586 B
653 B 10ms
8ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/schnelle.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae215315beb044da100a1fc80fc8badbc67b3d0bc4ad38fc549c21537bb9a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 16 May 2020 08:02:05 GMT
x-content-type-options: nosniff
age: 72506
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 May 2021 08:02:05 GMT

GET
H2 200 innovative.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 639 B
706 B 9ms
8ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/innovative.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b62215a2a4be26526b4e2ae3b5093bfa3b8d348f93d705c12f2cd3e000dc661c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Apr 2020 17:49:31 GMT
x-content-type-options: nosniff
age: 2024460
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 639
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Apr 2021 17:49:31 GMT

GET
H2 200 cta.png
tpc.googlesyndication.com/sadbundle/4987673976531875258/ Frame 08AD 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4987673976531875258/cta.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7317d07a120585719417777d0c910ce8adaf5983fb70d6e8bf8877bd000f3632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 23:08:42 GMT
x-content-type-options: nosniff
age: 2782909
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2258
x-xss-protection: 0
last-modified: Wed, 07 Aug 2019 01:40:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 23:08:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 37ms
17ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80e360d47522733f57cf520bb902139545e9da28062aecfec1450f01d71a02d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 17 May 2020 04:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5555
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Sun, 17 May 2020 04:10:31 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5872 0
0 7ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 16 May 2020 23:58:39 GMT
expires: Sun, 16 May 2021 23:58:39 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15112
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 14ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=2649940683256553&bg=!FhWlFQ1YQ6cMgF15-tECAAAAQVIAAAARmQFueL8wubR3T_X7rgsDLFZhr-TH9UYI861rj2ywzUr20ZwsYNUlGs0A75dqetWKYAhfTTfU9M-p7DsMyWeypeSoiYg-nbVNKi659uUhtOV1SaVMhE5QGxD5ccbmu6qU47_d1giS3GCGh_3pdTptYAw0YsitE3rO6gw1apeThYEJRT8x_MUSK7_ORnlQ4LJw0iIqVn-CIazQQQPjcU1fv9Kij1uZzh8X0-24BJaocM8fRWK0EZmmP9c1VVHjKtf2ni3j4YDWvSzjY87R5if34pvzb0ysHNEDJQGep9xriFBsd4Z33UkZgfXsoe96-pyWIlpx9MH0nlkIJTSk9eeAvJYQ6YizhRwOfLonkCsBnViMq-a3GmKhJxVIi3o4mtJKQn8lkW3icBcl2aIiNgvvo8xyAvgNsv84lfAj8ayiId2vQHrFMPPudwM2xrxMTr7woJwCtCMt3XifDpq3VkxaBCPS_c-VyrRWzwF6X40MrceA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET image_redirection
api.news-headlines.co/ 0
0

GET
H/1.1

200
OK

eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 61A3
Redirect Chain

https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLC...
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

34 KB
35 KB

31ms
12ms

Image
image/webp

2.21.38.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.21.38.73 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-38-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

648efe7bdeb2af42162477aeb52a541ecd0870a736d2777e259e80c282a59b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Encoding: gzip
Last-Modified: Thu, 07 May 2020 11:26:00 GMT
Date: Sun, 17 May 2020 04:10:32 GMT
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=2153398
Connection: keep-alive
X-TraceId: ca02c9edb64ace612b8896bb8566ef8e
Timing-Allow-Origin: *
Content-Length: 35054

Redirect headers

date: Sun, 17 May 2020 04:10:32 GMT
server: openresty
status: 307
location: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
access-control-allow-methods: GET, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 184

