iir.ai Open in urlscan Pro
2606:4700:3033::681c:1f0a  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
• https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 59

• https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
• https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO0g8sYvunj8hKsqRtFO1g2qkvqTNpSXDPDMGrzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/3/7/3.gif?puid=28015eca-e203-4000-a19c-d72c50eb8b85&gdpr=1&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/10/6/4.gif?puid=5166839012462887300&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/19/5/5.gif?puid=5cf68f9e8f615791c6b5d213001aa256&gdpr=1&gdpr_consent= HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/101/4/6.gif?puid=72db512a-224f-4377-89cc-1158c6c30440&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/12/108/3/7.gif?puid=8d0f8831-9e02-11ea-8a56-c6eed6eb2ed6&gdpr=1&gdpr_consent= HTTP 302
• https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=

Request Chain 89

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 106

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 114

• https://xml.realtime-bid.com/thumbnail?i=ZAbb6EhsLUM_1&imgt=icon HTTP 302
• https://static.realtime-bid.com/n337/ad/300x300_JV3ipgIYuREpVqhg2J7I.jpeg

Request Chain 121

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220f3b325644d02%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22ff988644-33ae-409e-9371-e6176b6c3f21%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2234d2a9738bbe7%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%222abaca01-7147-4cd9-9f89-5b7de056207f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2246c66d05ceea85%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%224f56658c-b055-41b0-b0b2-df6821020b67%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%225303c5c22e017f%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%224502c2b5-5552-412c-9b5c-984a907a465d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%226b2c321dd3307%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%22c2ace565-400a-4faa-9802-9872ef3db537%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220f3b325644d02%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22ff988644-33ae-409e-9371-e6176b6c3f21%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2234d2a9738bbe7%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%222abaca01-7147-4cd9-9f89-5b7de056207f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2246c66d05ceea85%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%224f56658c-b055-41b0-b0b2-df6821020b67%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%225303c5c22e017f%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%224502c2b5-5552-412c-9b5c-984a907a465d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%226b2c321dd3307%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%22c2ace565-400a-4faa-9802-9872ef3db537%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D

Request Chain 122

• https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2276a117bd1dc8ef%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2279960f77-4134-4336-ad73-d84cf4ec0961%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
• https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2276a117bd1dc8ef%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2279960f77-4134-4336-ad73-d84cf4ec0961%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 145

• https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9=

Request Chain 150

• https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://euc-ice.360yield.com/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://euc-ice.360yield.com/ul_cb/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA

Request Chain 151

• https://match.adsby.bidtheatre.com/idmatch?publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=69&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
• https://euc-ice.360yield.com/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69 HTTP 302
• https://euc-ice.360yield.com/ul_cb/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69

Request Chain 152

• https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
• https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
• https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455 HTTP 302
• https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455

Request Chain 153

• https://id5-sync.com/match?publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&publisher_redirecturl=https://euc-ice.360yield.com/match HTTP 302
• https://id5-sync.com/c/124/124/1/1.gif?puid=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://id5-sync.com/c/124/101/0/2.gif?puid=424a0943-a7c4-452d-a23d-ca18ea5e7505&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOVQzeQSfDiw5OeL01a8m4dDNcsRD-9L_LmOyYiQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA

