urlscan.io logo urlscan.io
SecurityTrails logo

tii.ai Open in urlscan Pro
2606:4700:3036::681b:b9c0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://eyes-health.win/jxyaQ
Effective URL: https://tii.ai/jxyaQ
Submission: On April 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 8 countries across 47 domains to perform 163 HTTP transactions. The main IP is 2606:4700:3036::681b:b9c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is tii.ai.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 19th 2020. Valid for: 8 months.
This is the only time tii.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.68.161.19 16276 (OVH)
1 2600:9000:20e... 16509 (AMAZON-02)
1 13.224.186.22 16509 (AMAZON-02)
15 151.139.241.23 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
25 104.16.108.45 13335 (CLOUDFLAR...)
1 13.225.87.65 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 104.16.107.77 13335 (CLOUDFLAR...)
1 104.16.108.143 13335 (CLOUDFLAR...)
1 52.216.133.5 16509 (AMAZON-02)
1 145.239.193.145 16276 (OVH)
1 74.214.194.131 59940 (PULSEPOIN...)
1 13.225.87.41 16509 (AMAZON-02)
1 4 185.86.137.17 201081 (SMARTADSE...)
1 68.232.35.16 15133 (EDGECAST)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
2 145.239.193.51 16276 (OVH)
3 51.89.9.253 16276 (OVH)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 91.228.74.209 27281 (QUANTCAST)
1 13.225.78.109 16509 (AMAZON-02)
2 23.213.165.44 16625 (AKAMAI-AS)
6 8 185.33.221.53 29990 (ASN-APPNEX)
16 104.16.107.104 13335 (CLOUDFLAR...)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
8 18 52.58.206.142 16509 (AMAZON-02)
5 54.194.146.225 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.38.64.100 16276 (OVH)
1 1 104.16.91.60 13335 (CLOUDFLAR...)
2 2 185.64.190.80 62713 (AS-PUBMATIC)
3 3 172.217.16.162 15169 (GOOGLE)
1 18.185.173.123 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
6 151.101.114.2 54113 (FASTLY)
2 6 2.16.31.65 16625 (AKAMAI-AS)
1 52.51.146.233 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.13.44 54113 (FASTLY)
1 54.246.118.35 16509 (AMAZON-02)
1 18.195.171.24 16509 (AMAZON-02)
1 1 37.157.4.29 198622 (ADFORM)
1 3 52.59.1.143 16509 (AMAZON-02)
3 3 52.59.13.16 16509 (AMAZON-02)
2 2 35.210.215.44 19527 (GOOGLE-2)
2 2600:1f18:40f... 14618 (AMAZON-AES)
163 49
1    2606:4700:3037::681f:5b92 (United States)

ASN13335 (CLOUDFLARENET, US)
eyes-health.win
9    2606:4700:3036::681b:b9c0 (United States)

ASN13335 (CLOUDFLARENET, US)
tii.ai
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:2156:9a00:1a:a6:7f00:21 (United States)

ASN16509 (AMAZON-02, US)
dc5k8fg5ioc8s.cloudfront.net
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:20::6819:842c (United States)

ASN13335 (CLOUDFLARENET, US)
shrinkearn.com
1    51.68.161.19 (France)

ASN16276 (OVH, FR)
PTR: ip19.ip-51-68-161.eu
tarawerap.com
1    2600:9000:20eb:0:15:b448:1e80:21 (United States)

ASN16509 (AMAZON-02, US)
d1ks8roequxbwa.cloudfront.net
1    13.224.186.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-22.fra2.r.cloudfront.net
d3al52d8cojds7.cloudfront.net
15    151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)
ads.themoneytizer.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
25    104.16.108.45 (United States)

ASN13335 (CLOUDFLARENET, US)
demannewcure.site
1    13.225.87.65 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-65.fra2.r.cloudfront.net
boudja.com
4    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
2    2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    104.16.107.77 (United States)

ASN13335 (CLOUDFLARENET, US)
statutorjuihui.site
1    104.16.108.143 (United States)

ASN13335 (CLOUDFLARENET, US)
aphycolourses.info
1    52.216.133.5 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    145.239.193.145 (France)

ASN16276 (OVH, FR)
g.themoneytizer.net
1    74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)
tag.contextweb.com
1    13.225.87.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-41.fra2.r.cloudfront.net
p.cpx.to
4    185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)
ww1097.smartadserver.com
1    68.232.35.16 (United States)

ASN15133 (EDGECAST, US)
ced-ns.sascdn.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    145.239.193.51 (France)

ASN16276 (OVH, FR)
tag.leadplace.fr
3    51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
1    91.228.74.209 (United Kingdom)

ASN27281 (QUANTCAST, US)
secure.quantserve.com
1    13.225.78.109 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-109.fra2.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    23.213.165.44 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-44.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
8    185.33.221.53 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
16    104.16.107.104 (United States)

ASN13335 (CLOUDFLARENET, US)
responsidejo.club
2    2606:4700:e4::ac40:ac0f (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
18    52.58.206.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
ice.360yield.com
5    54.194.146.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
s.cpx.to
1    2600:9000:21f3:fe00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    104.16.91.60 (United States)

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
2    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
cm.g.doubleclick.net
1    18.185.173.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
pool.grid-data.bidswitch.net
1    2600:9000:2156:4400:18:ff2f:6640:21 (United States)

ASN16509 (AMAZON-02, US)
d261u4g5nqprix.cloudfront.net
6    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
6    2.16.31.65 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-31-65.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    52.51.146.233 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-146-233.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
1    54.246.118.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
1    18.195.171.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
match.360yield.com
1    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
3    52.59.1.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-1-143.eu-central-1.compute.amazonaws.com
ad.360yield.com
3    52.59.13.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-13-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.210.215.44 (Mountain View, United States)

ASN19527 (GOOGLE-2, US)
PTR: 44.215.210.35.bc.googleusercontent.com
ads.programattik.com
2    2600:1f18:40f7:9700:a108:e95a:4ac8:642e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cicero-mit.com
Apex Domain
Subdomains		 Transfer
25 demannewcure.site
demannewcure.site
13 KB
22 360yield.com
ice.360yield.com
match.360yield.com
ad.360yield.com
22 KB
16 responsidejo.club
responsidejo.club
10 KB
15 themoneytizer.com
ads.themoneytizer.com
203 KB
12 taboola.com
cdn.taboola.com
trc.taboola.com
619 KB
9 tii.ai
tii.ai
283 KB
8 adnxs.com
secure.adnxs.com
ib.adnxs.com
7 KB
7 statutorjuihui.site
statutorjuihui.site
6 KB
6 scorecardresearch.com
sb.scorecardresearch.com
4 KB
6 cpx.to
p.cpx.to
s.cpx.to
7 KB
6 cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
d1ks8roequxbwa.cloudfront.net
d3al52d8cojds7.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d261u4g5nqprix.cloudfront.net
337 KB
4 bidswitch.net
pool.grid-data.bidswitch.net
x.bidswitch.net
2 KB
4 smartadserver.com
ww1097.smartadserver.com
5 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
133 KB
3 doubleclick.net
cm.g.doubleclick.net
480 B
3 tmyzer.com
c.tmyzer.com
600 B
3 onetag-sys.com
onetag-sys.com
904 B
2 cicero-mit.com
cicero-mit.com Failed
15 KB
2 programattik.com
ads.programattik.com
1 KB
2 pubmatic.com
image2.pubmatic.com
1 KB
2 google.com
www.google.com
2 4dex.io
script.4dex.io
19 KB
2 leadplace.fr
tag.leadplace.fr
3 KB
2 google-analytics.com
www.google-analytics.com
18 KB
2 shrinkearn.com
shrinkearn.com
181 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
30 KB
1 adform.net
track.adform.net
358 B
1 adleadevent.com
adtrack.adleadevent.com
517 B
1 casalemedia.com
as-sec.casalemedia.com
330 B
1 adsrvr.org
match.adsrvr.org
643 B
1 truoptik.com
dmp.truoptik.com
692 B
1 quantcount.com
rules.quantcount.com
967 B
1 indexww.com
js-sec.indexww.com
12 KB
1 quantserve.com
secure.quantserve.com
6 KB
1 zeotap.com
spl.zeotap.com
1 criteo.com
gum.criteo.com
371 B
1 sascdn.com
ced-ns.sascdn.com
9 KB
1 contextweb.com
tag.contextweb.com
11 KB
1 themoneytizer.net
g.themoneytizer.net
200 B
1 amazonaws.com
s3.amazonaws.com
18 KB
1 aphycolourses.info
aphycolourses.info
23 KB
1 boudja.com
boudja.com
366 B
1 recaptcha.net
www.recaptcha.net
881 B
1 tarawerap.com
tarawerap.com
1011 B
1 googletagmanager.com
www.googletagmanager.com
29 KB
1 eyes-health.win
eyes-health.win
458 B
0 exelator.com Failed
loadus.exelator.com Failed
163 47
Domain Requested by
25 demannewcure.site tii.ai
dc5k8fg5ioc8s.cloudfront.net
d3al52d8cojds7.cloudfront.net
d1ks8roequxbwa.cloudfront.net
18 ice.360yield.com 8 redirects tii.ai
16 responsidejo.club tii.ai
d3al52d8cojds7.cloudfront.net
15 ads.themoneytizer.com tii.ai
ads.themoneytizer.com
9 tii.ai tii.ai
7 statutorjuihui.site d1ks8roequxbwa.cloudfront.net
d3al52d8cojds7.cloudfront.net
ads.themoneytizer.com
6 trc.taboola.com cdn.taboola.com
tii.ai
6 sb.scorecardresearch.com 2 redirects cdn.taboola.com
tii.ai
6 cdn.taboola.com tii.ai
cdn.taboola.com
5 s.cpx.to ads.themoneytizer.com
tii.ai
5 secure.adnxs.com 5 redirects
4 ww1097.smartadserver.com 1 redirects ads.themoneytizer.com
3 x.bidswitch.net 3 redirects
3 ad.360yield.com 1 redirects tii.ai
3 cm.g.doubleclick.net 3 redirects
3 c.tmyzer.com ads.themoneytizer.com
3 ib.adnxs.com 1 redirects ads.themoneytizer.com
3 onetag-sys.com ads.themoneytizer.com
3 fonts.gstatic.com tii.ai
2 cicero-mit.com tii.ai
d1ks8roequxbwa.cloudfront.net
2 ads.programattik.com 2 redirects
2 image2.pubmatic.com 2 redirects
2 www.google.com ads.themoneytizer.com
2 script.4dex.io ads.themoneytizer.com
script.4dex.io
2 tag.leadplace.fr ads.themoneytizer.com
2 www.google-analytics.com www.googletagmanager.com
tii.ai
2 shrinkearn.com tii.ai
2 dc5k8fg5ioc8s.cloudfront.net tii.ai
dc5k8fg5ioc8s.cloudfront.net
1 track.adform.net 1 redirects
1 match.360yield.com tii.ai
1 adtrack.adleadevent.com ajax.googleapis.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 ajax.googleapis.com ads.themoneytizer.com
1 match.adsrvr.org js-sec.indexww.com
1 d261u4g5nqprix.cloudfront.net ads.themoneytizer.com
1 pool.grid-data.bidswitch.net tii.ai
1 dmp.truoptik.com 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 www.gstatic.com www.recaptcha.net
1 js-sec.indexww.com ads.themoneytizer.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 secure.quantserve.com ads.themoneytizer.com
1 spl.zeotap.com ads.themoneytizer.com
1 gum.criteo.com ads.themoneytizer.com
1 ced-ns.sascdn.com tii.ai
1 p.cpx.to ads.themoneytizer.com
1 tag.contextweb.com ads.themoneytizer.com
1 g.themoneytizer.net ads.themoneytizer.com
1 s3.amazonaws.com tii.ai
1 aphycolourses.info tii.ai
1 boudja.com tii.ai
1 www.recaptcha.net tii.ai
1 d3al52d8cojds7.cloudfront.net tii.ai
1 d1ks8roequxbwa.cloudfront.net tii.ai
1 tarawerap.com tii.ai
1 www.googletagmanager.com tii.ai
1 fonts.googleapis.com tii.ai
1 eyes-health.win 1 redirects
0 loadus.exelator.com Failed tii.ai
163 59

This site contains links to these domains. Also see Links.

Domain
shrinkearn.com
mob1ledev1ces.com
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-19 -
2020-10-09		 8 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
tarawerap.com
Let's Encrypt Authority X3		 2020-03-03 -
2020-06-01		 3 months crt.sh
*.themoneytizer.com
Sectigo RSA Domain Validation Secure Server CA		 2019-02-15 -
2021-02-14		 2 years crt.sh
misc.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
demannewcure.site
CloudFlare Inc ECC CA-2		 2020-04-08 -
2020-10-09		 6 months crt.sh
boudja.com
Amazon		 2019-10-02 -
2020-11-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
statutorjuihui.site
CloudFlare Inc ECC CA-2		 2020-04-06 -
2020-10-09		 6 months crt.sh
aphycolourses.info
CloudFlare Inc ECC CA-2		 2020-03-30 -
2020-10-09		 6 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
g.themoneytizer.net
GoGetSSL RSA DV CA		 2019-10-16 -
2022-01-17		 2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-12		 3 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-03-30 -
2020-06-28		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2018-09-06 -
2020-09-12		 2 years crt.sh
onetag-sys.com
Let's Encrypt Authority X3		 2020-03-02 -
2020-05-31		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2019-10-04 -
2020-10-07		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
responsidejo.club
CloudFlare Inc ECC CA-2		 2020-04-08 -
2020-10-09		 6 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.360yield.com
Amazon		 2019-09-24 -
2020-10-24		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2020-01-27 -
2021-02-08		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-04-01 -
2020-06-24		 3 months crt.sh
c.tmyzer.com
Let's Encrypt Authority X3		 2020-04-11 -
2020-07-10		 3 months crt.sh
*.smartadserver.com
DigiCert Global CA G2		 2020-02-03 -
2022-02-03		 2 years crt.sh
pool.grid-data.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-03-06 -
2022-03-06		 2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-16 -
2020-07-25		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2019-12-16 -
2020-12-25		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.taboola.com
DigiCert SHA2 Secure Server CA		 2020-02-19 -
2020-09-10		 7 months crt.sh
adtrack.adleadevent.com
Amazon		 2019-06-30 -
2020-07-30		 a year crt.sh
cicero-mit.com
Amazon		 2019-11-26 -
2020-12-26		 a year crt.sh

This page contains 17 frames:

Primary Page: https://tii.ai/jxyaQ
Frame ID: D3E128FF95F8681DA1D5511A7578016E
Requests: 134 HTTP requests in this frame

Frame: https://statutorjuihui.site/SllDSXYrOyAkSStkIW8DODV+bEQMfHEPEnsyMHEEJTwyPA4oLiJnFSY2Ni0QODYtPVgkPDdsRAwvJxw8Ow1zPiEGCBI5FT0cMQ0YAGkRJzQTPS0lIgEbKC4/LQ9mezAJChY7Jgg+MwIPLTINCiw6FgJxGxxqcjgxGRQGAj4MDQk+Jzk6FhsdCSAwPCUCAw4GDD04CB8VfBArDBgOGhogMwkDDgYfexAPPiN7ExEiAwlrM2xECBRwLTMsay8BFSEQKgUkEysBDQUgGyo5JiwYdhgVDDYuABEPNwEkBm9rARslchUPDhoCOiQcTisMJzAzJylmezQYAQ0oMwJoAQEgZ2AuKCMuIAAzTnIeECoSATB3LD0ybDIvHARqFBEeIwstGyYsATstPRsQdAAkJjcUCA46C3AAMQAwIBgsezFmezABIQIhNxkbLxw+CDgPCicCFRIqBysMIAwuEi0qGyEyAyYBQwc7BT1DLg8BPiEgLjcMDwcACSQaAhsFcE4vaDcxLg0ydho3bDMwJhg6ZCAjEQMDAC0SGy8P
Frame ID: C7F736F4AA052B13898FA58CFFE5166B
Requests: 1 HTTP requests in this frame

Frame: https://statutorjuihui.site/M2hOOTZSCi1UCVJVLB9DQQRzHAR1TXx/UgAJIgwEV1AtVlxXG3kXVV8HO11QQQcgTRhdDTocBHUCLWFsBTsifGV0Oh9KVFQ9KHFYVwUcfANwDRlVbnspJVVmRC4CeHJLBA1qd1kvN3R6eRF6f3diDzthcgcaCGxCegoKCWd0Kn8KUks5F35uVw8YQVVWIwlBcGYpeg9mWxgCfE9YBwlRUVUnDV5QcQQ5HAR1JQtOVHU8Dw1+YQcsWwR+Wx8IZAUMC3dxZgEtTnNbUBtpXAcrBlUPBi1/a3NgAQMcBHUqHHRhUVoAe3FLGz5dc30vCG1aAzl+YHVRWgB7ZANFIW9vdj0+bQR9WB8Jb1EnJ3xSdh9+T3tLByh9WwoCAAl4eQ4WAHViLncNb2UDKnxcB1AGb3h6KxZrcmEAF1N5Wzoaan5cWgh7Y2EiFlFjYS0hSXliJRR/TwpYH0N0fQ4gAHRkLSIAbwMAF2oFSwcYfGR4Jxp4bnUfKVNSdiU5bQVfBRYJYH4KDWt7Z1h7DWwDOR1+bn5YH2xgfyMJe3NnA3dDbFgqC2hPC1kfCXB4Iwl4YGItJR9cQAcgSQtJHnpBYGo5PENnZyceQG4
Frame ID: A2864E5FAFDC2B7AF17152D4F0228981
Requests: 1 HTTP requests in this frame