GET
DATA 200
OK truncated
/ Frame 61A3 795 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0CD1 42 B
107 B 15ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss02E33r17lyVPApHujh9QEaF76Fj4zNwPGt8lU0CmVfW0EHAIAdRJKxSNuEfhYi1TUZDgrcnDGJBpXNE-GO54nN-3wNJzutHjQUa6WoyAAifV_fRhyOJM1B0Nv8g&sai=AMfl-YT4klYnmhiX7-9jBOB0yCCefzYueKIhoZZtVAXl46-yywize2wn7GZyRoZksBh_sTTPoV6ZuMP2wxXqR2bn3bAfMWxXi6R0ZFvW60z6vIgxsv41pj1fKAXz7zI&sig=Cg0ArKJSzApqK0ifX3ftEAE&cid=CAASPeRotgovnnKOqORZgzCE3cxWXWyImavKudHuFn0jZHCTD6-NZMCHJtAwSBLfMavjO6-WpQcF4T_gWjm2-gQ&id=ampim&o=625,299&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=727&tls=1727&g=100&h=100&tt=1727&r=v&avms=ampa&adk=3880278309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 791B 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv--z2EJ245bEFTsND_KOlTVZD_nQ3eB4tWLujzy7cKGhsqJ2ByVVq4ptJb_go-9gNpCtXobcSn_C7t-CzG-R9tiw-aJ8d3qe73UBzUfIM1qF2VPbLTAAsFfs5-Qw&sai=AMfl-YRBWa3pIAO7dUHKtToYlPKJq1Kz26tG6wInpXCfMfsyz8J8dGG422hAHAcuMlpYtaJ1UFa4hwycCKSYgWCejJqzmC-t8V8SKrtd3ovfMm0Gv1PtzcQwW1iHYhY&sig=Cg0ArKJSzCq2p-njT-GoEAE&cid=CAASPeRodW2dq99YC6_KKRvkQ9yPG2BUDJw9ykTsK3br4i7Qhi_fbxFO0lBaxjuPXGLbOxz5MpMfEGN28C5VDaI&id=ampim&o=625,677&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=244&tls=1244&g=100&h=100&tt=1244&r=v&avms=ampa&adk=2252918807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B38 0
0 18ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CY_XBNrnAXvmfIdTX3gOhhbDAA5rE86FdxoaZ5aILv-EeEAEgiLGRH2CV4pCCoAegAaze4vYCyAEBqQLNAlbo2DV7PuACAKgDAaoE1wFP0P0BbZwpglJcVGI8-8cLlaSGg7XrNWAePg90pIXb39AYtQNdiZdXD3OuyNxfzi3gvT_V52QSz6uc2sSIxYU_CVVSSpdQp6_KNP6gvuV9GIz8E3aOCHFHAbbW1trqXlSvNzEpOnBSFXPFLFez1hFzE-fZgYL2l2SBAVHVUwM704bTiGzFH9SOVDsVP9F5gfPH6e1L-4VF--6T7DcGO2gL5Hijg9w9gHsMWZ5V4hL0ODGY9JUHeVS6PQhOaim4tMtqRX9_8fBMHqhO4GBOVUHta3A_VjaxTsAEw9v9_fYC4AQBgAeLteawAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBC20gnSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=S9qyQq9qyLU&vt=1&template_id=5001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9B38 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQoFOqLJHchn-rxAJDlvIZzu8KWLeWLAmTg6m0pexdXg_lqEbhpniS4k61Iv2sfm46xg0j19JjMUnun2oQM8OD4oTHiOlc-3J7e2kPNWAuKPOZAxZMR7r9Rcm7vCS_CuTgQ_CIroosrk1V5pfv2CBN&sai=AMfl-YQHB32B6EtgWAOHjlE46fUZdx8eWlRJ2IYShIDoQbkLBhIsSitiKr6-cS-4IU3WV_piILIxo_h5sgdWRRO_0O-sC-vh07TbW7EamszskqH9pIbxlB8UGB0MQpI&sig=Cg0ArKJSzHv0EKJa-QsBEAE&cid=CAASPeRo6ldO5bRUdnbiOZ43oe-HJhvXjSfvTWonp3rEsgi17sICpx8QuK8sB8hRBwQNKgPjXZAZXDVZlBrvrQk&id=ampim&o=382,1109&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=169&tls=1169&g=100&h=100&tt=1170&r=v&avms=ampa&adk=2688864132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6F2D 0
0 18ms
18ms Image
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COgR5NrnAXqf8FJCT3gOZkozAA5jugaFdlrj7ga0L-uvS4LIBEAEgiLGRH2CV4pCCoAegAc_lqtoCyAEJqQJJH9SBeieyPuACAKgDAaoE2gFP0I1nD6f9NwWHTyw9ka_czb9VRWZL5eZ7XMUUOMNfsBMTerpNOGZsspxagdq14NzuELKtdkQ_V9K7nsZLrQoGWOxUZEHptpnzEp0_W2h14ImiuDdaHTbk5rRuVRYdj7Pby-ryjpqD-aePxHqZZ8zBkr_ByToj-XgwhSPHcN-2oYXXg2vJwMSr3To_3h8H0erSuQddS_Ch69TPy1YfgGWbmDqTpfdpMWKilmVPHxjLL3V6ay9eWhQxi5F_02W-p6qI1f5w69yT7EwBhzT-cLNaUzFqnx-L0030gcAEx-SOsvMC4AQBoAYugAeZmtWlAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBDSkATSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAI&sigh=8WMHvQtyF-Y&vt=1&template_id=484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6F2D 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuzd7UEEmo4JxkOFVW1w0xwWsZts37s3NABrGpkyoVz0RNZ6Xm2at-o3U-dNgGMBLRShALLKYwxox0LCDGha7u9M2x8L5pm8U1eGwxRqYM8jS71DxYvZWpEswENZMfvaouUvFsROE2j4qdl_a9V3hk&sai=AMfl-YRH1gIm47a0UOJmNCE-Pf97xXZGzRGrkWkMJW9_0idbsT19y4OTYbaT9TsHiYRYLJRWo9rYPTyHfLV7B20k38t8Cm9AKBEA7WOvIJjOvZtGdsphgEQYenm83DE&sig=Cg0ArKJSzGhRgN4GIAYrEAE&cid=CAASPeRoogKNl6EXWlDIMcGuzUc8vHAH7aaMlofYeBPuEUlcWPBmkRiIhggah6I1087-YbgpOuX-DRwb-SfBTIo&id=ampim&o=1275,50&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1004&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&tfs=181&tls=1185&g=100&h=100&tt=1185&r=v&avms=ampa&adk=1372485172