Request Chain 154

• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&google_tc= HTTP 302
• https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1 HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request YdS6J2 Show response iir.ai/	43 KB 17 KB	403ms 376ms	Document text/html	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef714846536ebc16d40d60d882ff0fb29fed1e5d73b878153b0335e5291c5fa0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN,SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority iir.ai :scheme https :path /YdS6J2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:13 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d752e11ebb7927082b47384cf4383311f1590354432; expires=Tue, 23-Jun-20 21:07:12 GMT; path=/; domain=.iir.ai; HttpOnly; SameSite=Lax; Secure AppSession=1e42c6e56bd6d4b6ff6f1eb1b0ee7bad; path=/; HttpOnly; secure csrfToken=01e7a19dc0017bf12ce77ca10d06d68eb63ef9ae4b1be8d07a485dd1c94fc84a1ce5084ccb9d7cc3b79f3de3dfa69b5c285aa539c9d71a35ae6b621a681cfaed; path=/; HttpOnly; secure cache-control no-store, no-cache, must-revalidate cf-railgun direct (starting new WAN connection) expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache vary Accept-Encoding,User-Agent x-content-type-options nosniff x-frame-options SAMEORIGIN,SAMEORIGIN x-robots-tag noindex, nofollow x-turbo-charged-by LiteSpeed x-xss-protection 1; mode=block cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5989fc25cc9dd6fd-FRA content-encoding br cf-request-id 02ea1beba00000d6fdb2a4d200000001
GET H2	200	css fonts.googleapis.com/	3 KB 590 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 24 May 2020 21:07:13 GMT server ESF date Sun, 24 May 2020 21:07:13 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 24 May 2020 21:07:13 GMT
GET H2	200	styles.min.css iir.ai/cloud_theme/build/css/	189 KB 31 KB	18ms 17ms	Stylesheet text/css	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 381275 status 200 x-xss-protection 1; mode=block last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bed220000d6fdb2a67200000001 cf-ray 5989fc283ad0d6fd-FRA expires Fri, 19 Jun 2020 11:12:36 GMT
GET H2	200	/ Show response dc5k8fg5ioc8s.cloudfront.net/	50 KB 20 KB	221ms 192ms	Script text/plain	2600:9000:2190:f400:1a:a6:7f00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:f400:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 3c397b9f10e1113e58ddef7958b86054aea22045588f1303ae57175a00340354 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-amz-cf-pop ZRH50-C1 status 200 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 19757 via 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront) x-amz-cf-id k6sRXjNboH2RSThKnjcZQGfMsSAZ-wygFghJTFRirDuEaL0wJ4xozQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	82 KB 33 KB	28ms 15ms	Script application/javascript	2a00:1450:4001:800::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-113561579-2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 70e5dab24c92509680f7836b9997e9478ca95e9a6674da6e33ddfb6bd571dcea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33118 x-xss-protection 0 expires Sun, 24 May 2020 21:07:13 GMT
GET H2	200	hmpglogo228x70.png clk.sh/webroot/modern_theme/img/	3 KB 3 KB	64ms 23ms	Image image/png	2606:4700:20::681a:ff6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://clk.sh/webroot/modern_theme/img/hmpglogo228x70.png Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e262d211d25e9671c5d3e7b450e138ddbcacfed50d4f277f39b52fffeae96eb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT x-content-type-options nosniff cf-cache-status HIT age 11864547 cf-polished origSize=3621 status 200 content-length 2976 x-xss-protection 1; mode=block last-modified Fri, 15 Nov 2019 04:31:24 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Accept-Encoding content-type image/png expires Thu, 07 Jan 2021 13:24:45 GMT cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bee38000006017d1b3200000001 accept-ranges bytes cf-ray 5989fc29fa380601-FRA cf-bgj imgq:100
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	43 KB 14 KB	188ms 65ms	Script text/javascript	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software sffe / Resource Hash e3bdc24a0088f37924619eac0ca517b6dcaf888396292ab295567076828e8ce5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "524 / 974 of 1000 / last-modified: 1590083532" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14369 x-xss-protection 0 expires Sun, 24 May 2020 21:07:13 GMT
GET H2	200	/ Show response d1ks8roequxbwa.cloudfront.net/	75 KB 28 KB	231ms 187ms	Script text/plain	2600:9000:2190:dc00:15:b448:1e80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1ks8roequxbwa.cloudfront.net/?orskd=832300 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:dc00:15:b448:1e80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash cc13ad9a0624e07312656efa161752bf25bcf265465af5839c43b2057ba3099f Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-amz-cf-pop ZRH50-C1 status 200 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 28106 via 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront) x-amz-cf-id imMdPwIvDQMyjSL9P-ly_ZC-BM1zqRCYIvMHoR9Mwvy7HrKOzOUaXQ==
GET H2	200	sw_2735511.js Show response iir.ai/	93 KB 34 KB	20ms 20ms	Script application/javascript	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/sw_2735511.js Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07dad39d552a962087de78cfc171db1a66b30b16ad7322712294e73ab1d009c6 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 60539 status 200 x-xss-protection 1; mode=block last-modified Wed, 08 Jan 2020 13:23:12 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bee030000d6fdb2a7a200000001 cf-ray 5989fc299ed2d6fd-FRA expires Tue, 23 Jun 2020 04:18:11 GMT