Frame: https://statutorjuihui.site/QUZPUlggJCw/ZyB7LXQtMypyd2oHY30UPHInI2dqJX4sPTIlNXh8Oy0pOjY+MykhJnYvIzt3agcWFgoCEBEkYhsGEntqOykTKRwfJXcaFxoxJAdjEAkFAmMROQADFBk1cw04My8KNhsZDxQVahcTNRwwDyk0CwA7ZHQNAgADDgoobHQlCRAJDBJ7JAAEDH0eMnEJBwVoOwonNTwRLHd3agcBDTU/JwIoEws7dn4cLyYnHxYsLhM1EDQlDn4XCgYENhsZABAABgl0AigHbCd1ezgNcww+GBl5BQEGAi4TfwthDj96FwoGB34CMxMDFhESLhN/CDAgLgUDCSZrdiQCBBQKCxwyfwoAN3AKHDUcCRIkJzkHCzgIDy1wG2IOLCB8awoZLDwrFxAxLjYPJgkdFwomCCYDEwR1GT0+EB8bHyIELxwUFignJmYSAwJ3YRMEFAoUNXBzG2ICZHQNMwAxEhthbTMjfjoMGCsgd2oDBw0TIAoFHRcKAxw5NDQbHxZgIDMACiYoIyh2Cgk7F3o2GRMBFmArNxMKHDcjdR0FCnMMJRkZFwMVYDc3Ew0YNSAXaTgrLig/bxwQcigdLzQpLhEe
Frame ID: DD8E1C53554ED8868B11EC221E624965
Requests: 1 HTTP requests in this frame

Frame: https://statutorjuihui.site/VnB1TnU3EhYjSjdNF2gAJBxIa0cQVUcIEWURGXtHMkgWIR8yA0JgFjofACoTJB8bOls4FQFrRxA/OyMRDCMYPiMVNBY9IwM5Oh4tMhQ0f0w+FSMDJBIjGiI3EyoUAgJuGxcMPyQyEiY2AyRFCiETOREeLTIpMA8GYjo0fjkHJAIlNgcEIigMJT8jCAUiEjd3LQEaJCIwEEg5ACYiIDcNMyUqMyEhACcZJzdnEzADNgcVIhwkLhJEIkUHHQF4NGcXIR42DCA3CBZmOwIlIQAnHiIyBD4jLyEcIDcIETkVHxs9Awcva0cQIQ0AIzcjBi8nMQNNHiRvJTEKWBdVRwwhISEdLD06FDIIJyASRCkyAgo8Jz06AzkoPTEAMH8jJjoSABEXHg16Ijo1NgEcEzY9fj8kFRIiEBAkLCAxLj4jBkZnFTIIEWUVI34wDh4ReS0XSTYvRjkqIzkwYj80AyEAIkxrRxAnJAg/Nx4NAyRnABIoGTExICRFJiVEAC03HgYHN2c6HShEGzIjIwEsNEQEIzQeGgc3IT4DKyRwGgYhGyZNAws7DAVHAhciRhEH
Frame ID: B166423463055CC2F4D6CB81FE5C9C08
Requests: 1 HTTP requests in this frame

Frame: https://statutorjuihui.site/S2hjcVgqCgAcZypVAVctOQReVGoNTVE3PHgJD0RqL1AAHjIvG1RfOycHFhU+OQcNBXYlDRdUag0dLhoNez02SAoABAxCOw4xECQfM1whKQEIMTsoDQdYAFRqCSE2O2wuABBJDzwAOzk/PxIgIBEhKxQrMhorEAMceAswIQt+CyoWNHgjDwY1CD8hAQ0yLjQTEDg9LiQJblohOxlzGzUIPyAwIDMfACslMgF7LRQSNHMZNxs/ITAKIAoSHwg5OTw6UxcJARw0JRk4PxoFGRsCGxABCgs3ED8JWTslYHw+GhoKEltaFxINDFMXCQIZMUIKcikJQQoSW1s1PBxFFxY9eVkUOQAZUSIYCg4hMD8ABgQmCxINGxs0DwYiIUIBDw5QBh0SKTkZAnoDFyAcPAIlQjx4DCtBGwA+U0cTIwxQMxwSGTYibSkNJB4ZLz4ARAgdWAwkABlRBzkRCg5QSTsvDy0bPCMQUzA1IxkiOQ4DJSAdDAVZUkE+EzoUM2oRACIpFRgiKzgUKDk5Hz0nMQ41DBlNUTcZEzo0KBAkIwAwaSYOBDNgHjw1SBoTPjQoGzgtBxZ+IRsMHyh2JikCMQYLLDUZB14RNWw
Frame ID: C64BFDA9978F1BA019BA369F0B63F79F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1587422946616
Frame ID: 62E461BEBEAB0E19ADF3F7A2083EDAD6
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 3736B1B79049F35BDD3DFB563C5CF8E9
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 6BB0724A8C5BEC9A9EC98DFD2FC23160
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=lras8y5ih12u
Frame ID: 38B57F01F8828C3AE07EE8A543CF98D9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=uezch8wphs
Frame ID: 9D343CBCA514FE37818E75E72C536787
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 6F966B85C0CE8D1598F5AE2E9EB554C8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 7E84BACE696FFEB0949DC129E5CBCC27
Requests: 7 HTTP requests in this frame

Frame: https://statutorjuihui.site/alQ4TGILNlshXQtpWmoXGDgFaVAscQoKBlhiCTlWDWFWPRIYPUBiAQY7TSgEGDtWOEwEMUxpUCwzaRorEjFSDQs6AgAvJhABDxo3CRxcCw0gB2kgDCURcRo6ABJOLwoCE3Q0IFsRCAUvLwF5DThYN1UfGl4aW38wDhMJeA8ILFsqOgMeTg0kEgZyGCMnAFAVUicjTxQ6ECcPFDAwBmILIFkAQHkaDiN2ByUpI0IZCiQxdhhTKRFQGhsvFmoFIykzAB4wUzdiCyMoEgkJCw4jdgc6EB4LDVIaHWILIygHTw0HMyNtICA9PAsNUhoGdR8oDhwILwknEhUjNjgTaisGWmx8KAwdF2wONBANUCcwPRBtaVAsDG50ISs6WwgxBiNXAzQ4MnkiJ1sCeiAAJjpLGTErFVEDCScCYB8wWRVCOyoODE8ONCsaChUjAgF5FAYYEn0rIyc+dhQlWh1XKBUnbHoUKAYcCCclMC1bATMdBkIWIzsxbX8FWRVtJyAjZnUJMw0CDBYzKB17HzNYFQh8IyNmdho2KxkeJhEFOkhxIQgiVg4mAyZ1DxMQAw
Frame ID: 0BBBD62D59839153FD1DEE859DC78C77
Requests: 1 HTTP requests in this frame

Frame: https://cicero-mit.com/imp/24528fe6-8359-11ea-8ed4-1278be4eed15/1/_a62zxzkFShpqJqvZ-0U8DfcQewCZz3-j1Aot1wh6KDkTeDesqWT9BK1D4tqt95Wchb_ekyDXHL9ioa9o9YcE9cvSw0nxw2u-I61zKQ33FNLvsozaqICNB_FpRGLk0gpa5z75968GVsG7hZo2TLU4H95s7fQy1j9vSJCjm2VAW710KwbT-OVqHO6w6vlsAOb4IE4ITddAo1uvOYFE9486O2CNmprgNLquSv1sM_6K1Lcz6wAhWC5xaoOsfe4CJAHJhV8zNu-WEZ_igCHE8sImH9BRqIPu-NSd9Wfy0NewSnGC8Drjj30CvjhIuMK4Tn2BAv50IBmlcAgqVitDQ8x_K8s1-A0CjraB2slzlNR4J0n_6TkW-hOUIOKKzxffW7tPb6MsuCmrSpu1kOWMe8-ZChpzsLYlN2r8IL3-uM1XfxLz9OuTJbq6O8mtIO8O5Tqi2hXSyDprSfK2bnreG4EwmKUq0qTLSxY5Avr3hX-_70eTzg8pgctjTnPTXNJPd_CmwzcFtLN5qQWuOfk_Ip83V6nNm5YlBUn8YDXzfK_YUkFicg8ECKi925BelT3hGF9DBR9VMlLqAP3aba-KdGFo-BF852Obo90WhooF-y-kHht2inmJEFS4zF2WpHPI_vjSbdG-61NwpnGw8oCWk69ZwLMot6ad2qi80LD0Y3aJMw9vA3uoH_kgx-aJuaJhAp4DcSWBj8QvdQHlJ7ZdNK4uUUclglUXvK-H8OSVRGkuf4yUlfrH4Kt8OXZ_H9RUwt2kAjWz48=.OuVGDDIPjQ0GEmJc8EMefQ==
Frame ID: 9FBA3425EE2D6A05833B0A731C0CBA66
Requests: 3 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 98D4893589EAC0BCB30E83E0B57AD5BB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 5991D3C5BE2F9C06677164DD6A20C53D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://eyes-health.win/jxyaQ HTTP 301
    https://tii.ai/jxyaQ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

163
Requests

98 %
HTTPS

33 %
IPv6

47
Domains

59
Subdomains

49
IPs

8
Countries

2018 kB
Transfer

5514 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://eyes-health.win/jxyaQ HTTP 301
    https://tii.ai/jxyaQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
  • https://ced-ns.sascdn.com/diff/js/smart.js
Request Chain 57
  • https://secure.adnxs.com/getuid?https://responsidejo.club/s?a=$UID&b=976570990352 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fresponsidejo.club%2Fs%3Fa%3D%24UID%26b%3D976570990352 HTTP 302
  • https://responsidejo.club/s?a=3096597288063897508&b=976570990352
Request Chain 58
  • https://secure.adnxs.com/getuid?https://responsidejo.club/s?a=$UID&b=678910607095 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fresponsidejo.club%2Fs%3Fa%3D%24UID%26b%3D678910607095 HTTP 302
  • https://responsidejo.club/s?a=3096597288063897508&b=678910607095
Request Chain 59
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/2/8/2.gif?puid=3096597288063897508&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOVdPMJ-sKidZjLynIt2pRfkT-5IcyGIGvhi3SRg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/3/7/3.gif?puid=5c475e9e-26e2-4400-9087-3e1c6d1fb03e&gdpr=1&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/10/6/4.gif?puid=3811960601315767241&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/19/5/5.gif?puid=bb76ccd956fe6a20e3ce9078bf7a1b40&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/101/4/6.gif?puid=e4c44e4d-3bfa-4917-9dea-df1675e6742f&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/12/108/3/7.gif?puid=25b35861-8359-11ea-8167-568b0724cb2e&gdpr=1&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=1&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/12/123/2/8.gif?puid={UUID}&gdpr=1&gdpr_consent= HTTP 302
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F1%2F9.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
Request Chain 71
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225073af5fcd7616%22%2C%22pid%22%3A%2222241464%22%2C%22tid%22%3A%22d414142c-dd93-433f-8501-de8d2e419055%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225073af5fcd7616%22%2C%22pid%22%3A%2222241464%22%2C%22tid%22%3A%22d414142c-dd93-433f-8501-de8d2e419055%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 72
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22266c07df6aee754%22%2C%22pid%22%3A%2222241454%22%2C%22tid%22%3A%223fff7896-c322-42ff-99aa-63f94c204e36%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22266c07df6aee754%22%2C%22pid%22%3A%2222241454%22%2C%22tid%22%3A%223fff7896-c322-42ff-99aa-63f94c204e36%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 73
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22276bf16a0198ea2%22%2C%22pid%22%3A%2222241467%22%2C%22tid%22%3A%22d5b6e893-47ba-41df-8d2d-b47026976c90%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22276bf16a0198ea2%22%2C%22pid%22%3A%2222241467%22%2C%22tid%22%3A%22d5b6e893-47ba-41df-8d2d-b47026976c90%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 74
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228626c36cb35008%22%2C%22pid%22%3A%2222241466%22%2C%22tid%22%3A%2264b1891a-8700-4f38-83a2-35fa1d7ac6b8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228626c36cb35008%22%2C%22pid%22%3A%2222241466%22%2C%22tid%22%3A%2264b1891a-8700-4f38-83a2-35fa1d7ac6b8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 75
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222951dbecb08d695%22%2C%22pid%22%3A%2222249871%22%2C%22tid%22%3A%22306e19b3-b3a0-4889-b071-f5ef8937d15e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222951dbecb08d695%22%2C%22pid%22%3A%2222249871%22%2C%22tid%22%3A%22306e19b3-b3a0-4889-b071-f5ef8937d15e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 76
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230d1b827c41fc8e%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%221c3405f6-af3e-4665-9d25-50a0b68e375f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230d1b827c41fc8e%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%221c3405f6-af3e-4665-9d25-50a0b68e375f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 77
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22310d8f431bd990d%22%2C%22pid%22%3A%2222249868%22%2C%22tid%22%3A%2207c5e22c-cbe2-4c78-9661-52e743f10df6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22310d8f431bd990d%22%2C%22pid%22%3A%2222249868%22%2C%22tid%22%3A%2207c5e22c-cbe2-4c78-9661-52e743f10df6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 98
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&fck=265dd18e2d29285f&cbp=dsp_uid HTTP 302
  • https://s.cpx.to/sync?dsp_uid=b7836109db3c67390e5dfffb7d723849&fck=265dd18e2d29285f
Request Chain 99
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee HTTP 302
  • https://s.cpx.to/an_fire?app_nexus_uid=3096597288063897508&pid=11528&ref=&hn_ver=10&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Request Chain 100
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=466F7B99-DA66-4947-BB50-71439CEBE635&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee HTTP 302
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&google_gid=CAESEGVhqAe1qIAuF6eVkEf34Uk&google_cver=1
Request Chain 120
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XrTtY8AxQI25fNbvX5jmfA&google_cm&publisher_dsp_id=340 HTTP 302
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA0tQ51D0UCdWwUMLq-fMsg&google_cver=1
Request Chain 128
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588632550&external_user_id=3811960601315767241
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEPH8nARZu1AhMotjDNLEKQw&google_cver=1
Request Chain 130
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&publisher_redirecturl=https://ice.360yield.com/match HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=improve HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=f8dbdaa2-2f0e-480f-b616-975098f2fe17&ssp=improve HTTP 302
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb
Request Chain 131
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA HTTP 302
  • https://ice.360yield.com/match?external_user_id=3096597288063897508&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
Request Chain 145
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224985dc1ff23bffc%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%224f69bde8-4ad5-4091-be65-c3287c7bdbac%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D HTTP 302
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224985dc1ff23bffc%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%224f69bde8-4ad5-4091-be65-c3287c7bdbac%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Request Chain 155
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=

163 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jxyaQ
tii.ai/
Redirect Chain
  • https://eyes-health.win/jxyaQ
  • https://tii.ai/jxyaQ
31 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2437a5686f12e3bd1feb65cee62fe50537b628ba3ff8f28f310a5a63f93c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tii.ai
:scheme
https
:path
/jxyaQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7bb5cdf547aba7cec3f5f293d8335beb1587422944; expires=Wed, 20-May-20 22:49:04 GMT; path=/; domain=.tii.ai; HttpOnly; SameSite=Lax; Secure AppSession=a790fda7cbb2d4c94eb17b56571748d4; path=/; HttpOnly; secure csrfToken=f0c7093dc5d6701a67720a8b5b05d0f491a94878b9aac9b2d2d6f41b93f7cd37a823b30315a4f5a352a7fbb6a006c43cd37e2bc3a2c55c547a03e1128e55aa4f; path=/; HttpOnly; secure
cache-control
no-store, no-cache, must-revalidate
cf-railgun
direct (starting new WAN connection)
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN,SAMEORIGIN
x-robots-tag
noindex, nofollow
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58726a9b8d82cba0-VIE
content-encoding
br
cf-request-id
023b60f5300000cba07892e200000001