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 08AD 42 B
107 B 22ms
22ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYVD5BxnYjxQMDzCG-VaSsp5nsNQJJS6K8rYxO2O-W7C1ICfgwz9Gv48QTvhlJ44CBKf1FvnaihnnpDsfrENmAL-VGd_WngMPoZUxuw1SI-eYqHNlvhrAneG4Vb_uuxOQgOERvnZN0kBoBBm3BzmEcpw&sai=AMfl-YTZKDUTXyRth-scBpmuH2JN7zP_NX0fmQhg-c783KKfffWFg65Tt7_tiNU1iufymRGO7spo-Xn7dkk0LLVsyftjj9tl8RcwcF6G7ftfFy-gwxzZxp_IMRWhO14&sig=Cg0ArKJSzDrQsMHyoG4AEAE&cid=CAASPeRoBFflS806w0XuuNeFcXPJPEWNU0oXToTFESJdPOloxRNAIGAeUpnbJyz8ydlKokZuuufothIkc-FJ2Do&id=ampim&o=650,997&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=116&tls=1117&g=81.19999766349792&h=81.19999766349792&tt=1117&r=v&avms=ampa&adk=363645630

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

eyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 61A3
Redirect Chain

https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLC...
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

46 KB
47 KB

8ms
8ms

Image
image/webp

2.21.38.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.21.38.73 , France, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-21-38-73.deploy.static.akamaitechnologies.com

Software

Resource Hash

dee1a8e51cbffe5d5f05ed33833e3e76bf777490010f59def33c8526587ef016

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=0; includeSubDomains;
Content-Encoding: gzip
Last-Modified: Tue, 21 Apr 2020 20:01:27 GMT
Date: Sun, 17 May 2020 04:10:35 GMT
Vary: Accept-Encoding
Content-Type: image/webp
Cache-Control: max-age=289635
Connection: keep-alive
X-TraceId: d29148698c25ddcfa55906d1c16dde76
Timing-Allow-Origin: *
Content-Length: 47288

Redirect headers

date: Sun, 17 May 2020 04:10:34 GMT
server: openresty
status: 307
location: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3M2E5OGRjYWQxOTJiNTIzZTdhZDgyMzQyOWZmZDU4Yjc4YmJjNzhhNWNiZDZkMjRhOWNhMzA2N2M5MTRhMGYiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
access-control-allow-methods: GET, OPTIONS
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 184

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
452 B 28ms
28ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://iir.ai
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 106ms
73ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 615ms
583ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 53ms
21ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 127ms
95ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 104ms
72ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

POST
H2 200 / Show response
shb.richaudience.com/hb/ 4 B
210 B 128ms
97ms XHR
text/html 116.202.160.35
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.160.35 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.35.160.202.116.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://iir.ai
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2

200

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....

11 KB
5 KB

24ms
22ms

XHR
application/json

52.57.190.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bd784068fc264%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22c59b3370-0a17-49cc-8105-80da2227f51f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22176e46a2d7e6128%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%22e95de76d-c965-425f-96e4-5e1bddf2efbd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221828b54bf717819%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22ae5ed581-3c3d-48c1-becd-d42706574636%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%221971e0be6e26e87%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%2288fef07c-0ee6-445f-8db8-ed67e41a71bd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%2220a43c31fad3d1a%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%2215120401-1cf9-44de-9704-53d9c74b02bc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-190-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7a501e1c925f0c949a9b7f7a4b1401d08b73bf9db3105f1345627fc70cfa2d6d

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://iir.ai
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 4559

Redirect headers

date: Sun, 17 May 2020 04:10:39 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223574b65084b250b%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216bd784068fc264%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22c59b3370-0a17-49cc-8105-80da2227f51f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%22176e46a2d7e6128%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%22e95de76d-c965-425f-96e4-5e1bddf2efbd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%221828b54bf717819%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%22ae5ed581-3c3d-48c1-becd-d42706574636%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%221971e0be6e26e87%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%2288fef07c-0ee6-445f-8db8-ed67e41a71bd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%2220a43c31fad3d1a%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%2215120401-1cf9-44de-9704-53d9c74b02bc%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://iir.ai
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2

200

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....

3 KB
2 KB

17ms
15ms

XHR
application/json

52.57.190.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216692ab669c9c6%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2277316d21-bc82-49b0-afcf-6a800d736ae9%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-190-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 530945101dbf2a14690b0d59cc6072b19ae00cbb5e28600ac8915340b112d2a6

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://iir.ai
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 1816

Redirect headers

date: Sun, 17 May 2020 04:10:39 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236c61e8d2a17cbd%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22216692ab669c9c6%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2277316d21-bc82-49b0-afcf-6a800d736ae9%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://iir.ai
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
701 B 16ms
15ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:41 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: 806f9dbb-deb4-4cd4-8502-f928542e1a30
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://iir.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 633 B
669 B 24ms
8ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=20&formatid=26706&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 50728b2e44305cb1a39f419ca118a6250efdb9c717216a728d8db2c401b51ef9

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 438
expires: Mon, 18 May 2020 04:10:39 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 627 B
660 B 23ms
7ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=19&formatid=26711&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 2253e27d8c8871590c60f89b3510bbc00bdc43672655526710d8c8fa416c7c33

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 429
expires: Mon, 18 May 2020 04:10:39 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
657 B 24ms
8ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=31&formatid=39287&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 23fdd66c8768fd6605d350986c5ef0f5f6c34cb628c4397712ad286a11de7880

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 18 May 2020 04:10:39 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 24ms
8ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 2b4ef64427e8ba3eb0069e595ff5e5b4b7d1934ef659b30dd66638893d0f85f7

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Mon, 18 May 2020 04:10:39 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
662 B 23ms
9ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=3&formatid=26323&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: cdce76552ad1f66edd20e25ce326185f635772d6f88d1a84ff4bc036bd1cd525