GET H/1.1	200 OK	/ Show response d3al52d8cojds7.cloudfront.net/	298 KB 105 KB	389ms 225ms	Script text/plain	13.224.186.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3al52d8cojds7.cloudfront.net/?tid=731347 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.186.67 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-186-67.fra2.r.cloudfront.net Software / Resource Hash ca19465e54e424c2646d417c4a1de524154b1f50e57781a57569e1d0c1ea2472 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip X-Amz-Cf-Pop FRA2-C1 X-Cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 107409 Via 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront) X-Amz-Cf-Id zatFIihv2gLoI2G0TGm9iFxQgN0nZ3VUa_uExhgzz-ms8SIlZpGlkQ==
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	7 KB 3 KB	96ms 29ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=19 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 2602 expires Mon, 25 May 2020 21:07:08 GMT
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	61 KB 10 KB	120ms 54ms	Script text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 271ddb505f2d70662f08196835efef9e6f00bbbacadcccb876d78b769948bbfd Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip server nginx x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 status 200 cache-control max-age=86400 accept-ranges bytes content-length 9969 expires Mon, 25 May 2020 21:07:13 GMT
GET H2	200	ads.js Show response iir.ai/js/	192 B 264 B	25ms 24ms	Script application/javascript	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/js/ads.js?ver=6.4.0 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb0e68f005af52ea63e4aec52c0392f58b34f14116daf70c553d9390fd6512e8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 381275 status 200 x-xss-protection 1; mode=block last-modified Mon, 02 Dec 2019 16:40:25 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Accept-Encoding content-type application/javascript cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bee110000d6fdb2a7e200000001 cf-ray 5989fc29bf07d6fd-FRA expires Fri, 19 Jun 2020 11:12:37 GMT
GET H2	200	script.min.js Show response iir.ai/cloud_theme/build/js/	202 KB 58 KB	21ms 20ms	Script application/javascript	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/cloud_theme/build/js/script.min.js?ver=6.4.0 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 232992 status 200 x-xss-protection 1; mode=block last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bee110000d6fdb2a7f200000001 cf-ray 5989fc29bf08d6fd-FRA expires Sun, 21 Jun 2020 04:23:57 GMT
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	742 B 918 B	55ms 15ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 17c3eafcf9e58984f85e8fecc668212e8a4ebe2ca281f62a145f9cbb3ce57c8b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 471 x-xss-protection 1; mode=block expires Sun, 24 May 2020 21:07:13 GMT
GET H2	200	popunder.gif boudja.com/	35 B 365 B	354ms 231ms	Image image/gif	13.224.196.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://boudja.com/popunder.gif Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.23 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-23.fra2.r.cloudfront.net Software openresty/1.15.8.2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma public date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip server openresty/1.15.8.2 x-amz-cf-pop FRA2-C1 x-cache Miss from cloudfront content-type image/gif status 200 cache-control public, max-age=604800, immutable content-length 58 via 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront) x-amz-cf-id SajYdQHT2Wykr5Lo07E1e-6SqhYXpifVIFZEsXjYrOPcOominOjbqQ==
GET H2	200	Newbackground.jpg clk.sh/webroot/img/	74 KB 75 KB	47ms 16ms	Image image/jpeg	2606:4700:20::681a:ff6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://clk.sh/webroot/img/Newbackground.jpg Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ff6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a137ebb5bde3957f26d1ff3a877994ae30a643b137b94cecd8218b31f890fbb3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT x-content-type-options nosniff cf-cache-status HIT age 9288185 cf-polished origSize=92083 status 200 content-length 75966 x-xss-protection 1; mode=block last-modified Fri, 01 Jun 2018 10:09:25 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Accept-Encoding content-type image/jpeg expires Sat, 06 Feb 2021 09:04:07 GMT cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bee37000006017d1b2200000001 accept-ranges bytes cf-ray 5989fc29fa360601-FRA cf-bgj imgq:100
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://iir.ai Response headers date Tue, 19 May 2020 23:24:57 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:54 GMT server sffe age 423736 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14176 x-xss-protection 0 expires Wed, 19 May 2021 23:24:57 GMT
GET H/1.1	200 OK	Cookie set dRkaDQJQCz4yK1YKORYiAhVlBFtpFDYNEmkKFCYoVWglAjhyfjg2BV0obw9cfxULJl9qNDsR properatersch.fun/UkVqM1gzJwleZzN4CBUtIClXFmoUYFh1PGMuGQsqPSAbRiAwMgsdOz4qH1c+ICoER3Y8IB4WahQvD2cSGCQEfjkKFgl+DBN0CH8ONgk5VBpkEgF9PgUBBXUQAy46cmklYFh1FhU2G2shPRM9S2kfBx19DzYDAmUeBAgEdw1nIzxKOxgRAVQ... Frame F18F	0 0	237ms 163ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/UkVqM1gzJwleZzN4CBUtIClXFmoUYFh1PGMuGQsqPSAbRiAwMgsdOz4qH1c+ICoER3Y8IB4WahQvD2cSGCQEfjkKFgl+DBN0CH8ONgk5VBpkEgF9PgUBBXUQAy46cmklYFh1FhU2G2shPRM9S2kfBx19DzYDAmUeBAgEdw1nIzxKOxgRAVQNGQReYQoTHxx7Px8SPWsJNA04AgAeMidXEBQfHHsgGAAySgEDAgJlPRkAU3EIJSEEZDQICSteHRoAAkM6GD1eUBs+NRlkDBQmK3szFg07AgAYEFNxCwR9BXAOCAkrWgEIEwFAGx8QU3ELAwtffQ0YCwhrdSoBPFgrEQ4oXBwUEwkWahABEnYLBT9bYwkGfSJWNGMhOVQKIRIvfQoFFi9WEDoQMlYhPhI5RBE+BBJUOxR2HlIeED04ej8EJDJyGmcGOEAUChY7Yw45MVpVNGchOWEgZB0/dRkaDQJQCz4yK1YKORYiAhVlBFtpFDYNEmkKFCYoVWglAjhyfjg2BV0obw9cfxULJl9qNDsR Requested by Host: d1ks8roequxbwa.cloudfront.net URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:13 GMT Content-Type text/html Content-Length 1229 Connection keep-alive Set-Cookie __cfduid=da18bbe7256058f32c0053f7dba84ac981590354433; expires=Tue, 23-Jun-20 21:07:13 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip Accept-Ranges bytes CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc2a7ae7daac-ARN cf-request-id 02ea1bee8c0000daac2f343200000001