Redirect headers

status
301
date
Mon, 20 Apr 2020 22:49:04 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4b9d36d8144d4f5e18ff892e0df9caf41587422944; expires=Wed, 20-May-20 22:49:04 GMT; path=/; domain=.eyes-health.win; HttpOnly; SameSite=Lax; Secure
location
https://tii.ai/jxyaQ
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
vary
User-Agent
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58726a998c3dfca5-VIE
cf-request-id
023b60f3f50000fca5ad22c200000001
css
fonts.googleapis.com/ 		3 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 22:49:05 GMT
server
ESF
date
Mon, 20 Apr 2020 22:49:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 Apr 2020 22:49:05 GMT
styles.min.css
tii.ai/cloud_theme/build/css/ 		189 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
40139
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f71f0000cba078956200000001
cf-ray
58726a9e9c0fcba0-VIE
expires
Wed, 20 May 2020 11:40:05 GMT
/
dc5k8fg5ioc8s.cloudfront.net/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9a00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ac4fbaaa88516046246b0df98894703024d0eb8e5d68144f5e0a798e57c39a8e

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
19376
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-id
r2gcwVYihzSIk5Eo78Y2UE4Lk_riJBwt4ily2y7W9QSLCBxezYQhKw==
js
www.googletagmanager.com/gtag/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-113561579-1
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
276cf3789c9b6310307f4afdd0a93e07d083d225609e96c9a1568177622446fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30047
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 20 Apr 2020 22:49:05 GMT
hmpglogo228x70.png
shrinkearn.com/webroot/modern_theme/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkearn.com/webroot/modern_theme/img/hmpglogo228x70.png
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:842c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
8933258
cf-polished
origSize=5281
status
200
content-length
4186
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 03:42:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
expires
Thu, 07 Jan 2021 13:21:26 GMT
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f8fc0000cbcc2c1da200000001
accept-ranges
bytes
cf-ray
58726aa19d9bcbcc-VIE
cf-bgj
imgq:100
14504
tarawerap.com/tK8FYKzosZxQjFG/ 		0
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tarawerap.com/tK8FYKzosZxQjFG/14504
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
51.68.161.19 , France, ASN16276 (OVH, FR),
Reverse DNS
ip19.ip-51-68-161.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:05 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=20
/
d1ks8roequxbwa.cloudfront.net/ 		165 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:0:15:b448:1e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
55e2e42dfa571430ee5dca7f2f1214054f8fa4636e9b47923b434436faeb2bdf

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
72491
via
1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-id
Pxus1lx_7-JrXwIJUAoZhz609dHXCyncdAVPlkeML15kDkoVlbV8jw==
sw_2735395.js
tii.ai/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tii.ai/sw_2735395.js
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1430353
status
200
x-xss-protection
1; mode=block
last-modified
Wed, 08 Jan 2020 13:18:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f89f0000cba078971200000001
cf-ray
58726aa0f8afcba0-VIE
expires
Mon, 04 May 2020 09:29:50 GMT
/
d3al52d8cojds7.cloudfront.net/ 		305 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3al52d8cojds7.cloudfront.net/?tid=758838
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.186.22 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-22.fra2.r.cloudfront.net
Software
/
Resource Hash
5fd6919dffd6772afab8d6c851e3f074d4abded4fb4982a9adb7fb696095b89e

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
112352
Via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
X-Amz-Cf-Id
et7FJ0tbdA0uKibCDsIkdtZkYWGB-ZnZ0JasHz0EHOHJ-jLVEnW6aA==
dwndbnr1.png
tii.ai/webroot/modern_theme/img/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tii.ai/webroot/modern_theme/img/dwndbnr1.png
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
3949377
status
200
content-length
47787
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 03:47:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f89f0000cba078974200000001
accept-ranges
bytes
cf-ray
58726aa0f8b3cba0-VIE
expires
Sat, 06 Mar 2021 05:46:07 GMT
dwndbnr2.png
tii.ai/webroot/modern_theme/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tii.ai/webroot/modern_theme/img/dwndbnr2.png
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afc64d8345a0c5e5fe8f866056f6e594bae4a885ef8bc44a37de95dd9eaae157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
5225342
status
200
content-length
17527
x-xss-protection
1; mode=block
last-modified
Fri, 15 Nov 2019 03:47:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f89f0000cba078975200000001
accept-ranges
bytes
cf-ray
58726aa0f8b4cba0-VIE
expires
Fri, 19 Feb 2021 11:20:01 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2602
expires
Tue, 21 Apr 2020 22:48:11 GMT
requestform.js
ads.themoneytizer.com/s/ 		59 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
f41abae8bd5c347a394ba19b3c88b8af4aa1b99c5ac9d9147ec146d3a13ca556

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
9788
expires
Tue, 21 Apr 2020 22:49:05 GMT
gen.js
ads.themoneytizer.com/s/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
2602
expires
Tue, 21 Apr 2020 22:48:25 GMT
requestform.js
ads.themoneytizer.com/s/ 		56 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=6
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
56ad7a23c3d2c4fe09f89abe0078ca7bf8e5b782c3d34cce3c2ea1f9c30636ef

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
9231
expires
Tue, 21 Apr 2020 22:49:05 GMT
ads.js
tii.ai/js/ 		191 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tii.ai/js/ads.js?ver=6.4.0
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
932312
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:49 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f89f0000cba078972200000001
cf-ray
58726aa0f8b0cba0-VIE
expires
Sun, 10 May 2020 03:50:30 GMT
script.min.js
tii.ai/cloud_theme/build/js/ 		202 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2497094
status
200
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f89f0000cba078973200000001
cf-ray
58726aa0f8b2cba0-VIE
expires
Wed, 22 Apr 2020 01:10:48 GMT
api.js
www.recaptcha.net/recaptcha/ 		742 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
544d0e630bab5343f428cec629b40401f794916bff19a78ce136d6f10a19b8d9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
470
x-xss-protection
1; mode=block
expires
Mon, 20 Apr 2020 22:49:05 GMT
eFIwV1pXbVMkZy1jaj4PSgBZDhwyOXIAKUkHdxENIhVUBBcuAFpxLhE2DW9qTWoIY3wIO1RqaUt0QyM7DCdDamteO14xNUV0RmpqVmIeZHRLdEQnOx9vAXEqDCZcamtNagdjaEprBGJuSmQ
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/eFIwV1pXbVMkZy1jaj4PSgBZDhwyOXIAKUkHdxENIhVUBBcuAFpxLhE2DW9qTWoIY3wIO1RqaUt0QyM7DCdDamteO14xNUV0RmpqVmIeZHRLdEQnOx9vAXEqDCZcamtNagdjaEprBGJuSmQ
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:05 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa1fc60fa7c-AMS
cf-request-id
023b60f93d0000fa7c502be200000001
popunder.gif
boudja.com/ 		35 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://boudja.com/popunder.gif
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.65 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-65.fra2.r.cloudfront.net
Software
openresty/1.15.8.2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Mon, 20 Apr 2020 22:49:05 GMT
content-encoding
gzip
server
openresty/1.15.8.2
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
image/gif
status
200
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-id
bH5N4mZZUHvA6DAwh_Jqx6lZRJxpZKhGeHY_CBVvRHShifaXjIDYhA==
NewBackground.jpeg
shrinkearn.com/webroot/modern_theme/img/ 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shrinkearn.com/webroot/modern_theme/img/NewBackground.jpeg
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:842c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:05 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
751379
cf-polished
origSize=180059
status
200
content-length
179836
x-xss-protection
1; mode=block
last-modified
Mon, 12 Feb 2018 04:35:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
expires
Mon, 12 Apr 2021 06:06:06 GMT
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60f8fb0000cbcc2c1d9200000001
accept-ranges
bytes
cf-ray
58726aa19d98cbcc-VIE
cf-bgj
imgq:100
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://tii.ai

Response headers

date
Sat, 28 Mar 2020 09:55:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:54 GMT
server
sffe
age
2033587
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14176
x-xss-protection
0
expires
Sun, 28 Mar 2021 09:55:58 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4231
date
Mon, 20 Apr 2020 21:38:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 20 Apr 2020 23:38:34 GMT
collect
www.google-analytics.com/r/ 		35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=916842677&t=pageview&_s=1&dl=https%3A%2F%2Ftii.ai%2FjxyaQ&ul=en-us&de=UTF-8&dt=ShrinkEarn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1111431346&gjid=688568251&cid=1338572107.1587422946&tid=UA-113561579-1&_gid=596613310.1587422946&_r=1&gtm=2ou480&z=2092978220
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
DgQzNA8SICExDjIlJQUkKyoGPH58HSo0dWJZdmhwbk8zOSxnWnB2Oy4INyU7Z19xdiE0DyxtbixUc354dFptY24uGSI3dWtPMyQ8NlRyZXBtXXFicW5cemF5
demannewcure.site/Q1BIWmlsbyspVBA+IDsILTx/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/Q1BIWmlsbyspVBA+IDsILTx/DgQzNA8SICExDjIlJQUkKyoGPH58HSo0dWJZdmhwbk8zOSxnWnB2Oy4INyU7Z19xdiE0DyxtbixUc354dFptY24uGSI3dWtPMyQ8NlRyZXBtXXFicW5cemF5
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa42a07fa7c-AMS
cf-request-id
023b60fa970000fa7c502d3200000001
Cookie set LQ9mezAJChY7Jgg+MwIPLTINCiw6FgJxGxxqcjgxGRQGAj4MDQk+Jzk6FhsdCSAwPCUCAw4GDD04CB8VfBArDBgOGhogMwkDDgYfexAPPiN7ExEiAwlrM2xECBRwLTMsay8BFSEQKgUkEysBDQUgGyo5JiwYdhgVDDYuABEPNwEkBm9rARslchUPDhoCOiQcTisMJ...
statutorjuihui.site/SllDSXYrOyAkSStkIW8DODV+bEQMfHEPEnsyMHEEJTwyPA4oLiJnFSY2Ni0QODYtPVgkPDdsRAwvJxw8Ow1zPiEGCBI5FT0cMQ0YAGkRJzQTPS0lIgEbKC4/ Frame C7F7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/SllDSXYrOyAkSStkIW8DODV+bEQMfHEPEnsyMHEEJTwyPA4oLiJnFSY2Ni0QODYtPVgkPDdsRAwvJxw8Ow1zPiEGCBI5FT0cMQ0YAGkRJzQTPS0lIgEbKC4/LQ9mezAJChY7Jgg+MwIPLTINCiw6FgJxGxxqcjgxGRQGAj4MDQk+Jzk6FhsdCSAwPCUCAw4GDD04CB8VfBArDBgOGhogMwkDDgYfexAPPiN7ExEiAwlrM2xECBRwLTMsay8BFSEQKgUkEysBDQUgGyo5JiwYdhgVDDYuABEPNwEkBm9rARslchUPDhoCOiQcTisMJzAzJylmezQYAQ0oMwJoAQEgZ2AuKCMuIAAzTnIeECoSATB3LD0ybDIvHARqFBEeIwstGyYsATstPRsQdAAkJjcUCA46C3AAMQAwIBgsezFmezABIQIhNxkbLxw+CDgPCicCFRIqBysMIAwuEi0qGyEyAyYBQwc7BT1DLg8BPiEgLjcMDwcACSQaAhsFcE4vaDcxLg0ydho3bDMwJhg6ZCAjEQMDAC0SGy8P
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Type
text/html
Content-Length
1231
Connection
keep-alive
Set-Cookie
__cfduid=dbac17bb2c8439f41895da1af9b4a984b1587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726aa53be77317-AMS
cf-request-id
023b60fb4200007317e6a90200000001
M1hYMHIcZztDT2kNIGUkWGENVR9hMBRcQkUCNXpXAR4NWR5bAgAJJBUsMVRPC2tqAksGfihZFg5rahYBRzksRQEOaX5ZHFU3ZRYEDmh2BVwBbnYAVEcoOVdPAn4oRAZfZWkFSgRsagJLB21hA0I
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/M1hYMHIcZztDT2kNIGUkWGENVR9hMBRcQkUCNXpXAR4NWR5bAgAJJBUsMVRPC2tqAksGfihZFg5rahYBRzksRQEOaX5ZHFU3ZRYEDmh2BVwBbnYAVEcoOVdPAn4oRAZfZWkFSgRsagJLB21hA0I
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa52cc9fa7c-AMS
cf-request-id
023b60fb360000fa7c502e6200000001
eXpnMnMCWBRFLAwICxBJWxITRgMKQEgdBxATSVMaVgkQbUFOSVIBSkxUDUFRVVgUXxVbQFYeUQ0bAG0aHVhdEEtJT18KR1tWRUEGGyUOVkFbQEUGR0pDVgJCTVcBAEdJV1MFRkFXX1RAQVcGC0NPTVICQ09JUlZRBA
aphycolourses.info/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aphycolourses.info/eXpnMnMCWBRFLAwICxBJWxITRgMKQEgdBxATSVMaVgkQbUFOSVIBSkxUDUFRVVgUXxVbQFYeUQ0bAG0aHVhdEEtJT18KR1tWRUEGGyUOVkFbQEUGR0pDVgJCTVcBAEdJV1MFRkFXX1RAQVcGC0NPTVICQ09JUlZRBA
Requested by
Host: tii.ai
URL: https://tii.ai/sw_2735395.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
334632ca7e02f0d2f24b0ab04a5f29e5d8a413401a677fa5e22a30c8a9006740

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
X-Powered-By
Express
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
023b60fb440000d92164036200000001
Server
cloudflare
ETag
W/"cede-oWYpiMaCxF+NS1WIHtvujigKPfU"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
CF-RAY
58726aa53c59d921-AMS
Access-Control-Allow-Headers
X-Requested-With,content-type
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://tii.ai