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 17 May 2020 04:10:39 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 431
expires: Mon, 18 May 2020 04:10:39 GMT

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
461 B 61ms
29ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345731&pgid=1206499&fmtid=26711&async=1&visit=m&tmstp=3573835929&tag=sas_26711&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fiir.ai%2FX4lv&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,58791,1,iir.ai,iir.ai
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: bc5c2e3cd528daf1f1651b4853877fb3eaa7e244620d89b4c9c9a0fa4ce53046

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
x-smrt-d: 3%3b2%3b133
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 140
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 159ms
41ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=58791&f=19&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 17 May 2020 04:10:40 GMT
Server: nginx
X-IPLB-Instance: 24855
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

POST
H2 204 impression Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 91ms
30ms XHR
text/plain 108.128.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/impression?sId=dd8810a6&c=1
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Sun, 17 May 2020 04:10:40 GMT

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame B23F 14 KB
4 KB 24ms
7ms Script
application/x-javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
age: 28163
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: 74zbE6T48GkUHa9db8GRKwBsGK+Uxqz6v4uA0TCeyETdpvdGYuxBbmPdVExkfZpqS4AOweC7/dY=
x-served-by: cache-fra19151-FRA
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1589688641.813319,VS0,VE0
date: Sun, 17 May 2020 04:10:40 GMT
vary: Accept-Encoding
x-amz-request-id: 594074B13CFB3805
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 45
x-cache-hits: 7966

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 6216 718 KB
176 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.284.1.1-10.79.1 /
Resource Hash: 669c88d5106d93116fedd437e41ea6af9e33e364bff945a735c5e6c6906dba64

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: jENlv60G2WGwVUcLJucfOjkM8oWtKUhf
content-encoding: gzip
etag: "397dacfd306df43267afeb190801f967cca9655f"
age: 754
x-cache: HIT
status: 200
content-length: 180116
x-amz-id-2: jfLZE2dCPqFgEzQiYiLI13+0AuqOKtrC2qqu+JPVswCj6Ifo1Lk+71ejOKEawNvRjbJgiJ2/ZbM=
x-served-by: cache-fra19151-FRA
x-from-cache: 1
access-control-allow-origin: *
last-modified: Thu, 14 May 2020 15:12:36 UTC
server: obaker.284.1.1-10.79.1
x-timer: S1589688641.847696,VS0,VE0
date: Sun, 17 May 2020 04:10:40 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: C336B2F0E790E01F
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 20
x-cache-hits: 2

GET
H2 200 impl.20200513-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 6216 444 KB
126 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200513-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a6c080de9e647fe2f184aca91d1f682ede2d4ae4bc734b8b99980a7ee76e17e

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: 9ulGMI2BnILfCbobp0v3s4d3Ce_GgDVY
content-encoding: gzip
etag: "db22e321cb15512e1d91582b39362862"
age: 20
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 128489
x-amz-id-2: ODasKN2DguKUsJwPOlk4Qmg2TNI7Z12rV6YY0eZrwQR0w2Oi7r/lifKWp8aVIZGaMlrrMd0KSbA=
x-served-by: cache-fra19151-FRA
last-modified: Wed, 13 May 2020 08:03:46 GMT
server: AmazonS3
x-timer: S1589688641.894443,VS0,VE0
date: Sun, 17 May 2020 04:10:40 GMT
vary: Accept-Encoding
x-amz-request-id: 277CF57DE7D858B9
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 45
x-cache-hits: 31

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 6216 1 KB
1 KB 28ms
9ms Script
application/x-javascript 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 17 May 2020 04:10:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 18 May 2020 04:10:40 GMT

GET
H2 200 json Show response
trc.taboola.com/themonetizer-iirai/trc/3/ Frame 6216 31 B
393 B 31ms
15ms Script
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/themonetizer-iirai/trc/3/json?tim=06%3A10%3A40.943&lti=deflated&data=%7B%22id%22%3A400%2C%22ii%22%3A%22%2Fx4lv%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1589688640940%2C%22cv%22%3A%2220200513-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fiir.ai%2FX4lv%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22345731-PAVE%20BAS%22%2C%22orig_uip%22%3A%22345731-PAVE%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200513-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 17 May 2020 04:10:40 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4029-HHN
server: nginx
x-timer: S1589688641.965238,VS0,VE9
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 6216
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9=

0
248 B

15ms
15ms

Image
text/plain

104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9=
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:40 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1589688640950&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FX4lv&c9=
Pragma: no-cache
Date: Sun, 17 May 2020 04:10:40 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
trc.taboola.com/themonetizer-iirai/log/2/ Frame 6216 0
55 B 7ms
6ms Image
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=06%3A10%3A40.979&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=1247&cv=20200513-6-RELEASE&lt=deflated
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 17 May 2020 04:10:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1589688641.985391,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
content-type
status: 204
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-sy: true
retry-after: 0
x-cache-hits: 0

GET
H2 204 debug
trc.taboola.com/themonetizer-iirai/log/2/ Frame 6216 0
89 B 7ms
6ms Image
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=06%3A10%3A40.981&type=error&msg=loadRBox%20failed%2C%20aborting.&id=1391&cv=20200513-6-RELEASE&lt=deflated
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 17 May 2020 04:10:40 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1589688641.985379,VS0,VE0
x-served-by: cache-hhn4029-HHN
x-cache: HIT
content-type
status: 204
cache-control: no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-sy: true
retry-after: 0
x-cache-hits: 0