GET H/1.1	200 OK	b2VLZ20URzgQMhoXJ0VXTQ0%2FEx0cX2RIBAYXZQYEQBY8OF9YVn5SXF5LIRRPQ0c4CgtNX3pLTxsELDgEC0dxRVVfUHNfVU1JaRQYDToiA19NX2lVX1hXe1QLXkh9BQgJSH9eXFZIKVcMXkguVV9ZAXxQXQ0EcgRPEg Show response aphycolourses.info/	60 KB 25 KB	220ms 150ms	Script application/javascript	104.16.108.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aphycolourses.info/b2VLZ20URzgQMhoXJ0VXTQ0%2FEx0cX2RIBAYXZQYEQBY8OF9YVn5SXF5LIRRPQ0c4CgtNX3pLTxsELDgEC0dxRVVfUHNfVU1JaRQYDToiA19NX2lVX1hXe1QLXkh9BQgJSH9eXFZIKVcMXkguVV9ZAXxQXQ0EcgRPEg Requested by Host: iir.ai URL: https://iir.ai/sw_2735511.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.108.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 49521b6b1e1b0a9da5a54ca922a01c9b9457ac075fa5beabf5c8326e8650211d Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:13 GMT Content-Encoding br CF-Cache-Status DYNAMIC X-Powered-By Express Transfer-Encoding chunked Connection keep-alive cf-request-id 02ea1bee8e0000f1626a0f9200000001 Server cloudflare ETag W/"ef5c-gL/nfM1qlU65e035c7vQXUrsyHU" Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * CF-RAY 5989fc2a780bf162-ARN Access-Control-Allow-Headers X-Requested-With,content-type
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v16/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://iir.ai Response headers date Tue, 19 May 2020 09:27:04 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:55 GMT server sffe age 474009 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Wed, 19 May 2021 09:27:04 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 30 Apr 2020 21:54:13 GMT server Golfe2 age 654 date Sun, 24 May 2020 20:56:19 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18433 expires Sun, 24 May 2020 22:56:19 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 98 B	19ms 18ms	Image image/gif	2a00:1450:4001:81d::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2142590465&t=pageview&_s=1&dl=https%3A%2F%2Fiir.ai%2FYdS6J2&ul=en-us&de=UTF-8&dt=ClkSh&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1943830535&gjid=1719454419&cid=2034839790.1590354434&tid=UA-113561579-2&_gid=101887388.1590354434&_r=1&gtm=2ou5e1&z=1322055824 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.ee/adsid/	109 B 952 B	58ms 14ms	Script application/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ee/adsid/integrator.js?domain=iir.ai Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 952 B	37ms 16ms	Script application/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=iir.ai Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2020050602.js Show response securepubads.g.doubleclick.net/gpt/	243 KB 87 KB	73ms 73ms	Script text/javascript	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software sffe / Resource Hash c4b5c1f949f059e3abb05ddcb7cc9944f8c16811e0eb1db9003bc5f8a4eb0634 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 06 May 2020 17:23:28 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 89224 x-xss-protection 0 expires Sun, 24 May 2020 21:07:13 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	418 B 722 B	269ms 268ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354433&dt=1590354433927&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=165&adks=3801215253&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=0&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash 4743ec4f9ea31f2abddbcb4b0d2e67b75f8da685a24f015588267476454f5ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:14 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 5e425c937de723636bfd25c75ce60466.safeframe.googlesyndication.com/safeframe/1-0-37/html/	0 0	47ms 13ms	Other text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5e425c937de723636bfd25c75ce60466.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-37/html/	0 0	25ms 6ms	Other text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	421 B 400 B	349ms 348ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x50&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354433&dt=1590354433940&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3714533483&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=18&icsg=43660&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=128&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash c15b9cc2899e6b0332bd9f1a28edfc3df2c68a8f4c64d2d380d19ed1813933e3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:14 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 232 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	popunder.gif traintincre.fun/	35 B 701 B	106ms 38ms	Image image/gif	104.16.107.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://traintincre.fun/popunder.gif Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Sun, 24 May 2020 21:07:14 GMT CF-Cache-Status HIT Server cloudflare Age 34701 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5989fc2d1bd6cb00-ARN cf-request-id 02ea1bf0330000cb00c129a200000001
GET H/1.1	200 OK	Cookie set ew8CPx8UMBxZCwYhC1AlfBAoJT8+MgdYAxczMQ4fHBddUT8WNT0tPzYOLgImHjMlER8GF1AZJCAhBz4JJjIHKxMvHRMZVQYHUB1BJCULBxdzFVA8Xw1kEgZTKz8iMCM6Jw properatersch.fun/TlZkaWcvNAcEWC9rBk8SPDpZTFUIc1YvA303CFxVKm4HBg0qJVNHBCI5EQ0BPDkKHUkgMxBMVQgZNiELPAJWXQkIMTEZMhoXNS1UBAwAWQ8XM1UFDgsuAw4mCgQhIi89YQItFxQZNS8QBhctIyk5FyouCiU3NAFWGTAxDggJFzEGMnwfBys... Frame 4D86	0 0	142ms 142ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/TlZkaWcvNAcEWC9rBk8SPDpZTFUIc1YvA303CFxVKm4HBg0qJVNHBCI5EQ0BPDkKHUkgMxBMVQgZNiELPAJWXQkIMTEZMhoXNS1UBAwAWQ8XM1UFDgsuAw4mCgQhIi89YQItFxQZNS8QBhctIyk5FyouCiU3NAFWGTAxDggJFzEGMnwfBys0NgIAP18FHRMRUhoDVF4vJyU3Pw4XNSoOAAwYEygdDSEcGSA3ACErDg8DKDsyBhoPHVUeZ1EBPyMQKD5VLRIuOwgNHzYGFQ0xKhg/HwwHPj92Hi8OVwEfVB1VHQc9HCMZECg+Hg8yPTwTLBhUHVUdAEkZQnwQKTExABgsGS8XAxALKyZiVC82emInED4dFw4dKyo8XQwBCDoVOgt/JzwhNRwXJwoGBQQyJgEdZww6Vj08JhBfLQIKWAIHLhMgLQ8QEDEhInNWLyMdISgrJAcaPTwUOjMiGRYdAzJRMBYMJTs/ew8CPx8UMBxZCwYhC1AlfBAoJT8+MgdYAxczMQ4fHBddUT8WNT0tPzYOLgImHjMlER8GF1AZJCAhBz4JJjIHKxMvHRMZVQYHUB1BJCULBxdzFVA8Xw1kEgZTKz8iMCM6Jw Requested by Host: d3al52d8cojds7.cloudfront.net URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:15 GMT Content-Type text/html Content-Length 1275 Connection keep-alive Set-Cookie __cfduid=de7bc8cef01f98cd9b64b12918c12a49c1590354435; expires=Tue, 23-Jun-20 21:07:15 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip Accept-Ranges bytes CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc359f5ddaac-ARN cf-request-id 02ea1bf57e0000daac2f3b5200000001