Response headers

date
Wed, 15 Apr 2020 01:32:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
508577
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
14044
x-xss-protection
0
expires
Thu, 15 Apr 2021 01:32:48 GMT
Cookie set TwpYH0N0fQ4gAHRkLSIAbwMAF2oFSwcYfGR4Jxp4bnUfKVNSdiU5bQVfBRYJYH4KDWt7Z1h7DWwDOR1+bn5YH2xgfyMJe3NnA3dDbFgqC2hPC1kfCXB4Iwl4YGItJR9cQAcgSQtJHnpBYGo5PENnZyceQG4
statutorjuihui.site/M2hOOTZSCi1UCVJVLB9DQQRzHAR1TXx/UgAJIgwEV1AtVlxXG3kXVV8HO11QQQcgTRhdDTocBHUCLWFsBTsifGV0Oh9KVFQ9KHFYVwUcfANwDRlVbnspJVVmRC4CeHJLBA1qd1kvN3R6eRF6f3diDzthcgcaCGxCegoKCWd0Kn8KUks5F... Frame A286 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/M2hOOTZSCi1UCVJVLB9DQQRzHAR1TXx/UgAJIgwEV1AtVlxXG3kXVV8HO11QQQcgTRhdDTocBHUCLWFsBTsifGV0Oh9KVFQ9KHFYVwUcfANwDRlVbnspJVVmRC4CeHJLBA1qd1kvN3R6eRF6f3diDzthcgcaCGxCegoKCWd0Kn8KUks5F35uVw8YQVVWIwlBcGYpeg9mWxgCfE9YBwlRUVUnDV5QcQQ5HAR1JQtOVHU8Dw1+YQcsWwR+Wx8IZAUMC3dxZgEtTnNbUBtpXAcrBlUPBi1/a3NgAQMcBHUqHHRhUVoAe3FLGz5dc30vCG1aAzl+YHVRWgB7ZANFIW9vdj0+bQR9WB8Jb1EnJ3xSdh9+T3tLByh9WwoCAAl4eQ4WAHViLncNb2UDKnxcB1AGb3h6KxZrcmEAF1N5Wzoaan5cWgh7Y2EiFlFjYS0hSXliJRR/TwpYH0N0fQ4gAHRkLSIAbwMAF2oFSwcYfGR4Jxp4bnUfKVNSdiU5bQVfBRYJYH4KDWt7Z1h7DWwDOR1+bn5YH2xgfyMJe3NnA3dDbFgqC2hPC1kfCXB4Iwl4YGItJR9cQAcgSQtJHnpBYGo5PENnZyceQG4
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Type
text/html
Content-Length
1275
Connection
keep-alive
Set-Cookie
__cfduid=dbac17bb2c8439f41895da1af9b4a984b1587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726aa6ac737317-AMS
cf-request-id
023b60fc2a00007317e6a99200000001
Cookie set bxwQcigdLzQpLhEe
statutorjuihui.site/QUZPUlggJCw/ZyB7LXQtMypyd2oHY30UPHInI2dqJX4sPTIlNXh8Oy0pOjY+MykhJnYvIzt3agcWFgoCEBEkYhsGEntqOykTKRwfJXcaFxoxJAdjEAkFAmMROQADFBk1cw04My8KNhsZDxQVahcTNRwwDyk0CwA7ZHQNAgADDgoobHQlC... Frame DD8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/QUZPUlggJCw/ZyB7LXQtMypyd2oHY30UPHInI2dqJX4sPTIlNXh8Oy0pOjY+MykhJnYvIzt3agcWFgoCEBEkYhsGEntqOykTKRwfJXcaFxoxJAdjEAkFAmMROQADFBk1cw04My8KNhsZDxQVahcTNRwwDyk0CwA7ZHQNAgADDgoobHQlCRAJDBJ7JAAEDH0eMnEJBwVoOwonNTwRLHd3agcBDTU/JwIoEws7dn4cLyYnHxYsLhM1EDQlDn4XCgYENhsZABAABgl0AigHbCd1ezgNcww+GBl5BQEGAi4TfwthDj96FwoGB34CMxMDFhESLhN/CDAgLgUDCSZrdiQCBBQKCxwyfwoAN3AKHDUcCRIkJzkHCzgIDy1wG2IOLCB8awoZLDwrFxAxLjYPJgkdFwomCCYDEwR1GT0+EB8bHyIELxwUFignJmYSAwJ3YRMEFAoUNXBzG2ICZHQNMwAxEhthbTMjfjoMGCsgd2oDBw0TIAoFHRcKAxw5NDQbHxZgIDMACiYoIyh2Cgk7F3o2GRMBFmArNxMKHDcjdR0FCnMMJRkZFwMVYDc3Ew0YNSAXaTgrLig/bxwQcigdLzQpLhEe
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Type
text/html
Content-Length
1269
Connection
keep-alive
Set-Cookie
__cfduid=dbac17bb2c8439f41895da1af9b4a984b1587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726aa7acc77317-AMS
cf-request-id
023b60fccb00007317e6aa1200000001
Cookie set Nx4NAyRnABIoGTExICRFJiVEAC03HgYHN2c6HShEGzIjIwEsNEQEIzQeGgc3IT4DKyRwGgYhGyZNAws7DAVHAhciRhEH
statutorjuihui.site/VnB1TnU3EhYjSjdNF2gAJBxIa0cQVUcIEWURGXtHMkgWIR8yA0JgFjofACoTJB8bOls4FQFrRxA/OyMRDCMYPiMVNBY9IwM5Oh4tMhQ0f0w+FSMDJBIjGiI3EyoUAgJuGxcMPyQyEiY2AyRFCiETOREeLTIpMA8GYjo0fjkHJAIlNgcEI... Frame B166 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/VnB1TnU3EhYjSjdNF2gAJBxIa0cQVUcIEWURGXtHMkgWIR8yA0JgFjofACoTJB8bOls4FQFrRxA/OyMRDCMYPiMVNBY9IwM5Oh4tMhQ0f0w+FSMDJBIjGiI3EyoUAgJuGxcMPyQyEiY2AyRFCiETOREeLTIpMA8GYjo0fjkHJAIlNgcEIigMJT8jCAUiEjd3LQEaJCIwEEg5ACYiIDcNMyUqMyEhACcZJzdnEzADNgcVIhwkLhJEIkUHHQF4NGcXIR42DCA3CBZmOwIlIQAnHiIyBD4jLyEcIDcIETkVHxs9Awcva0cQIQ0AIzcjBi8nMQNNHiRvJTEKWBdVRwwhISEdLD06FDIIJyASRCkyAgo8Jz06AzkoPTEAMH8jJjoSABEXHg16Ijo1NgEcEzY9fj8kFRIiEBAkLCAxLj4jBkZnFTIIEWUVI34wDh4ReS0XSTYvRjkqIzkwYj80AyEAIkxrRxAnJAg/Nx4NAyRnABIoGTExICRFJiVEAC03HgYHN2c6HShEGzIjIwEsNEQEIzQeGgc3IT4DKyRwGgYhGyZNAws7DAVHAhciRhEH
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Type
text/html
Content-Length
1251
Connection
keep-alive
Set-Cookie
__cfduid=d222c5b50a1cfe3735af563540c8aa05b1587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726aa819ecc85f-AMS
cf-request-id
023b60fd0f0000c85fffb64200000001
Cookie set ITAKIAoSHwg5OTw6UxcJARw0JRk4PxoFGRsCGxABCgs3ED8JWTslYHw+GhoKEltaFxINDFMXCQIZMUIKcikJQQoSW1s1PBxFFxY9eVkUOQAZUSIYCg4hMD8ABgQmCxINGxs0DwYiIUIBDw5QBh0SKTkZAnoDFyAcPAIlQjx4DCtBGwA+U0cTIwxQMxwSGTYibSkNJ...
statutorjuihui.site/S2hjcVgqCgAcZypVAVctOQReVGoNTVE3PHgJD0RqL1AAHjIvG1RfOycHFhU+OQcNBXYlDRdUag0dLhoNez02SAoABAxCOw4xECQfM1whKQEIMTsoDQdYAFRqCSE2O2wuABBJDzwAOzk/PxIgIBEhKxQrMhorEAMceAswIQt+CyoWNHgjD... Frame C64B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/S2hjcVgqCgAcZypVAVctOQReVGoNTVE3PHgJD0RqL1AAHjIvG1RfOycHFhU+OQcNBXYlDRdUag0dLhoNez02SAoABAxCOw4xECQfM1whKQEIMTsoDQdYAFRqCSE2O2wuABBJDzwAOzk/PxIgIBEhKxQrMhorEAMceAswIQt+CyoWNHgjDwY1CD8hAQ0yLjQTEDg9LiQJblohOxlzGzUIPyAwIDMfACslMgF7LRQSNHMZNxs/ITAKIAoSHwg5OTw6UxcJARw0JRk4PxoFGRsCGxABCgs3ED8JWTslYHw+GhoKEltaFxINDFMXCQIZMUIKcikJQQoSW1s1PBxFFxY9eVkUOQAZUSIYCg4hMD8ABgQmCxINGxs0DwYiIUIBDw5QBh0SKTkZAnoDFyAcPAIlQjx4DCtBGwA+U0cTIwxQMxwSGTYibSkNJB4ZLz4ARAgdWAwkABlRBzkRCg5QSTsvDy0bPCMQUzA1IxkiOQ4DJSAdDAVZUkE+EzoUM2oRACIpFRgiKzgUKDk5Hz0nMQ41DBlNUTcZEzo0KBAkIwAwaSYOBDNgHjw1SBoTPjQoGzgtBxZ+IRsMHyh2JikCMQYLLDUZB14RNWw
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
Content-Type
text/html
Content-Length
1273
Connection
keep-alive
Set-Cookie
__cfduid=d2bfece6b4bab56fcf761da72df22b8701587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726aa8c9cefa68-AMS
cf-request-id
023b60fd7d0000fa680612a200000001
a1JUaEdEbTcbeiQKJC4UAQsdPA89awIfAjE2Z1AGKDptWgwqCx5OMwI2aV9yU2pnUGEbOzBVdk0hIAkzHiFpWWECPDIHek0kaVlpWGZ6WXZFYnIcNwo1aVlhGyYgBHpaZ2xfc1lgbVxxWWts
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/a1JUaEdEbTcbeiQKJC4UAQsdPA89awIfAjE2Z1AGKDptWgwqCx5OMwI2aV9yU2pnUGEbOzBVdk0hIAkzHiFpWWECPDIHek0kaVlpWGZ6WXZFYnIcNwo1aVlhGyYgBHpaZ2xfc1lgbVxxWWts
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa88c8cfa7c-AMS
cf-request-id
023b60fd500000fa7c50312200000001
XTdaCnYSIBNZO0EgWglpXT0BV3ISJVoJYQR9UwhhAHUTSC5TblYeP0AnCwV+AWtQDH0GalMOewRg
demannewcure.site/TzRTZzhgCzAUBRpYEQZcIm45PVU/dhFVVzVVFip+AgYFEmkJbjpBTCZQbl8JeQ1lVx4/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/TzRTZzhgCzAUBRpYEQZcIm45PVU/dhFVVzVVFip+AgYFEmkJbjpBTCZQbl8JeQ1lVx4/XTdaCnYSIBNZO0EgWglpXT0BV3ISJVoJYQR9UwhhAHUTSC5TblYeP0AnCwV+AWtQDH0GalMOewRg
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa88be7bf3c-AMS
cf-request-id
023b60fd500000bf3cab971200000001
TTdLRFViCCg3aAJwHQc0C3oBEWYHUQYjFApUDXE9DgYBPQIaegJiISRTdnNgdQ94fXM9Xi95ZHURODA0OUI4eWRrXiUiOnARPXlkYwdldHt7ET80NCoKemIlOUMneWR4D3xwZ38Of3JhdAE
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/TTdLRFViCCg3aAJwHQc0C3oBEWYHUQYjFApUDXE9DgYBPQIaegJiISRTdnNgdQ94fXM9Xi95ZHURODA0OUI4eWRrXiUiOnARPXlkYwdldHt7ET80NCoKemIlOUMneWR4D3xwZ38Of3JhdAE
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa96f3ffa58-AMS
cf-request-id
023b60fde40000fa5843a92200000001
RVljU0RqZgAgeQscNScLEhwlMHV1FiISMygBFGoTEBo6GQADHCZ1MCw9XmRzdm9TamI1MAdudWMqFzIwMCpeYmIsNwU8eWMvXmJqdm1NYnVraUUnNCQ+XmJiNS0XP3l0bFtkcHdrWmdycGBX
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/RVljU0RqZgAgeQscNScLEhwlMHV1FiISMygBFGoTEBo6GQADHCZ1MCw9XmRzdm9TamI1MAdudWMqFzIwMCpeYmIsNwU8eWMvXmJqdm1NYnVraUUnNCQ+XmJiNS0XP3l0bFtkcHdrWmdycGBX
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aa97dccbf55-AMS
cf-request-id
023b60fde70000bf55a7261200000001
1b1879ffa2
s3.amazonaws.com/2aff9781b14d12acae9bf9facd2998d119ff3160929d4dd3a232156f8d0b/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/2aff9781b14d12acae9bf9facd2998d119ff3160929d4dd3a232156f8d0b/1b1879ffa2
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.133.5 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9cbc31746708fc633716f8451dbba601b528a5d6cb37352fdf11ff604207cdc8

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
x-amz-meta-pragma
no-cache
x-amz-request-id
60584681ACBC49EE
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length
17352
x-amz-id-2
j2ThQTUYICiLPznsp73V8JAmHOUvsBeIQxmdYU+pSPb42A6Csf/ENL4/BfvUwPp5IXiKcm5n4vI=
Last-Modified
Mon, 20 Apr 2020 00:15:03 GMT
Server
AmazonS3
ETag
"b9389059a9ecea4ac7ff443faa599e20"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://tii.ai
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
/
g.themoneytizer.net/g/ 		26 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.themoneytizer.net/g/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
f2af6a03599a30f21216920acbab05ce2903a5f62b4a6b4f9b0a2b234004e53e

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Server
nginx
X-IPLB-Instance
29821
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
moneyvisibility.js
ads.themoneytizer.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneyvisibility.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
last-modified
Wed, 08 Jan 2020 19:01:35 GMT
server
nginx
etag
"779a-30ad-59ba5857e2265"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
3955
expires
Tue, 21 Apr 2020 22:48:27 GMT
moneybile.js
ads.themoneytizer.com/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybile.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
last-modified
Wed, 27 Feb 2019 16:57:00 GMT
server
nginx
etag
"7ff1-9390-582e30fefbc74"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
15733
expires
Tue, 21 Apr 2020 22:48:27 GMT
getjs.static.js
tag.contextweb.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.contextweb.com/getjs.static.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software
envoy /
Resource Hash
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
envoy
etag
d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p
policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
max-age=432000, public
x-envoy-upstream-service-time
3
content-type
application/x-javascript
content-length
11296
px.js
p.cpx.to/p/11528/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/11528/px.js?r=1c75b
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-41.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 01 Apr 2020 22:24:49 GMT
Content-Encoding
UTF-8
Connection
keep-alive
Last-Modified
Wed, 10 Oct 2018 10:49:46 GMT
Server
AmazonS3
Age
1643058
ETag
"f30057c89bf67afeaf18ceba624fa4b7"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Cache-Control
max-age=2419200
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
1498
X-Amz-Cf-Id
Ic08rDeTCYUH8RCy_i0K9IM8YBWNhDX7_WHfVqIdZAhclxK6Jz94uQ==
smart.js
ced-ns.sascdn.com/diff/js/
Redirect Chain
  • https://ww1097.smartadserver.com/config.js?nwid=1097
  • https://ced-ns.sascdn.com/diff/js/smart.js
27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/smart.js
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (waw/17D3) /
Resource Hash
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
last-modified
Mon, 23 Mar 2020 14:27:30 GMT
server
ECS (waw/17D3)
cache-control
max-age=86400
age
30049
etag
"308b0663b760da8cd1006f7a3f2458d5:1584973650"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
x-n
S
accept-ranges
bytes
content-length
8932

Redirect headers

location
https://ced-ns.sascdn.com/diff/js/smart.js
date
Mon, 20 Apr 2020 22:49:06 GMT
cache-control
private
content-length
159
content-type
text/html; charset=utf-8
sync
gum.criteo.com/ 		49 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private, max-age=3600
date
Mon, 20 Apr 2020 22:49:06 GMT
content-length
165
expires
60
libJsLP.js
tag.leadplace.fr/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Last-Modified
Tue, 27 Nov 2018 14:13:54 GMT
Server
nginx/1.14.2
ETag
"5bfd5122-a72"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
2674
/
onetag-sys.com/usync/ Frame 62E4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1587422946616
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2a897e3f18e6769&cb=1587422946616
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tii.ai/jxyaQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

status
200
content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
strict-transport-security
max-age=2592000
/
spl.zeotap.com/ Frame 3736 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?env=mWeb&uc=2&zdid=1258&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tii.ai/jxyaQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:06 GMT
content-type
text/html
set-cookie
__cfduid=d9c36d7b6a47636829e51d91bc6822b181587422946; expires=Wed, 20-May-20 22:49:06 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=5b0fa67f-f464-4d82-6681-4e99e223bd54; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=5b0fa67f-f464-4d82-6681-4e99e223bd54; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=Z%C8%EE%E5%21%29Z%5E%98%C9%F2%95%CF%B5e%7F%7Ch%8E%26%3E%D3K%3AmPAbq%28%C2%85%90%1E%BB%23y%EE%883%91%CD%3C%F7%8D%10qM%C3%F0%CB%E0%86_%EF%03%99b%E2%B2%5CQWiZ%074%07%7Ct%5B%DA%26%DC%3B%B9F%0B%80%80W%5EcRgGI%818%CC%5C%80%84%88%AD%7D%DE%B9; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers
*
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58726aa8ac7a8caa-VIE
content-encoding
br
cf-request-id
023b60fd6500008caa8707c200000001
quant.js
secure.quantserve.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.209 , United Kingdom, ASN27281 (QUANTCAST, US),
Reverse DNS
Software
QS /
Resource Hash
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20-Apr-2020 22:49:06 GMT
Server
QS
Etag
M0-56c8c653
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Strict-Transport-Security
max-age=86400
Content-Length
5651
Expires
Mon, 27 Apr 2020 22:49:06 GMT
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.78.109 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-109.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 01:23:05 GMT
Via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
Age
77200
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
vyB3vkMZY7gefTNZfxA2y0IfhmNyQ5f4HqCcC1LytT9iIUG2brM63w==
186329-261067657875242.js
js-sec.indexww.com/ht/p/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 21:55:28 GMT
Server
Apache
ETag
"905717-8bc6-5a3bff5031073"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=606
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12312
Expires
Mon, 20 Apr 2020 22:59:14 GMT
prebid.js
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 		407 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
a68d161af49e25a6bc817a4af26143f51c6690653baff4d86686f2495a4a540f

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
last-modified
Fri, 17 Apr 2020 14:55:51 GMT
server
nginx
etag
"1e3f7-65bd5-5a37dbeda57b8"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
132673
expires
Tue, 21 Apr 2020 22:48:31 GMT
footer.jpg
tii.ai/cloud_theme/build/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tii.ai/cloud_theme/build/img/footer.jpg
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
4294777
status
200
content-length
6152
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60fd430000cba0789c5200000001
accept-ranges
bytes
cf-ray
58726aa86fabcba0-VIE
expires
Tue, 02 Mar 2021 05:49:29 GMT
fontawesome-webfont.woff2
tii.ai/cloud_theme/build/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tii.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin
https://tii.ai

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
377673
status
200
content-length
77160
x-xss-protection
1; mode=block
last-modified
Mon, 02 Sep 2019 23:24:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-request-id
023b60fd430000cba0789c6200000001
accept-ranges
bytes
cf-ray
58726aa86fadcba0-VIE
expires
Thu, 23 Apr 2020 13:54:32 GMT
S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin
https://tii.ai