POST
H2 204 auction Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 30ms
30ms XHR
text/plain 108.128.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&c=1
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Sun, 17 May 2020 04:10:41 GMT

GET
H/1.1 200 12.json Show response
id5-sync.com/g/v1/ 131 B
435 B 115ms
38ms XHR
text/json 54.36.123.231
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.123.231 , France, ASN16276 (OVH, FR),

Reverse DNS

s03.id5-sync.com

Software

Resource Hash

65e18012ffcab0aa1357dbd8a8ea81556ca31cda4978ea7e5071dbe32f4d3874

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://iir.ai
Date: Sun, 17 May 2020 04:10:43 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8

GET
H/1.1 200
OK /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 874B 0
0 41ms
13ms Document
text/html 159.69.60.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7447682694
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.60.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.60.69.159.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: sync.richaudience.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Server: nginx/1.14.2
Date: Sun, 17 May 2020 04:10:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

GET
H2 200 /
onetag-sys.com/usync/ Frame 86A3 0
0 27ms
26ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1589688639978

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1589688639978
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://iir.ai/X4lv
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame D02B 0
0 25ms
7ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://iir.ai/X4lv
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://iir.ai/X4lv

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 17 May 2020 04:10:43 GMT
Age: 24604128
X-Served-By: cache-jfk8138-JFK, cache-fra19127-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 1378431
X-Timer: S1589688644.605911,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

match
match.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NFlpgWw5SbqVRK2Wi4n0pw&google_cm&publisher_dsp_id=340
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=NFlpgWw5SbqVRK2Wi4n0pw&google_cm=&publisher_dsp_id=340&google_tc=
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDbl-WTRVR3_mVkTB4pDh5g&google_cver=1

43 B
435 B

11ms
10ms

Image
image/gif

52.57.190.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDbl-WTRVR3_mVkTB4pDh5g&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.190.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-190-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:43 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:43 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEDbl-WTRVR3_mVkTB4pDh5g&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=improve-digital&ttd_tpi=1&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=167&publisher_call_type=redirect&gdpr=1&gdpr_con...
https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=adda9fec-18d2-4942-8a78-04b540612150

43 B
569 B

10ms
10ms

Image
image/gif

3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=adda9fec-18d2-4942-8a78-04b540612150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:43 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:43 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ad.360yield.com/match?publisher_dsp_id=167&external_user_id=adda9fec-18d2-4942-8a78-04b540612150
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&google_tc=
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESEB292DtqJwt58C5mYl4cl8I&google_cver=1

43 B
433 B

26ms
10ms

Image
image/gif

3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESEB292DtqJwt58C5mYl4cl8I&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:43 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:43 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA&external_user_id=CAESEB292DtqJwt58C5mYl4cl8I&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
euc-ice.360yield.com/
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAA...
https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=34596981-6c39-49ba-9544-ad968b89f4a7&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOzhpkv...
https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590898243&external_user_id=6679322291230803371

43 B
486 B

11ms
11ms

Image
image/gif

18.185.245.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590898243&external_user_id=6679322291230803371
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.245.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-245-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:43 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Sun, 17 May 2020 04:10:43 GMT
server: nginx
status: 302
location: https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1590898243&external_user_id=6679322291230803371
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
expires: -1

GET
H2

200

match
euc-ice.360yield.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
https://euc-ice.360yield.com/match?external_user_id=8081740177344610286&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA

43 B
423 B

46ms
11ms

Image
image/gif

18.185.245.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euc-ice.360yield.com/match?external_user_id=8081740177344610286&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.245.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-245-187.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sun, 17 May 2020 04:10:43 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma: no-cache
Date: Sun, 17 May 2020 04:10:45 GMT
X-Proxy-Origin: 185.220.70.68; 185.220.70.68; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid: 7cd949ed-62eb-46ce-b352-8c0f2750380c
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://euc-ice.360yield.com/match?external_user_id=8081740177344610286&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOzhpkvCLAAAENDK-AAAAvjAAA
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 auction Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 30ms
30ms XHR
text/plain 108.128.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&c=1
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Sun, 17 May 2020 04:10:45 GMT

POST
H2 204 auction Show response
intake.prod.pubstack.io/v1/intake/ 0
57 B 31ms
30ms XHR
text/plain 108.128.27.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intake.prod.pubstack.io/v1/intake/auction?sId=dd8810a6&c=4
Requested by: Host: iir.ai
URL: https://iir.ai/X4lv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.27.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-27-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://iir.ai/X4lv
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
access-control-allow-origin: *
date: Sun, 17 May 2020 04:10:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/c/12/108/2/8.gif?puid=595be331-97f4-11ea-a011-426c53b1b576&gdpr=1&gdpr_consent=