GET H/1.1	200 OK	Cookie set KEoSDA properatersch.fun/eVZYVloYNDs7ZRhrOnAvCzplc2g/c2oQPko3NGNoHW47OTAdJW94ORU5LTI8Czk2InQXMyxzaD8nPCw+PTUMBw8uFWgOGQ4YPRxqDhIJBxQDBQkACCECGTMNHjUTGAgVPBxmHwgXLzUgIGQNEA4RGxM1DB0PHjoxEgIaHwkuBRobGC8QDxw... Frame AD5A	0 0	181ms 143ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/eVZYVloYNDs7ZRhrOnAvCzplc2g/c2oQPko3NGNoHW47OTAdJW94ORU5LTI8Czk2InQXMyxzaD8nPCw+PTUMBw8uFWgOGQ4YPRxqDhIJBxQDBQkACCECGTMNHjUTGAgVPBxmHwgXLzUgIGQNEA4RGxM1DB0PHjoxEgIaHwkuBRobGC8QDxwiNBwJLh9LExk9Oy4SMw8NOyIPDDE3Lwk+NgMAGQwSMS9sBwwBYwIYIkweEC4QDhsgEBw7LzcwCzscOgwxNBMfOgMeABkMEi4SGgMYEjIIDDE0EwoxORoHGRc1ODsoAxgSMg8bLT8PHT0bFBNpbj8oZHUMHho9ERM+P24QBwgzLgkELRoOIjU5LhAREBs/Bx8EawonHzocKhQAGw0sBAo1Fj8xCgQLGjEfAwMgATEMDzs8HRc+SG4dAQsrZgkhayMUNgATPAMNHhc7FAsQMSwnDhcDARc2FB0+PQkUACgHEhMtKyEJOg8rFBA5Dj0EFRcTLAQKEzY8OAsAHD4XEBQcLz0CAhBJGAkTNixwMiU1FyZlIDIuLi4/KEoSDA Requested by Host: d3al52d8cojds7.cloudfront.net URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:15 GMT Content-Type text/html Content-Length 1243 Connection keep-alive Set-Cookie __cfduid=de7bc8cef01f98cd9b64b12918c12a49c1590354435; expires=Tue, 23-Jun-20 21:07:15 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip Accept-Ranges bytes CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc367985daac-ARN cf-request-id 02ea1bf60d0000daac2f3cd200000001
GET H/1.1	200 OK	Cookie set UiwmN0ApLSIlNyRIFS8zLiwBORpQPSEsCwc+NS0zGjgOLh4iHCoLAQQ7FFlXUTszCD8oLDA0HQE4Ijg5CjhaICA5SAYZFjouNCMBOkhSByIwHhojMAgSKQg7JSwOLD4HP1opPTAaDyIwF0gGUzciPwkvATpIUzg7UQEJOSNaSAZTNAArFFhGOS1OKzEGLhsLKjEgB... properatersch.fun/eWNhcmMYAQIfXBheA1QWCw9cV1E/RlM0B0oCDUdRHVsCHQkdEFZcABUMFBYFCwwPBk0XBhVXUT8qMiQlDQdQMxIpBCwgAQNTVTE2CQwENQcsMjY0FTYbVSszEw8SMwgoOygLNlxRIzgOHgomGjUrKSU/ Frame 3EE5	0 0	214ms 214ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/eWNhcmMYAQIfXBheA1QWCw9cV1E/RlM0B0oCDUdRHVsCHQkdEFZcABUMFBYFCwwPBk0XBhVXUT8qMiQlDQdQMxIpBCwgAQNTVTE2CQwENQcsMjY0FTYbVSszEw8SMwgoOygLNlxRIzgOHgomGjUrKSU/UiwmN0ApLSIlNyRIFS8zLiwBORpQPSEsCwc+NS0zGjgOLh4iHCoLAQQ7FFlXUTszCD8oLDA0HQE4Ijg5CjhaICA5SAYZFjouNCMBOkhSByIwHhojMAgSKQg7JSwOLD4HP1opPTAaDyIwF0gGUzciPwkvATpIUzg7UQEJOSNaSAZTNAArFFhGOS1OKzEGLhsLKjEgBC4mUzAiJScRNgQwNgchEDklJisNO0ApGzYMOFYcMjgUKToyWCEmLDcDNS0dJBsZCjcmCTQ6OldRNgsORlM0OjExByAZNAsoBSoYLTYKCTJTIxk5SyUlICQdVAA3LT45DzBTIVMCGCg9ACwwNxUQOAsXOjpSR0ZLJTkZJUszJgUpKyQvRC44FyQTMA0MIiciAAUlIyo8NzMKLT8bICtQSRk5MC5JBhsnKj8yRxgQFg0RTwxKJAsGMChbCjkb Requested by Host: d3al52d8cojds7.cloudfront.net URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:15 GMT Content-Type text/html Content-Length 1269 Connection keep-alive Set-Cookie __cfduid=d1c395bc46b430a0f71768e2a693803cc1590354435; expires=Tue, 23-Jun-20 21:07:15 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc36ebd075da-ARN cf-request-id 02ea1bf655000075da569da200000001
GET H/1.1	200 OK	Cookie set Ey04Gi4aAj4kABAOJxYEMhInZQEZKRwzVjAEKxQ+DS8FMQEyfw properatersch.fun/Q2tqRnIiCQkrTSJWCGAHMQdXY0AFTlgAFnAKBnNAJ1MJKRgnGF1oES8EHyIUMQQEMlwtDh5jQAVfDx4WDiQsJRMEKCAjEwJbDw0zFQw7AzR0KC1/FAs/Ux49EgchABwsJCYvOzE+OQc+Czk7BBESWyQNMxUHMj4BNz0ABDcWOAYRPAY5LSc... Frame C894	0 0	140ms 140ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/Q2tqRnIiCQkrTSJWCGAHMQdXY0AFTlgAFnAKBnNAJ1MJKRgnGF1oES8EHyIUMQQEMlwtDh5jQAVfDx4WDiQsJRMEKCAjEwJbDw0zFQw7AzR0KC1/FAs/Ux49EgchABwsJCYvOzE+OQc+Czk7BBESWyQNMxUHMj4BNz0ABDcWOAYRPAY5LSceKBEtdgJ3IwMLOAQoCQAiJBgsFiQKHSwxM2ZZKB5BBiYsKDQVJCsLFwotO3QqBj4hAiovIT8oRgoNEhclD1ovczYRDE90NBYjIA08FAAhHAoCMSUAQnQzLxBKFT8zJyctXyMJMzM4DCEVNTMvEEoAPAkrIC1GAigrLyk5IBUkWSkXESQzOQcRBTgOFDtyEywFFXIAPioeZlksAhwJJzh0IBc7HXYTCilbKj0vIU90MAAvGRc6AAAOHCcoOiEQAXstBnMCAAYJJzo5XjIJGjs4DChHJD88KkoFBjgJIBs+PRwZeiQLFwItKAIfAxQ4PxcnLV5PdDAaABoHKyQfAh4FCRMyASAIOSl3FxkuKxAWFRMNAUIKGzISNyc/Ey04Gi4aAj4kABAOJxYEMhInZQEZKRwzVjAEKxQ+DS8FMQEyfw Requested by Host: d3al52d8cojds7.cloudfront.net URL: https://d3al52d8cojds7.cloudfront.net/?tid=731347 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:15 GMT Content-Type text/html Content-Length 1268 Connection keep-alive Set-Cookie __cfduid=de7bc8cef01f98cd9b64b12918c12a49c1590354435; expires=Tue, 23-Jun-20 21:07:15 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip Accept-Ranges bytes CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc379be9daac-ARN cf-request-id 02ea1bf6ba0000daac2f3de200000001
GET H/1.1	200 OK	a6fa0903c2 Show response s3.amazonaws.com/2c3090af6ac33d184a1bb6acd383240d8a82d6e17d6ffa336d1508764be/	17 KB 18 KB	542ms 138ms	XHR binary/octet-stream	52.216.29.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/2c3090af6ac33d184a1bb6acd383240d8a82d6e17d6ffa336d1508764be/a6fa0903c2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.29.110 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash 6217f12e5c1148b643427958d59dccf270acecd993303038467ad01d643e088b Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:17 GMT x-amz-meta-pragma no-cache x-amz-request-id 6CF74C8792D84FB4 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Content-Length 17348 x-amz-id-2 Jj+HM7gaAqJibeXXFmPNuExJhYpy3GKKy7YpSsjLQj+h/wKGhkqw7iE5X0VE5ckZrOmIn19rYsY= Last-Modified Sun, 24 May 2020 00:15:04 GMT Server AmazonS3 ETag "39788602687676e0d4cd7de360876815" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type binary/octet-stream Access-Control-Allow-Origin https://iir.ai Cache-Control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Access-Control-Allow-Credentials true Accept-Ranges bytes