Response headers

date
Fri, 03 Apr 2020 02:39:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:45 GMT
server
sffe
age
1541396
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13732
x-xss-protection
0
expires
Sat, 03 Apr 2021 02:39:10 GMT
ejduZ2lVCA0UVDcHOx0kSAMtBB43cioQGhd2PwMMOHQvICg8AypBHRNTU19aSAVXUk8KXgpaWkgRHRMIDkIdWl1IEQcJDxUKWF9QXEFTV0dPGVxRR0oRGhcIHQpfQRkOQwJaWE8PWVNbSA5aUV9JBQ
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/ejduZ2lVCA0UVDcHOx0kSAMtBB43cioQGhd2PwMMOHQvICg8AypBHRNTU19aSAVXUk8KXgpaWkgRHRMIDkIdWl1IEQcJDxUKWF9QXEFTV0dPGVxRR0oRGhcIHQpfQRkOQwJaWE8PWVNbSA5aUV9JBQ
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aaa2808fa7c-AMS
cf-request-id
023b60fe5c0000fa7c5031e200000001
DgdZAxcKBEUKFwgFThYLCUAWVVhLWlIBfwwAQB0KDxUCDg
dc5k8fg5ioc8s.cloudfront.net/MOTN3MzlaXBlVBk1aEw4BCQZPCw0fWQRcV0kOMXpeV0Qhf1d+Xgd0dEgVA0ldBAFRX1hXVEoVXFdQSgIfWFcVDgkfRwdcUgRGGVdcX1oZVl0fRhYOVFZJHl9VWBZFdQwXA1IBCRFeFlBQV0cYQFEcADUWCwlaGUdcVRZFA1R... 		310 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dc5k8fg5ioc8s.cloudfront.net/MOTN3MzlaXBlVBk1aEw4BCQZPCw0fWQRcV0kOMXpeV0Qhf1d+Xgd0dEgVA0ldBAFRX1hXVEoVXFdQSgIfWFcVDgkfRwdcUgRGGVdcX1oZVl0fRhYOVFZJHl9VWBZFdQwXA1IBCRFeFlBQV0cYQFEcADUWCwlaGUdcVRZFA1RYUFIBCVZAUgEJQRZFAwgJbE-YHZgwaUgEJWEMHX1xOVhVYUE0WRXUMCgRZAA8cAUcbUlFHGl8cC3BSAQlVWhxWHAsDEFZaUlxeFgsJUB9BVlRWUgF/DgdZAxcKBEUKFwgFThYLCUAWVVhLWlIBfwwAQB0KDxUCDg
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:9a00:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
42b558b9f55dde7dcd233d3562d07371786de7ebaeaab2b2ede0d37c1952d590

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
282
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-id
Uy1ImDnhgq-tWNL1j-yuEiNV2f6ZxWJFlDZw7ooScjOkx5fMT_f8ew==
s
responsidejo.club/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://responsidejo.club/s?a=$UID&b=976570990352
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fresponsidejo.club%2Fs%3Fa%3D%24UID%26b%3D976570990352
  • https://responsidejo.club/s?a=3096597288063897508&b=976570990352
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://responsidejo.club/s?a=3096597288063897508&b=976570990352
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type
image/gif
Connection
keep-alive
CF-RAY
58726aacc81efa34-AMS
Content-Length
43
cf-request-id
023b60ffff0000fa340cb61200000001

Redirect headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.13:80
AN-X-Request-Uuid
c32cadd7-3527-496a-98eb-78ad70e68cfd
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://responsidejo.club/s?a=3096597288063897508&b=976570990352
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
responsidejo.club/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://responsidejo.club/s?a=$UID&b=678910607095
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fresponsidejo.club%2Fs%3Fa%3D%24UID%26b%3D678910607095
  • https://responsidejo.club/s?a=3096597288063897508&b=678910607095
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://responsidejo.club/s?a=3096597288063897508&b=678910607095
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
58726aae5ce1fa34-AMS
Content-Length
43
cf-request-id
023b6100fb0000fa340cb78200000001

Redirect headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.26:80
AN-X-Request-Uuid
8b3bccad-1b80-4b05-a396-e9a87a4c4d7d
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://responsidejo.club/s?a=3096597288063897508&b=678910607095
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
loadus.exelator.com/load/
Redirect Chain
  • https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
  • https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/2/8/2.gif?puid=3096597288063897508&gdpr=1&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMOVdPMJ-sKidZjLynIt2pRfkT-5IcyGIGvhi3SRg&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd...
  • https://id5-sync.com/c/12/3/7/3.gif?puid=5c475e9e-26e2-4400-9087-3e1c6d1fb03e&gdpr=1&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/10/6/4.gif?puid=3811960601315767241&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/12/19/5/5.gif?puid=bb76ccd956fe6a20e3ce9078bf7a1b40&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/101/4/6.gif?puid=e4c44e4d-3bfa-4917-9dea-df1675e6742f&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
  • https://id5-sync.com/c/12/108/3/7.gif?puid=25b35861-8359-11ea-8167-568b0724cb2e&gdpr=1&gdpr_consent=
  • https://ps.eyeota.net/match?gdpr=1&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F123%2F2%2F8.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/12/123/2/8.gif?puid={UUID}&gdpr=1&gdpr_consent=
  • https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F1%2F9.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
0
0
recaptcha__en.js
www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/ 		258 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/zItNOfzbrqVGbb4QFYpPpcrw/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59810fde24ce60c80da277fc0a947e428ab733def8e8af97a5b480ac9e510ca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 Apr 2020 17:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Apr 2020 04:07:04 GMT
server
sffe
age
625315
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
94244
x-xss-protection
0
expires
Tue, 13 Apr 2021 17:07:12 GMT
VjJpMFh5DQpDZTJZHgM9PWghVT8yfCMAbCBwPAkvBGECdR8eaC4WLD9WVAdtbgpaCH4mWw0NaXBBHVEsI0FUBGpwWwdWN2sBUAB+IA9YHmtiHFgBdmYUHUA5MQ9YFigiRgUNaWMKXgRqZAtdBm9mBQ
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/VjJpMFh5DQpDZTJZHgM9PWghVT8yfCMAbCBwPAkvBGECdR8eaC4WLD9WVAdtbgpaCH4mWw0NaXBBHVEsI0FUBGpwWwdWN2sBUAB+IA9YHmtiHFgBdmYUHUA5MQ9YFigiRgUNaWMKXgRqZAtdBm9mBQ
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aaa9ee2bf55-AMS
cf-request-id
023b60fea20000bf55a726a200000001
localstore.js
script.4dex.io/ 		450 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ac0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
br
cf-cache-status
HIT
age
1641
status
200
x-amz-request-id
DCC53D891D133E6C
x-amz-id-2
aSAJUwjDW2sRjhrMGOF4TOndBgucCQndsJBlaQU+/0Vbn2yd08RVSGrgYpaP5/hsxjXYpTiJH7c=
last-modified
Mon, 06 Apr 2020 11:18:51 GMT
server
cloudflare
etag
W/"bfa52622781c173885812009122c3f7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-request-id
023b60fefb0000befb9ca2f200000001
cf-ray
58726aab2ef0befb-FRA
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=31&formatid=39287&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
5374fdfdd0b44d7c4986b3eda2c11ccd4728789414f6b4eb4241a1505338327f

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
expires
Tue, 21 Apr 2020 22:49:06 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		626 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
a2ac89addba7ffcc2858f08655072ba5a56e8cf74b70c19e75bd51c653a4b9bc

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
429
expires
Tue, 21 Apr 2020 22:49:06 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		627 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
5872c58dbb7732e4eba4c1d50d202bdc800740b9fda9e5e9914f196bbc2c347b

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
429
expires
Tue, 21 Apr 2020 22:49:06 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		631 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=28&formatid=30012&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
35f1e764d03f2d1c699c786b2433746313b2958043776d8498c79c6ce8fcbe86

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
435
expires
Tue, 21 Apr 2020 22:49:06 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
e04ba7edb421a9e2386be7beb182040f62e281372181a108bc05babc666a4ef8

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
432
expires
Tue, 21 Apr 2020 22:49:06 GMT
moneybid.js
ads.themoneytizer.com/bidder1/ 		624 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
3aefe768f1b5a82df7cdfde84ece2a80b552efcb9c6d3682a59076a1ae24d1d0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
429
expires
Tue, 21 Apr 2020 22:49:06 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.139:80
AN-X-Request-Uuid
1cadc40f-6eb8-4060-aa65-efc3fd40331e
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tii.ai
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://tii.ai
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225073af5fcd7616%22%2C%22pid%22%3A%2222241464%22%2C%22tid%22%3A%22d414142c-dd93-433f-8501-de8d2e419055%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
99d98b678689bfd5c0b02a4761acb60d81dae4c87e1cf63427feaf69f9216afb

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1265

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2232676fbf76b16b6%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2225073af5fcd7616%22%2C%22pid%22%3A%2222241464%22%2C%22tid%22%3A%22d414142c-dd93-433f-8501-de8d2e419055%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fjx...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.a...
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22266c07df6aee754%22%2C%22pid%22%3A%2222241454%22%2C%22tid%22%3A%223fff7896-c322-42ff-99aa-63f94c204e36%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b383546e2f74a7c9802ea646c883836170b86f3b63e046db52084b6537c7b78b

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1810

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223368aa42049516%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22266c07df6aee754%22%2C%22pid%22%3A%2222241454%22%2C%22tid%22%3A%223fff7896-c322-42ff-99aa-63f94c204e36%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22276bf16a0198ea2%22%2C%22pid%22%3A%2222241467%22%2C%22tid%22%3A%22d5b6e893-47ba-41df-8d2d-b47026976c90%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0531e2ac9b7598b7711fb04bc1ad1a996922bda5bae4bf3633900bcacca5d755

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1786

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22346c69eec758289%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22276bf16a0198ea2%22%2C%22pid%22%3A%2222241467%22%2C%22tid%22%3A%22d5b6e893-47ba-41df-8d2d-b47026976c90%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228626c36cb35008%22%2C%22pid%22%3A%2222241466%22%2C%22tid%22%3A%2264b1891a-8700-4f38-83a2-35fa1d7ac6b8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
7e4ad3f8b6a95d8e27fbf35553df63e48105377ee226b82291f0e629b39727e3

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1785

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235316a4c1c0c42c%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228626c36cb35008%22%2C%22pid%22%3A%2222241466%22%2C%22tid%22%3A%2264b1891a-8700-4f38-83a2-35fa1d7ac6b8%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222951dbecb08d695%22%2C%22pid%22%3A%2222249871%22%2C%22tid%22%3A%22306e19b3-b3a0-4889-b071-f5ef8937d15e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef902c79e00dff9cc0872329537f7f53fbd0ceb7b6747bb124edb72e60c25aee

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1253

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22366d086c377385e%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222951dbecb08d695%22%2C%22pid%22%3A%2222249871%22%2C%22tid%22%3A%22306e19b3-b3a0-4889-b071-f5ef8937d15e%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230d1b827c41fc8e%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%221c3405f6-af3e-4665-9d25-50a0b68e375f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5a7abb232d9b39753bb44579eb35ec8c2fff897951e02c8d813c5b5584c88793

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1797

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%223770df60597adcb%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230d1b827c41fc8e%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%221c3405f6-af3e-4665-9d25-50a0b68e375f%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22310d8f431bd990d%22%2C%22pid%22%3A%2222249868%22%2C%22tid%22%3A%2207c5e22c-cbe2-4c78-9661-52e743f10df6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
283570757e6ecc4db839d73774b6a98dbe7a5ff430fcd0a181ceadffc2f30b6a

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1245

Redirect headers

date
Mon, 20 Apr 2020 22:49:06 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22383497e45281cd9%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22310d8f431bd990d%22%2C%22pid%22%3A%2222249868%22%2C%22tid%22%3A%2207c5e22c-cbe2-4c78-9661-52e743f10df6%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
fire.js
s.cpx.to/ 		772 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=11528&ref=&hn_ver=10&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d93ada941279583fe2b65decbeb16643657ce1a86c1af08cbc95f4c9ecb7b7b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 20 Apr 2020 22:49:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript; charset=UTF-8
Content-Length
772
Expires
Mon, 23 Mar 2020 17:40:54 GMT
wckr.php
tag.leadplace.fr/ Frame 6BB0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash

Request headers

Host
tag.leadplace.fr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Server
nginx/1.14.2
Date
Mon, 20 Apr 2020 22:49:06 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-IPLB-Instance
29922
cENtRlJffA41byUFK3YDJRkFHGIicSd0NQkRAwhiKnEvAxtDGQpgJhknUH5iRXtVcnQAKgl7YUNlHjIzBDYee2ZCZQQoNB9+X3RhVjVQdnxAbV5oYVY3HSc1TXJLNiYEL1B3Z0h0WXRgSXdbfmtJ
demannewcure.site/ 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demannewcure.site/cENtRlJffA41byUFK3YDJRkFHGIicSd0NQkRAwhiKnEvAxtDGQpgJhknUH5iRXtVcnQAKgl7YUNlHjIzBDYee2ZCZQQoNB9+X3RhVjVQdnxAbV5oYVY3HSc1TXJLNiYEL1B3Z0h0WXRgSXdbfmtJ
Requested by
Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aab7e1abf3c-AMS
cf-request-id
023b60ff290000bf3cab987200000001
WDU1OFl3ClZLZA1fUXMKD3tfeQEoEAd6GDVFYF0RYWdsaRtuUHN2MH5BXFxkbwANAGphE0VRPWUEDR4qLFRBTSplAQceMDZTWgVtbwITTmRpGwUWaXYDE0wpOVIICX8oQUFUZGkADQ9tagcMDG9hDQU
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/WDU1OFl3ClZLZA1fUXMKD3tfeQEoEAd6GDVFYF0RYWdsaRtuUHN2MH5BXFxkbwANAGphE0VRPWUEDR4qLFRBTSplAQceMDZTWgVtbwITTmRpGwUWaXYDE0wpOVIICX8oQUFUZGkADQ9tagcMDG9hDQU
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aab1b1bfa58-AMS
cf-request-id
023b60feed0000fa5843aa4200000001
popunder.gif
demannewcure.site/ 		35 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/popunder.gif
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
34210
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
58726aab2a02fa7c-AMS
cf-request-id
023b60fefc0000fa7c5032a200000001
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:fe00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:15:24 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:28:36 GMT
server
AmazonS3
age
2024
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
5wC6N_kJAwrZU2UNPUPy7-9wULGh7Wlgs0vODbQrDUtSrnkTOboR5w==
via
1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
adagio.js
script.4dex.io/ 		62 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:ac0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
282
status
200
x-amz-request-id
9571CBC6B1623C5C
x-amz-id-2
wz96ug2iH8lvfsDO7VsAyQ4bf5HGZkbvmAs4NS2feuOYvbekjXe/lJ2ATgW/V3kB4wGVHCJyRZI=
last-modified
Mon, 06 Apr 2020 11:18:49 GMT
server
cloudflare
etag
W/"69fac1b60dfd5d00b8ff023e19aca7e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-request-id
023b60ff91000026e811211200000001
cf-ray
58726aac1e6326e8-FRA
anchor
www.google.com/recaptcha/api2/ Frame 38B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=lras8y5ih12u
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-75LssDjT09fyVib1tLn9KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&size=normal&cb=lras8y5ih12u
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tii.ai/jxyaQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 20 Apr 2020 22:49:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-75LssDjT09fyVib1tLn9KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11554
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
Zwx8ZX5kD39mfg
demannewcure.site/OE5XR1AXcTQ0bXUZBQw1fwMWEj5IHhYgO3ArEnYGeSkRchdUAxVhJFEqanBlAHZkf3ZIJzN6YR49IyYkTT1qcWIeJzkhPwVoIXphFn1jaWEJYGdhJEgvMHphHj4jMzwFf2J/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/OE5XR1AXcTQ0bXUZBQw1fwMWEj5IHhYgO3ArEnYGeSkRchdUAxVhJFEqanBlAHZkf3ZIJzN6YR49IyYkTT1qcWIeJzkhPwVoIXphFn1jaWEJYGdhJEgvMHphHj4jMzwFf2J/Zwx8ZX5kD39mfg
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aabbafafa7c-AMS
cf-request-id
023b60ff4e0000fa7c5032e200000001
OFRJb0cXayocencABz4RCBkALRB6MwAIAWkNJCl3YAIIXx5WGQNJM1EwdFhwC2J5VmFIPS1Sdh4nPQ4zTSd0WXUePScJKAVyP1J2Fmd9QXYJenlJM0g1LlJ2HiQ9GysFZXxXcAxme1ZzD2V7Xw
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/OFRJb0cXayocencABz4RCBkALRB6MwAIAWkNJCl3YAIIXx5WGQNJM1EwdFhwC2J5VmFIPS1Sdh4nPQ4zTSd0WXUePScJKAVyP1J2Fmd9QXYJenlJM0g1LlJ2HiQ9GysFZXxXcAxme1ZzD2V7Xw
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aabbfb2bf55-AMS
cf-request-id
023b60ff4e0000bf55a7271200000001
multi
statutorjuihui.site/ 		0
0
MnlvNm4dRgxFU2ESVmYNAz9YUzYLPCJ+J0EfOm8XeUofATxlP1kQGlsdUg5fBEBZBkhCEAsLXAtfHEIPRgwcC1gAXwZYCF1ESUBTA1dfGFoCV1sQGkIYCAtfFAkbQgIPSFoOWQZLXQ9aBUhdBw
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/MnlvNm4dRgxFU2ESVmYNAz9YUzYLPCJ+J0EfOm8XeUofATxlP1kQGlsdUg5fBEBZBkhCEAsLXAtfHEIPRgwcC1gAXwZYCF1ESUBTA1dfGFoCV1sQGkIYCAtfFAkbQgIPSFoOWQZLXQ9aBUhdBw
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aac3e17fa58-AMS
cf-request-id
023b60ffa60000fa5843aad200000001
push
statutorjuihui.site/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/push?tid=832295&red=1&cs=V0s4ZFJmfQhTM28oClBiYC4NV2Jn&abt=0&v=0.5.26.0&sm=83&k=daily%20make%20with%20india%20money%20highest%20paying%20best%20shortener&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Ftii.ai%2FjxyaQ&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_RLDX=1587422947128&crc=1
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a088fb76e821b4d783a3d9498c3b3742b9eda99d7b5949d8cf683db7e468690