Domain: api.news-headlines.co
URL: https://api.news-headlines.co/image_redirection?imageUrl=images.outbrainimg.com%2Ftransform%2Fv3%2FeyJpdSI6ImVkMzk0ODliNGU3ZWExYWYyYjc2NmE0MGZhMDFiYzRmN2EwNDQ3MjEyMWM3NjA3NDkwMWY4NzE0OGY2ODRkYWMiLCJ3Ijo3MjAsImgiOjM2MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp&c=DE&user_id=3329793d-dc31-4c7b-8d10-3682791decd7&publisher_key=ADMVN0301PH&sub_id=default&provider_id=30&uipa=mtG1lJiYmc43mc42oa==&req_id=bd98a222ae8286b7ad3b269a21d6a7bbdc766_ADMVN0301PH&click_id=us_9f834fcb-8867-47ef-8752-d18421b6d9b8030mtG1lJiYmc43mc42oa==&bid_amount=0.030418&sub_id_original=832300&language=en&imp=http%3A%2F%2Flog.outbrainimg.com%2FloggerServices%2FwidgetGlobalEvent%3FrId%3D56a1e95de76fceaedccf2ed00669c560%26pvId%3D56a1e95de76fceaedccf2ed00669c560%26sid%3D7252960%26pid%3D39036%26idx%3D0%26wId%3D294%26pad%3D1%26org%3D0%26tm%3D0%26eT%3D0%26p_key%3DADMVN0301PH%26provider%3D30

Verdicts & Comments Add Verdict or Comment

246 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 09:34:52	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 18:56:24	Name: IDE Value: AHWqTUkyFbLzdHlxsj6GOmJa7S22bGURC5reZThMjwWTatPQxkhPOz4yE4RuI-s5
.zeotap.com/	1970-01-19 09:36:15	Name: zsc Value: %01%9E%AE%E7%E6%A7%CFU%F2%09xF%BC%8CM%02%B0%B0%F8os%E6%7F%DB%88%B3%C8a%13%BB%99%0C%3E%0E.%FC%C1%28%C0%07%8A%B1Q%B8%81%3B%D8_%15u%09%BBu%26q%B0%25%25%5Em%C4%A8Y%F6%CD%EE%10%C0%ED%E7%02%16%92%BC%D3%F28%92%F5%9B%BC%C3%ECdi%D9%09%88%BC%A2S%B8n%B9%A4%A8e
iir.ai/	1969-12-31 23:59:59	Name: ab Value: 2
.zeotap.com/	1970-01-23 01:10:48	Name: zc1 Value: 7a2385f7-8ecd-41c7-483a-ab8da7d3e8d3
.zeotap.com/	1970-01-23 01:10:48	Name: zc Value: 7a2385f7-8ecd-41c7-483a-ab8da7d3e8d3
iir.ai/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
.iir.ai/	1970-01-20 03:06:00	Name: __gads Value: ID=041b6a6b7a415b90:T=1589688627:S=ALNI_MaVN_Ia8msQ0fIwZ363PxaCKSbEkw
.iir.ai/	1970-01-19 09:34:48	Name: _gat_gtag_UA_113561579_2 Value: 1
.iir.ai/	1970-01-19 09:36:15	Name: _gid Value: GA1.2.850002515.1589688627
.iir.ai/	1970-01-20 03:06:00	Name: _ga Value: GA1.2.1499951929.1589688627
iir.ai/	1969-12-31 23:59:59	Name: AppSession Value: 4ef9912073abe2ad538086e9bba792ad
iir.ai/	1969-12-31 23:59:59	Name: csrfToken Value: c5645f5d7b506b687df51513a24776956122d120ce0bc509a13d95fef51a59d8bd486383ce67dd2ff19513938a11c494cb932c5f1eaf08b534ada6c5a8380e16
.iir.ai/	1970-01-19 10:18:00	Name: __cfduid Value: da6769bd718bc79f24241b96ebb9e90941589688626