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	90 KB 25 KB	292ms 292ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354435&dt=1590354435763&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=299&adks=3880278309&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=21&icsg=43662&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x314&msz=945x280&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=0&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash e183d13d111cf8500cffab918ef42e162a98584a0cbb856fdaf1ff558346cb55 Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmU2_mzzekCFct_4AodR4YHXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLmU2_mzzekCFct_4AodR4YHXA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15783524775369157304/Poltsamaa_Sada_ilmateadedelfi_300x250_EST.html content-encoding br x-content-type-options nosniff google-creative-id -1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24352 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe date Sun, 24 May 2020 21:07:16 GMT content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	39 KB 10 KB	490ms 490ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354435&dt=1590354435769&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=328&adys=614&adks=2252918807&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=25&icsg=174650&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x629&msz=945x280&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=0&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash 8f55c52828a1510921fa6d856dca19a30c91d539729d0899ce9fe13f485da568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9964 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	403 B 382 B	619ms 619ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2C2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354435&dt=1590354435774&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=1290&adys=50&adks=1372485172&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=29&icsg=698602&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=512&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash 46b619b8b9011fad75382be90f197ad8af7eb1dbff601e589ca0b009736ff817 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 214 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	418 B 395 B	744ms 743ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354435&dt=1590354435778&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=392&adys=1109&adks=2688864132&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=33&icsg=2794410&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=512&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash c64de720c6f883063c29fa9d94f1f7b3f3c380aa5e826750f79d74fa999f542a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 227 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response securepubads.g.doubleclick.net/gampad/	38 KB 10 KB	1022ms 1022ms	XHR text/plain	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2243976357355849&correlator=2133171798747454&output=ldjh&impl=fif&adsid=NT&eid=21065402%2C21065516&vrg=2020050602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200524&iu_parts=360613911%2CRedmasadshort.co2020optimised&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=ad_group%3Dad_opt&cookie_enabled=1&bc=31&abxe=1&lmt=1590354435&dt=1590354435783&dlt=1590354433306&idt=606&frm=20&biw=1600&bih=1200&oid=3&adxs=650&adys=934&adks=363645630&ucis=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fiir.ai%2FYdS6J2&dssz=37&icsg=11177642&std=0&csl=86&vis=1&dmc=8&scr_x=0&scr_y=0&psz=945x250&msz=945x250&ga_vid=2034839790.1590354434&ga_sid=1590354434&ga_hid=2142590465&fws=0&ohw=0&btvi=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash 568eab2ac3a3746ae03026e2c2f454b1cb6110529ebf0969525381ee0369fbfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10020 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ Show response g.themoneytizer.net/g/	26 B 200 B	212ms 54ms	Script text/html	145.239.193.145 OVH
General Check archive.org Show headers Download Go to Full URL https://g.themoneytizer.net/g/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.193.145 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash fcfa6c4d7ec2b771b1df2404910700d7948fe24d98d5b007ddcf5d6a19ffb19b Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:15 GMT Server nginx X-IPLB-Instance 29895 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	moneyvisibility.js Show response ads.themoneytizer.com/	12 KB 4 KB	31ms 30ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneyvisibility.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:15 GMT content-encoding gzip last-modified Wed, 08 Jan 2020 19:01:35 GMT server nginx etag "779a-30ad-59ba5857e2265" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 3955 expires Mon, 25 May 2020 21:06:47 GMT
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	37 KB 16 KB	40ms 39ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:15 GMT content-encoding gzip last-modified Wed, 27 Feb 2019 16:57:00 GMT server nginx etag "7ff1-9390-582e30fefbc74" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 15733 expires Mon, 25 May 2020 21:06:54 GMT
GET H2	200	getjs.static.js Show response tag.contextweb.com/	32 KB 11 KB	406ms 132ms	Script application/x-javascript	198.148.27.132 PULSEPOINT
General Check archive.org Show headers Download Go to Full URL https://tag.contextweb.com/getjs.static.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.148.27.132 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software envoy / Resource Hash bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:15 GMT content-encoding gzip server envoy etag d13c8ae45565efb782b52cb7f6a3b3828e3d77a7 p3p policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT" status 200 cache-control max-age=432000, public x-envoy-upstream-service-time 3 content-type application/x-javascript content-length 11296