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
P3P
CP="NID DSP ALL COR"
Connection
keep-alive
Content-Length
4919
cf-request-id
023b60ff5600007317e6ab7200000001
Pragma
no-cache
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type
text/plain
access-control-allow-origin
https://tii.ai
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
Accept-Ranges
bytes
CF-RAY
58726aabbe7f7317-AMS
QUFIM3BufitATSQWDnohcTEBZUMpcQMDNQIkJldGFSYaChMJMQIVBCgldQtDc3NxBlYxKCwOQ3NnO0cRNTQ7DkZzZyFdFi58bkVNcW99HUJ3b3gVBDEgLw5BZzE8Rxx8cH0LR3VzegpEdnB6BA
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/QUFIM3BufitATSQWDnohcTEBZUMpcQMDNQIkJldGFSYaChMJMQIVBCgldQtDc3NxBlYxKCwOQ3NnO0cRNTQ7DkZzZyFdFi58bkVNcW99HUJ3b3gVBDEgLw5BZzE8Rxx8cH0LR3VzegpEdnB6BA
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aac7ed2bf3c-AMS
cf-request-id
023b60ffc60000bf3cab98b200000001
MGpRWjMfVTIpDn4+Omh9ZVIUHkRpKR09AlEoEBQKcg1lHXF4Uhd8R1kObG0GCFJiYxVAAzVnAghMIi5SRB8iZwUCTDg0VV9XdywOAURhdAMeXHcuQ1ENbGsVQB4lNg4BX2ltBwJYaG4EAVho
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/MGpRWjMfVTIpDn4+Omh9ZVIUHkRpKR09AlEoEBQKcg1lHXF4Uhd8R1kObG0GCFJiYxVAAzVnAghMIi5SRB8iZwUCTDg0VV9XdywOAURhdAMeXHcuQ1ENbGsVQB4lNg4BX2ltBwJYaG4EAVho
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aaca87ebf55-AMS
cf-request-id
023b60ffe70000bf55a7276200000001
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=58811&f=3&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Apr 2020 22:49:08 GMT
Server
nginx
X-IPLB-Instance
20683
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=58811&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Apr 2020 22:48:38 GMT
Server
nginx
X-IPLB-Instance
20684
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
bundle.js
ads.themoneytizer.com/cs2/dist/ 		103 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/cs2/dist/bundle.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 10:52:38 GMT
server
nginx
etag
"3d387-19a8c-59e3689a88147"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=86400
accept-ranges
bytes
content-length
24569
expires
Tue, 21 Apr 2020 22:48:20 GMT
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345780&pgid=1206652&fmtid=26323&async=1&visit=m&tmstp=8550130543&tag=sas_26323&sh=1200&sw=1600&pgDomain=https%3A%2F%2Ftii.ai%2FjxyaQ&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,58811,1,tii.ai,tii.ai
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6fe765632f541a10aa5824b9db74a115f08f775b9960c58f88bf7dac61502955

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:06 GMT
content-encoding
gzip
x-smrt-d
3%3b9%3b69
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345780&pgid=1206652&fmtid=26328&async=1&visit=s&tmstp=8550130543&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Ftii.ai%2FjxyaQ&noadcbk=sas.noad
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
fb028f8534028ebf229451fa3c7d42e2848522b054fe5913f5b0df8ead47129c

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
x-smrt-d
3%3b2%3b66
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
sync
s.cpx.to/
Redirect Chain
  • https://dmp.truoptik.com/0362536315099b06/sync.gif?cbk=https%3A%2F%2Fs.cpx.to%2Fsync&dsp=TRUOPTIK&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&fck=265dd18e2d29285f&cbp=dsp_uid
  • https://s.cpx.to/sync?dsp_uid=b7836109db3c67390e5dfffb7d723849&fck=265dd18e2d29285f
95 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=b7836109db3c67390e5dfffb7d723849&fck=265dd18e2d29285f
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 20 Apr 2020 22:49:08 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 20 Apr 2020 22:49:08 GMT

Redirect headers

date
Mon, 20 Apr 2020 22:49:08 GMT
cf-cache-status
DYNAMIC
access-control-allow-origin
*
status
302
user-agent
Tru Optik DMP 1.3.1
to-dmp-balancer
balancer2-dmp-ny2-eqx.truoptik.com
content-length
154
cf-request-id
023b6102af0000047ecb1a0200000001
pragma
no-cache
to-dmp-sync
s6-dmp-ny2-eqx.truoptik.com
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html
location
https://s.cpx.to/sync?dsp_uid=b7836109db3c67390e5dfffb7d723849&fck=265dd18e2d29285f
cache-control
no-store
cf-ray
58726ab118e7047e-CDG
expires
0
an_fire
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3D%26hn_ver%3D10%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
  • https://s.cpx.to/an_fire?app_nexus_uid=3096597288063897508&pid=11528&ref=&hn_ver=10&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
95 B
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/an_fire?app_nexus_uid=3096597288063897508&pid=11528&ref=&hn_ver=10&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 20 Apr 2020 22:49:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 20 Apr 2020 22:49:07 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:09 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.137:80
AN-X-Request-Uuid
289d7d2b-0373-4ed0-bd92-1723e1a6ab81
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/an_fire?app_nexus_uid=3096597288063897508&pid=11528&ref=&hn_ver=10&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=466F7B99-DA66-4947-BB50-71439CEBE635&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
95 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=466F7B99-DA66-4947-BB50-71439CEBE635&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 20 Apr 2020 22:49:07 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Mon, 20 Apr 2020 22:49:07 GMT

Redirect headers

Location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=466F7B99-DA66-4947-BB50-71439CEBE635&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
Date
Mon, 20 Apr 2020 22:49:07 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
447
Content-Type
text/html; charset=iso-8859-1
ca.png
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee
  • https://s.cpx.to/ca.png?dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&google_gid=CAESEGVhqAe1qIAuF6eVkEf34Uk&google_cver=1
95 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&google_gid=CAESEGVhqAe1qIAuF6eVkEf34Uk&google_cver=1
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.146.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-146-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Content-Security-Policy
default-src 'self'
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Mon, 20 Apr 2020 22:49:07 GMT
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
95

Redirect headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:07 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.cpx.to/ca.png?dsp=dbm&fid=f5903f36-bd6b-49eb-a1b2-a5c5715cc6ee&google_gid=CAESEGVhqAe1qIAuF6eVkEf34Uk&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pool.grid-data.bidswitch.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.173.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-173-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
gRHNKY2V7ByMHWHNGcltWfA%3D%3D
d261u4g5nqprix.cloudfront.net/ 		305 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d261u4g5nqprix.cloudfront.net/gRHNKY2V7ByMHWHNGcltWfA%3D%3D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:4400:18:ff2f:6640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3140ec65172e004346968f6f6e5e9d5a24ec2c60b83789c3c6b12a47cc0d1cef

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:07 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
status
200
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
112356
via
1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
x-amz-cf-id
4LO0cNO0H8VczGtvrdbFP0DtWH5frYz-w2oaL4l8kHOStb4G7N8uyQ==
R0l4clVodhsBaBMdKUMGEwdAMzIRbEowACkfIDBmPxg0MxAFLw88bGE9ERZof3hOS2N3bwgbMXp7QVQmMygMByZ6fUpUPCkvF09sdHFeBGh2Z0hcYXdnTFQhNygfT2RhOQwGOXp4TUpic3tKS2Fwek1A
demannewcure.site/ 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demannewcure.site/R0l4clVodhsBaBMdKUMGEwdAMzIRbEowACkfIDBmPxg0MxAFLw88bGE9ERZof3hOS2N3bwgbMXp7QVQmMygMByZ6fUpUPCkvF09sdHFeBGh2Z0hcYXdnTFQhNygfT2RhOQwGOXp4TUpic3tKS2Fwek1A
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aadbfb1bf3c-AMS
cf-request-id
023b6100910000bf3cab994200000001
bframe
www.google.com/recaptcha/api2/ Frame 9D34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=uezch8wphs
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2niVgsi5aDMnTxtVLQ+oHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=zItNOfzbrqVGbb4QFYpPpcrw&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=uezch8wphs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tii.ai/jxyaQ
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 20 Apr 2020 22:49:07 GMT
content-security-policy
script-src 'report-sample' 'nonce-2niVgsi5aDMnTxtVLQ+oHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1182
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
RxFUK2QCR0U4LV9cBHlhBFUHfmAHVgB+bQ
demannewcure.site/TFkzYTVjZlASCCkPdlNvChN6O0IWDX5RcDUbdStZBA15MmAbE3lHQSU9DlYCf28DWBM8MFdcBGoqRwBBOSoOVQdqMF0HWnFgAlQTOmQCTwZ4dwJQG3x/ 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demannewcure.site/TFkzYTVjZlASCCkPdlNvChN6O0IWDX5RcDUbdStZBA15MmAbE3lHQSU9DlYCf28DWBM8MFdcBGoqRwBBOSoOVQdqMF0HWnFgAlQTOmQCTwZ4dwJQG3x/RxFUK2QCR0U4LV9cBHlhBFUHfmAHVgB+bQ
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Apr 2020 22:49:07 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aae39febf55-AMS
cf-request-id
023b6100e10000bf55a7282200000001
tbframe.js
cdn.taboola.com/shared/ Frame 6F96 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
23306
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
+9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by
cache-hhn4049-HHN
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1587422948.837889,VS0,VE0
date
Mon, 20 Apr 2020 22:49:07 GMT
vary
Accept-Encoding
x-amz-request-id
95F04980218A6F57
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
86
x-cache-hits
29761
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 7E84 		695 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e7efc6a113041394d1a1a391a2f0ce05207d2b47e4f9e43b50a0e92ea768a2c

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
jjeEl3CWwE606Dh9.9Abm2cwEVosKZVd
content-encoding
gzip
etag
"1b656a854a42e93785a6dea93e2a18d3"
age
62
x-cache
HIT
status
200
content-length
180622
x-amz-id-2
emx2XlO/Y0J+trZAC/Hq6ilFpg0swBPvmTwOBbteKzzWutvgc1tHYNPDfTiU9A6+60B4g/GAU8o=
x-served-by
cache-hhn4049-HHN
last-modified
Mon, 20 Apr 2020 13:43:55 GMT
server
AmazonS3
x-timer
S1587422948.917106,VS0,VE0
date
Mon, 20 Apr 2020 22:49:07 GMT
vary
Accept-Encoding
x-amz-request-id
C1E6190203717EE5
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
81
x-cache-hits
6
Cookie set alQ4TGILNlshXQtpWmoXGDgFaVAscQoKBlhiCTlWDWFWPRIYPUBiAQY7TSgEGDtWOEwEMUxpUCwzaRorEjFSDQs6AgAvJhABDxo3CRxcCw0gB2kgDCURcRo6ABJOLwoCE3Q0IFsRCAUvLwF5DThYN1UfGl4aW38wDhMJeA8ILFsqOgMeTg0kEgZyGCMnAFAVUicjT...
statutorjuihui.site/ Frame 0BBB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://statutorjuihui.site/alQ4TGILNlshXQtpWmoXGDgFaVAscQoKBlhiCTlWDWFWPRIYPUBiAQY7TSgEGDtWOEwEMUxpUCwzaRorEjFSDQs6AgAvJhABDxo3CRxcCw0gB2kgDCURcRo6ABJOLwoCE3Q0IFsRCAUvLwF5DThYN1UfGl4aW38wDhMJeA8ILFsqOgMeTg0kEgZyGCMnAFAVUicjTxQ6ECcPFDAwBmILIFkAQHkaDiN2ByUpI0IZCiQxdhhTKRFQGhsvFmoFIykzAB4wUzdiCyMoEgkJCw4jdgc6EB4LDVIaHWILIygHTw0HMyNtICA9PAsNUhoGdR8oDhwILwknEhUjNjgTaisGWmx8KAwdF2wONBANUCcwPRBtaVAsDG50ISs6WwgxBiNXAzQ4MnkiJ1sCeiAAJjpLGTErFVEDCScCYB8wWRVCOyoODE8ONCsaChUjAgF5FAYYEn0rIyc+dhQlWh1XKBUnbHoUKAYcCCclMC1bATMdBkIWIzsxbX8FWRVtJyAjZnUJMw0CDBYzKB17HzNYFQh8IyNmdho2KxkeJhEFOkhxIQgiVg4mAyZ1DxMQAw
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Host
statutorjuihui.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tii.ai/jxyaQ
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
csu=4f7ed494-924b-481b-a786-a833d1846b3c; fv=rjk5qHnGrTU9qGEFqjY6qdsGpjn6vdw=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://tii.ai/jxyaQ

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
Content-Type
text/html
Content-Length
1253
Connection
keep-alive
Set-Cookie
__cfduid=dbc11b3096b3a49668ce95e27f44b4c081587422948; expires=Wed, 20-May-20 22:49:08 GMT; path=/; domain=.statutorjuihui.site; HttpOnly; SameSite=Lax; Secure
cache-control
no-store, no-cache, must-revalidate, no-transform
Pragma
no-cache
P3P
CP="NID DSP ALL COR"
content-encoding
gzip
Accept-Ranges
bytes
CF-Cache-Status
DYNAMIC
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
58726ab2993f7317-AMS
cf-request-id
023b61039f00007317e6ae4200000001
EiEdcHABQxIcZCg1AQ9TJhE4JXBiAzotCnNCa3EEfVEjIFN5RmtvRDAWJzxEeUZ1IFkiGG5vQXlGfXkZdFllb0M0FjR0BmIHJz1beUZmcQBwRWFwA3xFY38
demannewcure.site/U0k3RHd8dlQ3SjckeS4kPSV/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/U0k3RHd8dlQ3SjckeS4kPSV/EiEdcHABQxIcZCg1AQ9TJhE4JXBiAzotCnNCa3EEfVEjIFN5RmtvRDAWJzxEeUZ1IFkiGG5vQXlGfXkZdFllb0M0FjR0BmIHJz1beUZmcQBwRWFwA3xFY38
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726ab32e3ebf55-AMS
cf-request-id
023b6103fa0000bf55a72a8200000001
RW5NYlZqUS4RayQDfA4MKBovNWcTPA4OHwo4fCg0HT8lMwATGixEIiwKcFpld1x0V3A1BylfZXdIPhY3MRs+X2dySCQMMCpTfFNvcUg7X2ZrW2NQYGteaxYmJAlwU3A1GjkOa3RbdVVid1x0Vm52XH8
demannewcure.site/ 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demannewcure.site/RW5NYlZqUS4RayQDfA4MKBovNWcTPA4OHwo4fCg0HT8lMwATGixEIiwKcFpld1x0V3A1BylfZXdIPhY3MRs+X2dySCQMMCpTfFNvcUg7X2ZrW2NQYGteaxYmJAlwU3A1GjkOa3RbdVVid1x0Vm52XH8
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726ab33c07bf3c-AMS
cf-request-id
023b6104000000bf3cab9df200000001
impl.20200420-19-RELEASE.js
cdn.taboola.com/libtrc/ Frame 7E84 		452 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d93ffb9cecb193d45177c79ff932cc0a482970ad792d3f31503a5a413e33457

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
RlYaUWHWLmZney7.8bfteLN5aSixq4jg
content-encoding
gzip
etag
"b834b1b36c5125257cca792eb47b25ce"
age
97
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
130833
x-amz-id-2
ixAWRn+LpVtftDjieomDRRHD0iJ+FLVYhz9Ay5CUW1oywVlvNFqkql3jPuR7Oq47MeBtrC1kSgM=
x-served-by
cache-hhn4049-HHN
last-modified
Mon, 20 Apr 2020 13:15:21 GMT
server
AmazonS3
x-timer
S1587422948.383121,VS0,VE0
date
Mon, 20 Apr 2020 22:49:08 GMT
vary
Accept-Encoding
x-amz-request-id
2D7F6684524356C3
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
504
beacon.js
sb.scorecardresearch.com/ Frame 7E84 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 21 Apr 2020 22:49:08 GMT
rid
match.adsrvr.org/track/ 		108 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.146.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-146-233.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cb019a50fd3d579a62d1353de379ad46e26979d704585a27f927e921461646ed