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	info	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/X4lv
console-api	info	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/X4lv
console-api	info	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/X4lv
console-api	info	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/X4lv
console-api	info	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 418) Message: Powered by AMP ⚡ HTML – Version 2005012256000 https://iir.ai/X4lv
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 22) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CY_XBNrnAXvmfIdTX3gOhhbDAA5rE86FdxoaZ5aILv-EeEAEgiLGRH2CV4pCCoAegAaze4vYCyAEBqQLNAlbo2DV7PuACAKgDAaoE1wFP0P0BbZwpglJcVGI8-8cLlaSGg7XrNWAePg90pIXb39AYtQNdiZdXD3OuyNxfzi3gvT_V52QSz6uc2sSIxYU_CVVSSpdQp6_KNP6gvuV9GIz8E3aOCHFHAbbW1trqXlSvNzEpOnBSFXPFLFez1hFzE-fZgYL2l2SBAVHVUwM704bTiGzFH9SOVDsVP9F5gfPH6e1L-4VF--6T7DcGO2gL5Hijg9w9gHsMWZ5V4hL0ODGY9JUHeVS6PQhOaim4tMtqRX9_8fBMHqhO4GBOVUHta3A_VjaxTsAEw9v9_fYC4AQBgAeLteawAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBC20gnSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAE&sigh=S9qyQq9qyLU&vt=1&template_id=5001
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js(Line 22) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=COgR5NrnAXqf8FJCT3gOZkozAA5jugaFdlrj7ga0L-uvS4LIBEAEgiLGRH2CV4pCCoAegAc_lqtoCyAEJqQJJH9SBeieyPuACAKgDAaoE2gFP0I1nD6f9NwWHTyw9ka_czb9VRWZL5eZ7XMUUOMNfsBMTerpNOGZsspxagdq14NzuELKtdkQ_V9K7nsZLrQoGWOxUZEHptpnzEp0_W2h14ImiuDdaHTbk5rRuVRYdj7Pby-ryjpqD-aePxHqZZ8zBkr_ByToj-XgwhSPHcN-2oYXXg2vJwMSr3To_3h8H0erSuQddS_Ch69TPy1YfgGWbmDqTpfdpMWKilmVPHxjLL3V6ay9eWhQxi5F_02W-p6qI1f5w69yT7EwBhzT-cLNaUzFqnx-L0030gcAEx-SOsvMC4AQBoAYugAeZmtWlAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBDSkATSCAkIgOGAcBABGB3yCBthZHgtc3Vic3luLTQ4NTI5MTU5MDU5MzYxMjSACgPICwHYEwOIFAI&sigh=8WMHvQtyF-Y&vt=1&template_id=484
console-api	log	URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19(Line 727) Message: undefined
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20200513-6-RELEASE.js(Line 3) Message: Server did not respond to loadRBox
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20200513-6-RELEASE.js(Line 3) Message: loadRBox failed, aborting.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.360yield.com
ads.themoneytizer.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
ajax.googleapis.com
anglishreasts.site
aphycolourses.info
api.news-headlines.co
apis.quantcast.mgr.consensu.org
areasonsimon.club
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
boudja.com
c.tmyzer.com
c4fa46013644a3ebf78ab96d27fa26d4.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.prod.pubstack.io
cdn.taboola.com
ced-ns.sascdn.com
clk.sh
cm.g.doubleclick.net
d1ks8roequxbwa.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d3al52d8cojds7.cloudfront.net
d7016uqa4s0lw.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
euc-ice.360yield.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
iir.ai
images.outbrainimg.com
intake.prod.pubstack.io
js-sec.indexww.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
shb.richaudience.com
spl.zeotap.com
static.quantcast.mgr.consensu.org
sync.richaudience.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
vendorlist.consensu.org
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
api.news-headlines.co
id5-sync.com
104.111.214.103
104.16.107.82
104.16.108.139
104.16.108.143
108.128.27.24
116.202.160.35
145.239.192.166
145.239.193.145
151.101.113.44
151.101.13.108
151.101.13.44
151.139.241.23
159.69.60.133
172.217.18.98
18.156.186.116
18.185.245.187
185.33.221.14
185.86.137.113
198.148.27.131
2.18.234.21
2.21.38.73
216.58.206.2
2600:9000:2016:2e00:15:b448:1e80:21
2600:9000:2016:3400:9:46dc:4700:93a1
2600:9000:2070:2800:6:44e3:f8c0:93a1
2600:9000:2070:7000:b:187f:8500:21
2600:9000:2070:c00:9:46dc:4700:93a1
2600:9000:2093:2c00:1a:a6:7f00:21
2600:9000:2093:ce00:1:af78:4c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:ff6
2606:4700:3033::681c:1f0a
2606:4700:e6::ac40:c107
2a00:1450:4001:801::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200a
2a00:1450:4001:816::2001
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2003
2a00:1450:4001:821::2002
2a02:2638::1c
3.124.245.94
3.218.106.131
34.95.76.218
37.157.4.39
51.89.9.253
52.216.134.237
52.222.182.109
52.222.182.122
52.222.182.16
52.31.182.127
52.49.73.64
52.57.190.156
52.84.50.14
54.230.55.98
54.246.118.35
54.36.123.231
54.38.64.100
68.232.35.16
91.228.74.133
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
01b0ea0798221a956d710ce61b9c4195d7cff368c372f51c52ee3faadd1d6081
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0698cc3dda9964a86ee88a18cc88e2b9ffa64dd4e36785d8a748ba827e5b0984
07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba
14a0cdcbea2411d61eeed78faee99571d52414f5cebb0bc6272e35382a36effe
179836e37a19db6a2f6fcb8d1669ca77da7fedd0670a9a1edf6c9b284bdbf847
17c809f33251051ffa22b0e53d65920647d693d53c465c591db3250502f2b1b0
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
2253e27d8c8871590c60f89b3510bbc00bdc43672655526710d8c8fa416c7c33
23fdd66c8768fd6605d350986c5ef0f5f6c34cb628c4397712ad286a11de7880
25c3d138e8b0499b98307622598614ffa4069cdb2bb345c27eefe5d28e56496c
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
27caf6c5bbdda20effaf7aa49d678656bbf9edfafcdb435898a7a723937942c3