GET H/1.1	200 OK	px.js Show response p.cpx.to/p/11528/	1 KB 2 KB	214ms 54ms	Script application/javascript	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/11528/px.js?r=13bd5 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.225.87.96 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 18 May 2020 04:27:07 GMT Content-Encoding UTF-8 Connection keep-alive Last-Modified Wed, 10 Oct 2018 10:49:46 GMT Server AmazonS3 Age 578409 ETag "f30057c89bf67afeaf18ceba624fa4b7" X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront) Cache-Control max-age=2419200 X-Amz-Cf-Pop FRA2-C2 Accept-Ranges bytes Content-Length 1498 X-Amz-Cf-Id kfWiaBX_xv6Cw_d51RoxdrhRvk-xybgYMrcFXjgCCmkDOreJQqia0w==
GET H2	200	smart.js Show response ced-ns.sascdn.com/diff/js/ Redirect Chain https://ww1097.smartadserver.com/config.js?nwid=1097 https://ced-ns.sascdn.com/diff/js/smart.js	28 KB 9 KB	138ms 38ms	Script application/x-javascript	68.232.35.16 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ced-ns.sascdn.com/diff/js/smart.js Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.232.35.16 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (ska/F707) / Resource Hash 018c9bc1ee74a05b1631b41802e7d9f32ec11b10f7e9b2783fb5d9e0c54c4918 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding gzip last-modified Wed, 20 May 2020 07:16:18 GMT server ECS (ska/F707) cache-control max-age=86400 age 49800 etag "f57677664ceef6a64e2e43a3090509a9:1589958978" vary Accept-Encoding x-cache HIT content-type application/x-javascript status 200 x-n S accept-ranges bytes content-length 9145 Redirect headers location https://ced-ns.sascdn.com/diff/js/smart.js date Sun, 24 May 2020 21:07:15 GMT cache-control private content-length 159 content-type text/html; charset=utf-8
GET H2	200	sync Show response gum.criteo.com/	49 B 371 B	44ms 12ms	Script text/javascript	2a02:2638:1::13 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET vary Accept-Encoding content-type text/javascript; charset=utf-8 status 200 cache-control private, max-age=3600 date Sun, 24 May 2020 21:07:15 GMT content-length 165 expires 60
GET H/1.1	200 OK	libJsLP.js Show response tag.leadplace.fr/	3 KB 3 KB	272ms 71ms	Script application/javascript	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/libJsLP.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.14.2 / Resource Hash 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:16 GMT Last-Modified Wed, 28 Nov 2018 09:16:40 GMT Server nginx/1.14.2 ETag "5bfe5cf8-a72" X-IPLB-Instance 30196 Content-Type application/javascript Accept-Ranges bytes Content-Length 2674
GET H2	200	/ onetag-sys.com/usync/ Frame 18A9	0 0	159ms 52ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1590354435788 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.251 , Germany, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=2a897e3f18e6769&cb=1590354435788 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H2	200	/ spl.zeotap.com/ Frame 447E	0 0	38ms 21ms	Document text/html	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority spl.zeotap.com :scheme https :path /?env=mWeb&uc=2&zdid=1258&eventType=map pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 date Sun, 24 May 2020 21:07:15 GMT content-type text/html set-cookie __cfduid=d5506ecec3395d05421372f38ed99b9e21590354435; expires=Tue, 23-Jun-20 21:07:15 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=8a4f1456-df3d-4550-4d82-f2c866af38bf; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zsc=%15%FBH%F3%9Cg%7Dq%E2%92Z%FD%82et%8AL%B7U%08%91%0AR%3DI%0F%BE%81%11%B0%F3%11%D9%F6%B7%DA%91%04%BB-%FC%8B%E7%D4%3F%F7IW%21%CA%AF%10Q%F97%A2Jhb%9Av%1A%9D%9B%9D%B6%29t%CC%87%BD%5B%1A%0A%93%E2%85%B7%96%C9%17%BE%0E%01%04s%C9%13%C8%8D%87%A0%BD%CC%AA%B5%D5%E4; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure access-control-allow-credentials true access-control-allow-headers * access-control-allow-origin https://iir.ai vary Origin via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5989fc37c87b3240-FRA content-encoding br cf-request-id 02ea1bf6e1000032409a2a9200000001
GET H/1.1	200 OK	quant.js Show response secure.quantserve.com/	21 KB 8 KB	223ms 54ms	Script application/x-javascript	91.228.74.199 QUANTCAST
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.199 , United Kingdom, ASN27281 (QUANTCAST, US), Reverse DNS Software QS / Resource Hash b68b4d1e6d63eabb8a4f663f7755454028aa22d9a0edc88d5b77c58e932d7fa0 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:15 GMT Content-Encoding gzip Last-Modified Sun, 24-May-2020 21:07:15 GMT Server QS Etag M0-004a9efe Vary Accept-Encoding Connection keep-alive Content-Type application/x-javascript Cache-Control private, no-transform, max-age=604800 Strict-Transport-Security max-age=86400 Content-Length 8025 Expires Sun, 31 May 2020 21:07:15 GMT
GET H/1.1	200 OK	notifyme.js Show response d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	280ms 75ms	Script text/javascript	13.224.89.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.89.3 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-89-3.zrh50.r.cloudfront.net Software Apache / Resource Hash b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 11:36:02 GMT Via 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache Age 120741 X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive X-Amz-Cf-Pop ZRH50-C1 Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id sUtT7ZKoOMpYeKRb9etFXmtqa9I2d-ZITR8pmG0mHEPgPwnv94LYpg==