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 20 Apr 2020 22:49:08 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tii.ai
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Wed, 20 May 2020 22:49:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 01:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
507358
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Apr 2021 01:53:10 GMT
json
trc.taboola.com/themonetizer-tiiai/trc/3/ Frame 7E84 		31 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-tiiai/trc/3/json?tim=00%3A49%3A08.453&lti=deflated&data=%7B%22id%22%3A21%2C%22ii%22%3A%22%2Fjxyaq%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1587422948451%2C%22cv%22%3A%2220200420-19-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-c%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22345780-GRAND%20ANGLE%22%2C%22orig_uip%22%3A%22345780-GRAND%20ANGLE%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 20 Apr 2020 22:49:08 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
x-served-by
cache-fra19155-FRA
server
nginx
x-timer
S1587422949.586358,VS0,VE9
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
via
1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
headerstats
as-sec.casalemedia.com/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Ftii.ai%2FjxyaQ&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-44.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
Server
Apache
Content-Type
text/plain
Access-Control-Allow-Origin
https://tii.ai
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 20 Apr 2020 22:49:08 GMT
notifyme.php
adtrack.adleadevent.com/ 		0
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.118.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-118-35.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Apr 2020 22:49:08 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://tii.ai
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
R0xLek5ocygJcyQIERsBHw4JOwkoAw4vJhEtDQoHFisBEwoSDgpcOi4odk17f3R4Q2g3JS9Hf39qOA4vMzk4R3p1aiIUKChxeEJ2YTp2S2B3YntUeGE4Oxspen1tCjozIHZLe397f0h8fnhzTH90
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/R0xLek5ocygJcyQIERsBHw4JOwkoAw4vJhEtDQoHFisBEwoSDgpcOi4odk17f3R4Q2g3JS9Hf39qOA4vMzk4R3p1aiIUKChxeEJ2YTp2S2B3YntUeGE4Oxspen1tCjozIHZLe397f0h8fnhzTH90
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726ab50da4bf3c-AMS
cf-request-id
023b6105230000bf3cab9f8200000001
b2
sb.scorecardresearch.com/ Frame 7E84
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422948624&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:08 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
debug
trc.taboola.com/themonetizer-tiiai/log/2/ Frame 7E84 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-tiiai/log/2/debug?tim=00%3A49%3A08.627&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=7352&cv=20200420-19-RELEASE&lt=deflated
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Apr 2020 22:49:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1587422949.652512,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/themonetizer-tiiai/log/2/ Frame 7E84 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-tiiai/log/2/debug?tim=00%3A49%3A08.629&type=error&msg=loadRBox%20failed%2C%20aborting.&id=4795&cv=20200420-19-RELEASE&lt=deflated
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Apr 2020 22:49:08 GMT
via
1.1 varnish
server
Varnish
x-timer
S1587422949.652836,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
p
responsidejo.club/ 		26 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=86269940
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726ab649399cdc-AMS
cf-request-id
023b6105e900009cdc95069200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=678910607095&c=34841837
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:09 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726ab75a2b9cdc-AMS
cf-request-id
023b61069900009cdc9506e200000001
popunder.gif
demannewcure.site/ 		35 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/popunder.gif
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Mon, 20 Apr 2020 22:49:08 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
34211
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
58726ab5b84ebf55-AMS
cf-request-id
023b6105920000bf55a72bb200000001
VXpscTh6RQ8CBQYyAB13HThZJQkAKikpeTQsXQVxMBFdFXwQOFhXTDweUUYNbUJfSB4lEwhMCW1cHwVZIQ8fTA5nXAUfXjpHSgcFZFRcXwh7TEoFSDQdUUAeJQ4YHQVkT1RGDGdIVUUAYkNf
demannewcure.site/ 		0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://demannewcure.site/VXpscTh6RQ8CBQYyAB13HThZJQkAKikpeTQsXQVxMBFdFXwQOFhXTDweUUYNbUJfSB4lEwhMCW1cHwVZIQ8fTA5nXAUfXjpHSgcFZFRcXwh7TEoFSDQdUUAeJQ4YHQVkT1RGDGdIVUUAYkNf
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:08 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726ab628aabf55-AMS
cf-request-id
023b6105d60000bf55a72bf200000001
match
match.360yield.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=XrTtY8AxQI25fNbvX5jmfA&google_cm&publisher_dsp_id=340
  • https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA0tQ51D0UCdWwUMLq-fMsg&google_cver=1
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA0tQ51D0UCdWwUMLq-fMsg&google_cver=1
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:10 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.360yield.com/match?publisher_dsp_id=340&google_gid=CAESEA0tQ51D0UCdWwUMLq-fMsg&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ice.360yield.com/
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAA...
  • https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588632550&external_user_id=3811960601315767241
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588632550&external_user_id=3811960601315767241
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:10 GMT
server
nginx
status
302
location
https://ice.360yield.com/match?publisher_dsp_id=42&Expiration=1588632550&external_user_id=3811960601315767241
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
expires
-1
match
ad.360yield.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
  • https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEPH8nARZu1AhMotjDNLEKQw&google_cver=1
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEPH8nARZu1AhMotjDNLEKQw&google_cver=1
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.1.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-1-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:10 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA&external_user_id=CAESEPH8nARZu1AhMotjDNLEKQw&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=improve&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAA...
  • https://x.bidswitch.net/ul_cb/sync?ssp=improve&publisher_user_id=5eb4ed63-c031-408d-b97c-d6ef5f98e67c&publisher_dsp_id=191&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AA...
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=improve
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=improve
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=f8dbdaa2-2f0e-480f-b616-975098f2fe17&ssp=improve
  • https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb
43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.1.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-1-143.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status
302
date
Mon, 20 Apr 2020 22:49:10 GMT
content-type
text/plain
content-length
0
location
https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=191&external_user_id=adc1683e-8ed5-48b6-bd99-c72af22fd5eb
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
match
ice.360yield.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
  • https://ice.360yield.com/match?external_user_id=3096597288063897508&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ice.360yield.com/match?external_user_id=3096597288063897508&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
access-control-allow-origin
*
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:12 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.74:80
AN-X-Request-Uuid
371cf605-54be-47e9-979b-1843d3999807
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ice.360yield.com/match?external_user_id=3096597288063897508&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOyIqQvCLAAAENDG-AAAAvTAAA
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
_a62zxzkFShpqJqvZ-0U8DfcQewCZz3-j1Aot1wh6KDkTeDesqWT9BK1D4tqt95Wchb_ekyDXHL9ioa9o9YcE9cvSw0nxw2u-I61zKQ33FNLvsozaqICNB_FpRGLk0gpa5z75968GVsG7hZo2TLU4H95s7fQy1j9vSJCjm2VAW710KwbT-OVqHO6w6vlsAOb4IE4I...
cicero-mit.com/imp/24528fe6-8359-11ea-8ed4-1278be4eed15/1/ 		0
0
_a62zxzkFShpqJqvZ-0U8DfcQewCZz3-j1Aot1wh6KDkTeDesqWT9BK1D4tqt95Wchb_ekyDXHL9ioa9o9YcE9cvSw0nxw2u-I61zKQ33FNLvsozaqICNB_FpRGLk0gpa5z75968GVsG7hZo2TLU4H95s7fQy1j9vSJCjm2VAW710KwbT-OVqHO6w6vlsAOb4IE4I...
cicero-mit.com/imp/24528fe6-8359-11ea-8ed4-1278be4eed15/1/ Frame 9FBA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cicero-mit.com/imp/24528fe6-8359-11ea-8ed4-1278be4eed15/1/_a62zxzkFShpqJqvZ-0U8DfcQewCZz3-j1Aot1wh6KDkTeDesqWT9BK1D4tqt95Wchb_ekyDXHL9ioa9o9YcE9cvSw0nxw2u-I61zKQ33FNLvsozaqICNB_FpRGLk0gpa5z75968GVsG7hZo2TLU4H95s7fQy1j9vSJCjm2VAW710KwbT-OVqHO6w6vlsAOb4IE4ITddAo1uvOYFE9486O2CNmprgNLquSv1sM_6K1Lcz6wAhWC5xaoOsfe4CJAHJhV8zNu-WEZ_igCHE8sImH9BRqIPu-NSd9Wfy0NewSnGC8Drjj30CvjhIuMK4Tn2BAv50IBmlcAgqVitDQ8x_K8s1-A0CjraB2slzlNR4J0n_6TkW-hOUIOKKzxffW7tPb6MsuCmrSpu1kOWMe8-ZChpzsLYlN2r8IL3-uM1XfxLz9OuTJbq6O8mtIO8O5Tqi2hXSyDprSfK2bnreG4EwmKUq0qTLSxY5Avr3hX-_70eTzg8pgctjTnPTXNJPd_CmwzcFtLN5qQWuOfk_Ip83V6nNm5YlBUn8YDXzfK_YUkFicg8ECKi925BelT3hGF9DBR9VMlLqAP3aba-KdGFo-BF852Obo90WhooF-y-kHht2inmJEFS4zF2WpHPI_vjSbdG-61NwpnGw8oCWk69ZwLMot6ad2qi80LD0Y3aJMw9vA3uoH_kgx-aJuaJhAp4DcSWBj8QvdQHlJ7ZdNK4uUUclglUXvK-H8OSVRGkuf4yUlfrH4Kt8OXZ_H9RUwt2kAjWz48=.OuVGDDIPjQ0GEmJc8EMefQ==
Requested by
Host: d1ks8roequxbwa.cloudfront.net
URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832295
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:40f7:9700:a108:e95a:4ac8:642e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
bf32fc409265a5904b4e9315456219c7dd8289ffabcef949b4a889e400190a64

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:10 GMT
content-disposition
inline;filename=f.txt
content-length
7562
content-type
image/webp
truncated
/ Frame 9FBA 		795 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=82234700
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:10 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726ac1ecb19cdc-AMS
cf-request-id
023b610d3100009cdc95206200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=60611230
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:12 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726ace6e169cdc-AMS
cf-request-id
023b61150100009cdc952b7200000001
9A7ijNgCbyS-RhrDZVlUq27P7zoy3mZy2-OTy1B4j6CDM-G-8Ya_4vcngmXJkvQ0LXDvo7gPFfd5_A72lC4WXGfQiVEi6aQG_nX2DbSv8xTh0Xu8V-3sWu3AdLZ2ExPvw0eoffGpyZ-RJqGEJrSmFgUQtBwdPgrt9LxUZFM_4RiDa_q2aFsZ9bSB3wtyIb1y2xa6Y...
cicero-mit.com/imp/24528fe7-8359-11ea-81a3-0aff30e33437/1/ Frame 9FBA 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cicero-mit.com/imp/24528fe7-8359-11ea-81a3-0aff30e33437/1/9A7ijNgCbyS-RhrDZVlUq27P7zoy3mZy2-OTy1B4j6CDM-G-8Ya_4vcngmXJkvQ0LXDvo7gPFfd5_A72lC4WXGfQiVEi6aQG_nX2DbSv8xTh0Xu8V-3sWu3AdLZ2ExPvw0eoffGpyZ-RJqGEJrSmFgUQtBwdPgrt9LxUZFM_4RiDa_q2aFsZ9bSB3wtyIb1y2xa6YsdfIdr5hHmaXd7RQEalNQ6T_M9K2nFfzqG9NakqUdiQAA88x-K0sxvKVb60XPLDHHEvdlToRCHdBPVgoouxX6LdHPmBXNu_5CFMDMh1rHx0yukGq7491aWkHH2GAnEkDfuhmG9lEz9fW9-F6NiymC-8-Fx6ePqg2P7HJQy0pcUob0lEjzq7mL2lWlj0P5J2GbFu2xwpFPj52O1Dfhu9NDUdA3ELHuuH-xKuXV6IuCH1Rx2hWAYwU50mgeLLBSuF9nWegzsttFel9hNUV0qTYmaIYa8fAkkAX-dMdjNGCFKU4qAVCtNPG6khosCJPRIguHQw6L-_b7YogaUPKLaVOJpPbRn-yleu_bcrOP1OWcIlIRRMG0upzLZseHLZeU1XCgMhKRZyFDCQjAtxKunNNFvBhrOI6QRTHuv-WEu5o1UMEycTtsXCbezPa-V-zYq-_vznqKJN_1k4hOSeyoRAhcKXCZ_4lCgwlj4c5uO7I2BfKng0gWa1CeRp5ePBOHbLuESirfkO0p_Y27Pnnn5plb9ZqsRapt42PToluFQ9SVMAIkFpWQS2D2ouJstf42omBA8=.eR0W-ptkfY-omsj0fNdvxw==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:40f7:9700:a108:e95a:4ac8:642e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
bf32fc409265a5904b4e9315456219c7dd8289ffabcef949b4a889e400190a64

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 20 Apr 2020 22:49:13 GMT
content-disposition
inline;filename=f.txt
content-length
7562
content-type
image/webp
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=97789475
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:14 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726adaefe79cdc-AMS
cf-request-id
023b611cd200009cdc9532f200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=95759874
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:16 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726ae76a7a9cdc-AMS
cf-request-id
023b6124a200009cdc95022200000001
DlsOYGhIC1xtfAFESyQvTBdLbX8ARFE+KFdfCWB+CFYeJnMJTAh+eghMDHY6SANfbX8eEkwkIgVTDWh5DFAKaXsPUwpn
demannewcure.site/OGI4UE4XXVsjc106UBMcUxJxBCByGnNgC1oBcB0+fycJYi1wEnJ2OlEGBWh/ 		0
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://demannewcure.site/OGI4UE4XXVsjc106UBMcUxJxBCByGnNgC1oBcB0+fycJYi1wEnJ2OlEGBWh/DlsOYGhIC1xtfAFESyQvTBdLbX8ARFE+KFdfCWB+CFYeJnMJTAh+eghMDHY6SANfbX8eEkwkIgVTDWh5DFAKaXsPUwpn
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 20 Apr 2020 22:49:17 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
Connection
keep-alive
CF-RAY
58726aea3e28bf55-AMS
cf-request-id
023b6126630000bf55a725d200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=02407040
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:18 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726af3eba09cdc-AMS
cf-request-id
023b612c7200009cdc95091200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=02627822
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:20 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b006c5c9cdc-AMS
cf-request-id
023b61344300009cdc950ed200000001
p
responsidejo.club/ 		26 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=71555303
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:22 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b0cedfc9cdc-AMS
cf-request-id
023b613c1100009cdc95142200000001
prebid-request
onetag-sys.com/ 		15 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.9.253 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
status
200
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://tii.ai
cache-control
no-cache, no-transform
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
hb
ice.360yield.com/ul_cb/
Redirect Chain
  • https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2Fj...
  • https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii....
3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224985dc1ff23bffc%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%224f69bde8-4ad5-4091-be65-c3287c7bdbac%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
eefb7c3c34ba2f85e0422d4bfbb291b0f64a38ada362ae0325e63f170c4a48d5

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 22:49:24 GMT
content-encoding
gzip
status
200
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
1797

Redirect headers

date
Mon, 20 Apr 2020 22:49:24 GMT
status
302
location
https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225447084b2a0ba47%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224985dc1ff23bffc%22%2C%22pid%22%3A%2222249870%22%2C%22tid%22%3A%224f69bde8-4ad5-4091-be65-c3287c7bdbac%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://tii.ai
access-control-allow-credentials
true
content-type
text/plain
content-length
0
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58811&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
e04ba7edb421a9e2386be7beb182040f62e281372181a108bc05babc666a4ef8

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 20 Apr 2020 22:49:24 GMT
content-encoding
gzip
server
nginx
status
200
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
432
expires
Tue, 21 Apr 2020 22:49:06 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:26 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
5376a11a-64c9-4e79-b4d7-5142bc172046
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://tii.ai
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=86062180
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:24 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b1968c79cdc-AMS
cf-request-id
023b6143e100009cdc951a0200000001
ac
ww1097.smartadserver.com/ 		22 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345780&pgid=1206652&fmtid=26323&async=1&visit=s&tmstp=8550130543&tag=sas_26323&sh=1200&sw=1600&pgDomain=https%3A%2F%2Ftii.ai%2FjxyaQ&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,58811,1,tii.ai,tii.ai
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
6fe765632f541a10aa5824b9db74a115f08f775b9960c58f88bf7dac61502955