283bdb4de61fb1f655270024a9f22f97a9bad05bc590a3f120d8ce67c6cde30b
2aa8fcceee410223c34cec4f9d1ccbb677ca16bfa138098e6e501289f8d86675
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4ef64427e8ba3eb0069e595ff5e5b4b7d1934ef659b30dd66638893d0f85f7
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3699e38d01ef59bc52ce944726178ac186225aa75d8eb68629c411c37729b9eb
376bd91cc0e6421b9314fcde31139b23a7d3994853bae82a3ffc4c0c2c272ab0
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
42eefefaab1100bf292d201ea64f011bde4ce727687d4b7216cf321a7bdbf617
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4943a1deb973aa7dc30efda4bf30f9683c11397e03d16ee6385cd99db5ad1e87
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
50728b2e44305cb1a39f419ca118a6250efdb9c717216a728d8db2c401b51ef9
5198df46935ff6e7b1fd4ce8b313c15676a0fcd0b1dd740e1127baaac9f51430
530945101dbf2a14690b0d59cc6072b19ae00cbb5e28600ac8915340b112d2a6
5330600f68293b69db933eba611413ffaa46ad7c992116b06933c620d7a3c43c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dfc9288f5281f2c559f14d366adf563f1a17b987554876469b161fe48abeed1
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
637c8149532e04cb953a9c5ed5153207e37381bae0ec2ebff89e1804e7e84ec1
648efe7bdeb2af42162477aeb52a541ecd0870a736d2777e259e80c282a59b02
65e18012ffcab0aa1357dbd8a8ea81556ca31cda4978ea7e5071dbe32f4d3874
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
669c88d5106d93116fedd437e41ea6af9e33e364bff945a735c5e6c6906dba64
6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22
6b05744bd366334526e95100c02d84e39efef19fb4045931a7c62ed26f960cf9
6bba33743ffacde5c607cbdd2de13c04e2cb02727068edc8859b395b68e3f383
7317d07a120585719417777d0c910ce8adaf5983fb70d6e8bf8877bd000f3632
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
79a2ff87a74b4bd7e1524e36f50c7eb9cdb529ba121bcf4a9199480408ea977b
7a501e1c925f0c949a9b7f7a4b1401d08b73bf9db3105f1345627fc70cfa2d6d
7ae215315beb044da100a1fc80fc8badbc67b3d0bc4ad38fc549c21537bb9a90
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80e360d47522733f57cf520bb902139545e9da28062aecfec1450f01d71a02d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
8c8543047af01eee8aec752d049f35aff3abc468628af82f9585117411786d8c
8ddab07193e55bb90bcfde3d72b1e1d2b74fb04cfcd6a6c268a053d2a6b592c1
8f670db094f8157451312a2d25ce34fd67f622e07d356f9db841224cceeeed2d
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
9a6c080de9e647fe2f184aca91d1f682ede2d4ae4bc734b8b99980a7ee76e17e
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9f8d2d4a3900f9ce5ff1692710a7a5b8ccc66b4923a75ddd5a152bf7b359496e
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace
a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a59bfd2e9e280d6bfc4a6f5cfa2fd8aaf3c5ca1d7db00224bccc79b1a0d32fd3
ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19
b1bf38291a98d60fdd65f878d9d85c4c825a13937ad4aa09accc2bad62c1e58a
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b386f64be2a20d29378b254c10cb28928526c898e715043375de66c9365e4eb9
b3a71c301b44349358adfef1a14f519ed14a7c57bf5c9f44d387a4f6e56199c8
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b62215a2a4be26526b4e2ae3b5093bfa3b8d348f93d705c12f2cd3e000dc661c
b62351fb016a4cf695a2c9d54094490d459c856dc3ed9eddc250e5f4631037f1
b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0
b9b3ddaacf3434213c39c2c424828a1d047b65a5dd09bf824095c8630501aa82
bc5c2e3cd528daf1f1651b4853877fb3eaa7e244620d89b4c9c9a0fa4ce53046
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c2d74a262fd28b1102556d9163c3dbe617fceb57e75ee9254412c74910128b43
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634
c710ccfd585bd35f98106d667eb2f424ad41d74002068e9adb28029a3b23af84
cae9edcfb437e24e01ecf0423d50cbf88025e19df5ea7f79a6f800c58fe9d31d
cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8
cdce76552ad1f66edd20e25ce326185f635772d6f88d1a84ff4bc036bd1cd525
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d140678ef34a4759361f150d8d8e8f79f3aad7ca5e27168f8cc6ec84c6f02ea4
d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c
d45dd84477be5b89fb8da95273325a01810fb7c41515c05789c7db2666312612
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b
dd652691db14dae5724c542669dcb78ea1a1dea90318e4200034e35ac9ef24b4
de7defd63fadb32e56f1c2ac0d85b6fe527a5d6e739cb085eed1d3df2cc19710
dee1a8e51cbffe5d5f05ed33833e3e76bf777490010f59def33c8526587ef016
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e501993864daeb57d86a50de3302d801ba7eac77e4d3c2833de2b9e6211574f5
eeee06dff51b711e5ba293b08bc85a3d1b57d80be4e7cc05d5989467cbbe4300
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f747fda0651d0cd70ff49113de0d7792e48be3f8da83c63c1919ed02305527ab
f77aca46b5bd076dfa8d00ce2d1efb64be1a9f9cf19e711d97b26e6471c257c4
f83825b0e9eab327cbdfe081e61e14825792653b4ed064b223be3e8435235541
fda3056632194238e89c073c85b03aa3727b3a9755f15f6d6b5cfcedbb54c342

iir.ai Open in urlscan Pro 2606:4700:3033::681c:1f0a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

99 %HTTPS

37 %IPv6

48 Domains

70 Subdomains

63 IPs

9 Countries

3130 kBTransfer

8880 kBSize

14 Cookies

10 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

iir.ai Open in urlscan Pro
2606:4700:3033::681c:1f0a Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

99 %
HTTPS

37 %
IPv6

48
Domains

70
Subdomains

63
IPs

9
Countries

3130 kB
Transfer

8880 kB
Size

14
Cookies

226 HTTP transactions
8 data transactions