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 20 Apr 2020 22:49:24 GMT
content-encoding
gzip
x-smrt-d
3%3b14%3b118
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache, no-store
content-type
application/javascript; charset=utf-8
content-length
140
expires
-1
/
c.tmyzer.com/c/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=58811&f=3&fi=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 20 Apr 2020 22:49:25 GMT
Server
nginx
X-IPLB-Instance
20683
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
tbframe.js
cdn.taboola.com/shared/ Frame 98D4 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
age
23323
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
+9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by
cache-hhn4049-HHN
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-timer
S1587422965.361885,VS0,VE0
date
Mon, 20 Apr 2020 22:49:25 GMT
vary
Accept-Encoding
x-amz-request-id
95F04980218A6F57
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/x-javascript
abp
86
x-cache-hits
29788
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 5991 		695 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e7efc6a113041394d1a1a391a2f0ce05207d2b47e4f9e43b50a0e92ea768a2c

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
jjeEl3CWwE606Dh9.9Abm2cwEVosKZVd
content-encoding
gzip
etag
"1b656a854a42e93785a6dea93e2a18d3"
age
80
x-cache
HIT
status
200
content-length
180622
x-amz-id-2
emx2XlO/Y0J+trZAC/Hq6ilFpg0swBPvmTwOBbteKzzWutvgc1tHYNPDfTiU9A6+60B4g/GAU8o=
x-served-by
cache-hhn4049-HHN
last-modified
Mon, 20 Apr 2020 13:43:55 GMT
server
AmazonS3
x-timer
S1587422965.440336,VS0,VE0
date
Mon, 20 Apr 2020 22:49:25 GMT
vary
Accept-Encoding
x-amz-request-id
C1E6190203717EE5
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
81
x-cache-hits
9
impl.20200420-19-RELEASE.js
cdn.taboola.com/libtrc/ Frame 5991 		452 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d93ffb9cecb193d45177c79ff932cc0a482970ad792d3f31503a5a413e33457

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
RlYaUWHWLmZney7.8bfteLN5aSixq4jg
content-encoding
gzip
etag
"b834b1b36c5125257cca792eb47b25ce"
age
115
x-cache
HIT
status
200
x-amz-replication-status
COMPLETED
content-length
130833
x-amz-id-2
ixAWRn+LpVtftDjieomDRRHD0iJ+FLVYhz9Ay5CUW1oywVlvNFqkql3jPuR7Oq47MeBtrC1kSgM=
x-served-by
cache-hhn4049-HHN
last-modified
Mon, 20 Apr 2020 13:15:21 GMT
server
AmazonS3
x-timer
S1587422966.685741,VS0,VE0
date
Mon, 20 Apr 2020 22:49:25 GMT
vary
Accept-Encoding
x-amz-request-id
2D7F6684524356C3
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
86
x-cache-hits
611
beacon.js
sb.scorecardresearch.com/ Frame 5991 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Tue, 21 Apr 2020 22:49:25 GMT
b2
sb.scorecardresearch.com/ Frame 5991
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.31.65 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-31-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1587422965751&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Ftii.ai%2FjxyaQ&c9=
Pragma
no-cache
Date
Mon, 20 Apr 2020 22:49:25 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/themonetizer-tiiai/trc/3/ Frame 5991 		31 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-tiiai/trc/3/json?tim=00%3A49%3A25.780&lti=deflated&data=%7B%22id%22%3A761%2C%22ii%22%3A%22%2Fjxyaq%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1587422948451%2C%22cv%22%3A%2220200420-19-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftii.ai%2FjxyaQ%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-c%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22345780-GRAND%20ANGLE%22%2C%22orig_uip%22%3A%22345780-GRAND%20ANGLE%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Mon, 20 Apr 2020 22:49:25 GMT
content-encoding
gzip
access-control-allow-origin
*
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status
200
x-served-by
cache-fra19155-FRA
server
nginx
x-timer
S1587422966.805767,VS0,VE10
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
via
1.1 varnish
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc.taboola.com/themonetizer-tiiai/log/2/ Frame 5991 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-tiiai/log/2/debug?tim=00%3A49%3A25.847&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=4340&cv=20200420-19-RELEASE&lt=deflated
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Apr 2020 22:49:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1587422966.873228,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
debug
trc.taboola.com/themonetizer-tiiai/log/2/ Frame 5991 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-tiiai/log/2/debug?tim=00%3A49%3A25.848&type=error&msg=loadRBox%20failed%2C%20aborting.&id=7574&cv=20200420-19-RELEASE&lt=deflated
Requested by
Host: tii.ai
URL: https://tii.ai/jxyaQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 20 Apr 2020 22:49:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1587422966.873241,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
content-type
status
204
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-sy
true
retry-after
0
x-cache-hits
0
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=17492925
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:26 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b25ebb19cdc-AMS
cf-request-id
023b614bb100009cdc95232200000001
p
responsidejo.club/ 		26 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=05952949
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:28 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b326e2b9cdc-AMS
cf-request-id
023b61538200009cdc952a7200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=61711059
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:30 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b3eff529cdc-AMS
cf-request-id
023b615b5700009cdc952fd200000001
p
responsidejo.club/ 		26 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://responsidejo.club/p?b=976570990352&c=54198454
Requested by
Host: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.16.107.104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032

Request headers

Referer
https://tii.ai/jxyaQ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 20 Apr 2020 22:49:32 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
CF-RAY
58726b4b69be9cdc-AMS
cf-request-id
023b61632100009cdc9535a200000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
loadus.exelator.com
URL
https://loadus.exelator.com/load/?p=1082&g=204&j=r&gdpr=1&gdpr_consent=&ru=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F103%2F1%2F9.gif%3Fpuid%3D%25%25UID%25%25%26gdpr%3D1%26gdpr_consent%3D
Domain
statutorjuihui.site
URL
https://statutorjuihui.site/multi?tid=816960&red=1&cs=aFVxWFJZY0FvM1A2Q20xCWBFbmJY&abt=0&v=1.0.40.4&sm=76&k=daily%20make%20with%20india%20money%20highest%20paying%20best%20shortener&sts=0&prn=0&emb=0&fs=1&ref=https%3A%2F%2Ftii.ai%2FjxyaQ&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_sXvt=1587422947126&crc=1
Domain
cicero-mit.com
URL
https://cicero-mit.com/imp/24528fe6-8359-11ea-8ed4-1278be4eed15/1/_a62zxzkFShpqJqvZ-0U8DfcQewCZz3-j1Aot1wh6KDkTeDesqWT9BK1D4tqt95Wchb_ekyDXHL9ioa9o9YcE9cvSw0nxw2u-I61zKQ33FNLvsozaqICNB_FpRGLk0gpa5z75968GVsG7hZo2TLU4H95s7fQy1j9vSJCjm2VAW710KwbT-OVqHO6w6vlsAOb4IE4ITddAo1uvOYFE9486O2CNmprgNLquSv1sM_6K1Lcz6wAhWC5xaoOsfe4CJAHJhV8zNu-WEZ_igCHE8sImH9BRqIPu-NSd9Wfy0NewSnGC8Drjj30CvjhIuMK4Tn2BAv50IBmlcAgqVitDQ8x_K8s1-A0CjraB2slzlNR4J0n_6TkW-hOUIOKKzxffW7tPb6MsuCmrSpu1kOWMe8-ZChpzsLYlN2r8IL3-uM1XfxLz9OuTJbq6O8mtIO8O5Tqi2hXSyDprSfK2bnreG4EwmKUq0qTLSxY5Avr3hX-_70eTzg8pgctjTnPTXNJPd_CmwzcFtLN5qQWuOfk_Ip83V6nNm5YlBUn8YDXzfK_YUkFicg8ECKi925BelT3hGF9DBR9VMlLqAP3aba-KdGFo-BF852Obo90WhooF-y-kHht2inmJEFS4zF2WpHPI_vjSbdG-61NwpnGw8oCWk69ZwLMot6ad2qi80LD0Y3aJMw9vA3uoH_kgx-aJuaJhAp4DcSWBj8QvdQHlJ7ZdNK4uUUclglUXvK-H8OSVRGkuf4yUlfrH4Kt8OXZ_H9RUwt2kAjWz48=.OuVGDDIPjQ0GEmJc8EMefQ==

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| _3488461003 function| fgjhkashfddsdfdsfsdfsdf function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| LAST_CORRECT_EVENT_TIME number| _3990906631 function| s function| e1GG function| K1GG function| x5dd string| r6II function| Fingerprint2 number| _4203594625 number| _3540422070 function| fa number| _33053119 number| TID object| f5X0 string| J0 string| m0 function| confiantWrap number| themoneytizer_async object| geo object| node object| eucountries object| _captifyAnalytics object| sas object| generic function| criteoCallback object| criteo_gum object| pwidget_config object| iframe function| loadScriptTemelio function| whenFormatFctDefined function| whenDefined object| tagsObject string| website number| random undefined| pubstack object| target object| cs object| notifyme object| ix_lib object| tmzr object| d object| pbs object| format_size object| format_size_ix object| format_size_rubicon object| format_criteo object| format_pulsepoint object| between_w object| between_h object| counter_refresh object| smart_prebid2 object| notvisibleloop string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| GetRichAudienceZone function| Getsize function| GetsizeRubicon function| GetPulseSize function| Timeout function| checkVisibility3 function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26323 object| sc function| Adcall_26328 object| app_vars object| e object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword number| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS function| FIgnwVLnGmpGMq number| a object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| e0rr function| D022 function| VisSense function| MobileDetect object| md function| tmzrChunk object| _pbjsGlobals object| __core-js_shared__ function| JSEncrypt object| ADAGIO object| invibes object| placementBids undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| _clrm boolean| tmcredentials string| moneytizergeo object| libJsLeadPlace object| pp function| quantserve function| __qc object| ezt object| _qoptions object| recaptcha object| closure_lm_559379 undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26300 undefined| Adcall_26322 undefined| Adcall_26711 undefined| Adcall_30012 undefined| Adcall_39287 function| __cmp object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode string| __DOMAIN object| A6q3 string| d3 string| r3 string| M3 object| getBidResponsesForAdUnitCode string| bidcache object| headertag object| TRC number| taboola_view_id

1 Cookies

Domain/Path Name / Value
tii.ai/ Name: ab
Value: 2

7 Console Messages

Source Level URL
Text
console-api log URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3(Line 446)
Message:
[object Object]
console-api log URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=3(Line 699)
Message:
undefined
console-api log URL: https://script.4dex.io/localstore.js(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js(Line 3)
Message:
Server did not respond to loadRBox
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js(Line 3)
Message:
loadRBox failed, aborting.
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js(Line 3)
Message:
Server did not respond to loadRBox
console-api log URL: https://cdn.taboola.com/libtrc/impl.20200420-19-RELEASE.js(Line 3)
Message:
loadRBox failed, aborting.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN,SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.programattik.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
aphycolourses.info
as-sec.casalemedia.com
boudja.com
c.tmyzer.com
cdn.taboola.com
ced-ns.sascdn.com
cicero-mit.com
cm.g.doubleclick.net
d1ks8roequxbwa.cloudfront.net
d261u4g5nqprix.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d3al52d8cojds7.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
demannewcure.site
dmp.truoptik.com
eyes-health.win
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
image2.pubmatic.com
js-sec.indexww.com
loadus.exelator.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
p.cpx.to
pool.grid-data.bidswitch.net
responsidejo.club
rules.quantcount.com
s.cpx.to
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
shrinkearn.com
spl.zeotap.com
statutorjuihui.site
tag.contextweb.com
tag.leadplace.fr
tarawerap.com
tii.ai
track.adform.net
trc.taboola.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
cicero-mit.com
loadus.exelator.com
statutorjuihui.site
104.16.107.104
104.16.107.77
104.16.108.143
104.16.108.45
104.16.91.60
13.224.186.22
13.225.78.109
13.225.87.41
13.225.87.65
145.239.193.145
145.239.193.51
151.101.114.2
151.101.13.44
151.139.241.23
172.217.16.162
18.185.173.123
18.195.171.24
185.33.221.53
185.64.190.80
185.86.137.17
2.16.31.65
23.213.165.44
2600:1f18:40f7:9700:a108:e95a:4ac8:642e
2600:9000:20eb:0:15:b448:1e80:21
2600:9000:2156:4400:18:ff2f:6640:21
2600:9000:2156:9a00:1a:a6:7f00:21
2600:9000:21f3:fe00:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:20::6819:842c
2606:4700:3036::681b:b9c0
2606:4700:3037::681f:5b92
2606:4700:e4::ac40:ac0f
2a00:1450:4001:806::200a
2a00:1450:4001:809::200a
2a00:1450:4001:816::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a02:2638:1::13
35.210.215.44
37.157.4.29
51.68.161.19
51.89.9.253
52.216.133.5
52.51.146.233
52.58.206.142
52.59.1.143
52.59.13.16
54.194.146.225
54.246.118.35
54.38.64.100
68.232.35.16
74.214.194.131
91.228.74.209
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0531e2ac9b7598b7711fb04bc1ad1a996922bda5bae4bf3633900bcacca5d755
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1d93ffb9cecb193d45177c79ff932cc0a482970ad792d3f31503a5a413e33457
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
276cf3789c9b6310307f4afdd0a93e07d083d225609e96c9a1568177622446fd
283570757e6ecc4db839d73774b6a98dbe7a5ff430fcd0a181ceadffc2f30b6a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3140ec65172e004346968f6f6e5e9d5a24ec2c60b83789c3c6b12a47cc0d1cef
334632ca7e02f0d2f24b0ab04a5f29e5d8a413401a677fa5e22a30c8a9006740
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
35f1e764d03f2d1c699c786b2433746313b2958043776d8498c79c6ce8fcbe86
3aefe768f1b5a82df7cdfde84ece2a80b552efcb9c6d3682a59076a1ae24d1d0
3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863
42b558b9f55dde7dcd233d3562d07371786de7ebaeaab2b2ede0d37c1952d590
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
5374fdfdd0b44d7c4986b3eda2c11ccd4728789414f6b4eb4241a1505338327f
544d0e630bab5343f428cec629b40401f794916bff19a78ce136d6f10a19b8d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e2e42dfa571430ee5dca7f2f1214054f8fa4636e9b47923b434436faeb2bdf
56ad7a23c3d2c4fe09f89abe0078ca7bf8e5b782c3d34cce3c2ea1f9c30636ef
5872c58dbb7732e4eba4c1d50d202bdc800740b9fda9e5e9914f196bbc2c347b
59810fde24ce60c80da277fc0a947e428ab733def8e8af97a5b480ac9e510ca2
5a7abb232d9b39753bb44579eb35ec8c2fff897951e02c8d813c5b5584c88793
5e7efc6a113041394d1a1a391a2f0ce05207d2b47e4f9e43b50a0e92ea768a2c
5fd6919dffd6772afab8d6c851e3f074d4abded4fb4982a9adb7fb696095b89e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6e2437a5686f12e3bd1feb65cee62fe50537b628ba3ff8f28f310a5a63f93c63
6fe765632f541a10aa5824b9db74a115f08f775b9960c58f88bf7dac61502955
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
7c97f6e3a63cde2ec40a982359b3aefff892560577e4846a629556da52e75391
7e4ad3f8b6a95d8e27fbf35553df63e48105377ee226b82291f0e629b39727e3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
8d6d056c1f4b9325cc4920a9776144b29ffb86faff4a63c1906f468dc7a2a032
8d93ada941279583fe2b65decbeb16643657ce1a86c1af08cbc95f4c9ecb7b7b
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
99d98b678689bfd5c0b02a4761acb60d81dae4c87e1cf63427feaf69f9216afb
9a088fb76e821b4d783a3d9498c3b3742b9eda99d7b5949d8cf683db7e468690
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9cbc31746708fc633716f8451dbba601b528a5d6cb37352fdf11ff604207cdc8
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2ac89addba7ffcc2858f08655072ba5a56e8cf74b70c19e75bd51c653a4b9bc
a68d161af49e25a6bc817a4af26143f51c6690653baff4d86686f2495a4a540f
ac4fbaaa88516046246b0df98894703024d0eb8e5d68144f5e0a798e57c39a8e
ad209dc504cc97991573344dfd1142168265443a8f4cb7e1444a132ba601da19
afc64d8345a0c5e5fe8f866056f6e594bae4a885ef8bc44a37de95dd9eaae157
b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926
b383546e2f74a7c9802ea646c883836170b86f3b63e046db52084b6537c7b78b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf32fc409265a5904b4e9315456219c7dd8289ffabcef949b4a889e400190a64
cb019a50fd3d579a62d1353de379ad46e26979d704585a27f927e921461646ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
e04ba7edb421a9e2386be7beb182040f62e281372181a108bc05babc666a4ef8
e2d50744e553a45e3c2469dc73c7deb787679c4090de89d6b86b28652c912fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eefb7c3c34ba2f85e0422d4bfbb291b0f64a38ada362ae0325e63f170c4a48d5
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
ef902c79e00dff9cc0872329537f7f53fbd0ceb7b6747bb124edb72e60c25aee
f2af6a03599a30f21216920acbab05ce2903a5f62b4a6b4f9b0a2b234004e53e
f41abae8bd5c347a394ba19b3c88b8af4aa1b99c5ac9d9147ec146d3a13ca556
fb028f8534028ebf229451fa3c7d42e2848522b054fe5913f5b0df8ead47129c