GET H/1.1	200 OK	186329-261067657875242.js Show response js-sec.indexww.com/ht/p/	35 KB 12 KB	1009ms 807ms	Script text/javascript	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://js-sec.indexww.com/ht/p/186329-261067657875242.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f869c2dff8faee0c62fe6b9eb479f2b326557fadefd778d35dabb9d7cd18a958 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:16 GMT Content-Encoding gzip Last-Modified Sun, 24 May 2020 21:06:02 GMT Server Apache ETag "7649b7-8bdb-5a66b3adda0bc" Vary Accept-Encoding P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=3573 Connection keep-alive Accept-Ranges bytes Content-Type text/javascript Content-Length 12319 Expires Sun, 24 May 2020 22:06:49 GMT
GET H2	200	prebid.js Show response ads.themoneytizer.com/moneybid2_445_2/build/dist/	394 KB 126 KB	36ms 36ms	Script text/javascript	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / Resource Hash 5dfc9288f5281f2c559f14d366adf563f1a17b987554876469b161fe48abeed1 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:15 GMT content-encoding gzip last-modified Mon, 11 May 2020 21:35:02 GMT server nginx etag "33d3f-62974-5a5661e999b3b" vary Accept-Encoding x-cache HIT content-type text/javascript status 200 cache-control max-age=86400 accept-ranges bytes content-length 128463 expires Mon, 25 May 2020 21:07:05 GMT
GET H2	200	footer.jpg iir.ai/cloud_theme/build/img/	6 KB 6 KB	13ms 13ms	Image image/jpeg	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iir.ai/cloud_theme/build/img/footer.jpg Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:15 GMT x-content-type-options nosniff cf-cache-status HIT age 72956 status 200 content-length 6152 x-xss-protection 1; mode=block last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Accept-Encoding content-type image/jpeg cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bf6f90000d6fdb2b7c200000001 accept-ranges bytes cf-ray 5989fc37fa8fd6fd-FRA expires Mon, 24 May 2021 00:51:16 GMT
GET H2	200	fontawesome-webfont.woff2 iir.ai/cloud_theme/build/fonts/	75 KB 76 KB	17ms 17ms	Font font/woff2	2606:4700:3033::681c:1f0a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://iir.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:1f0a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0 Origin https://iir.ai Response headers date Sun, 24 May 2020 21:07:15 GMT x-content-type-options nosniff cf-cache-status HIT age 287253 status 200 content-length 77160 x-xss-protection 1; mode=block last-modified Mon, 02 Sep 2019 23:24:50 GMT server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent, Accept-Encoding content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-request-id 02ea1bf6d30000d6fdb2b7b200000001 accept-ranges bytes cf-ray 5989fc37ba07d6fd-FRA expires Thu, 28 May 2020 13:19:40 GMT
GET H2	200	S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 fonts.gstatic.com/s/lato/v16/	13 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:81b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Origin https://iir.ai Response headers date Tue, 19 May 2020 03:35:52 GMT x-content-type-options nosniff last-modified Tue, 23 Jul 2019 03:45:45 GMT server sffe age 495083 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13732 x-xss-protection 0 expires Wed, 19 May 2021 03:35:52 GMT
GET H2	200	cmp.js Show response quantcast.mgr.consensu.org/	264 KB 76 KB	43ms 15ms	Script text/javascript	2600:9000:2190:fe00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/cmp.js Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8f670db094f8157451312a2d25ce34fd67f622e07d356f9db841224cceeeed2d Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 20:52:16 GMT content-encoding gzip last-modified Thu, 21 May 2020 20:45:01 GMT server AmazonS3 age 2154 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 cache-control public, max-age=7200 x-amz-meta-qc-ineu True x-amz-cf-pop ZRH50-C1 x-amz-cf-id BumAtxAl1AnGJD6W76mnXejP7ejtoVRdcDyNowlJux3iYCTtuIwhZw== via 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
GET H2	200	cRDNqSGUnXAQuWjBaDnVddAZScF1iWRknCzQOEC1dIVIOHz8iVgcRC2JHECxYdhUGKQsjDkwtCycOW24EIFFXeEMwQwUjWDFdDi0DLV0PLEMxUlclCj5aBiQEYQEsfUt0Flh4TSlSCSELMFwZIEB3cU96VS1dHi0JYQFaJQQnFlh4CjcWWHgdYQFaeVUbAl-4XUG0... Show response dc5k8fg5ioc8s.cloudfront.net/	301 B 554 B	184ms 184ms	Script text/plain	2600:9000:2190:f400:1a:a6:7f00:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dc5k8fg5ioc8s.cloudfront.net/cRDNqSGUnXAQuWjBaDnVddAZScF1iWRknCzQOEC1dIVIOHz8iVgcRC2JHECxYdhUGKQsjDkwtCycOW24EIFFXeEMwQwUjWDFdDi0DLV0PLEMxUlclCj5aBiQEYQEsfUt0Flh4TSlSCSELMFwZIEB3cU96VS1dHi0JYQFaJQQnFlh4CjcWWHgdYQFaeVUbAl-4XUG0WWHgENEMGLRIhUQEhEWEBLH1Wcx1ZfkB2A0IjDTBeBm1XBxZYeAktWA9tV3RUDysOKxpPelUnWxgnCCEWWA5ScB1aZlZzAVNmVHIKT3pVN1IMKRctFlgOUHcERHtTYkZX Requested by Host: dc5k8fg5ioc8s.cloudfront.net URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805888 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2190:f400:1a:a6:7f00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 59b2cac5f70cce6763c493384e86152eff696a62ea3290f8e382b5a91c3c2329 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding gzip x-amz-cf-pop ZRH50-C1 status 200 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 276 via 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront) x-amz-cf-id WdZ9z6MRQ34KHNCUrWUN28Msdr_TIjHS9amb6CFMP6vez9zJjx8Bxg==
GET		8.gif id5-sync.com/c/12/112/2/ Redirect Chain https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=1&gdpr_consent= https://id5-sync.com/c/12/2/8/2.gif?puid=0&gdpr=1&gdpr_consent= https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-ZHMO0g8sYvunj8hKsqRtFO1g2qkvqTNpSXDPDMGrzQ&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F3%2F7%2F3.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D1%26gd... https://id5-sync.com/c/12/3/7/3.gif?puid=28015eca-e203-4000-a19c-d72c50eb8b85&gdpr=1&gdpr_consent= https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F6%2F4.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/10/6/4.gif?puid=5166839012462887300&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/12/19/5/5.gif?puid=${profile_id}&gdpr=1&gdpr_consent= https://id5-sync.com/c/12/19/5/5.gif?puid=5cf68f9e8f615791c6b5d213001aa256&gdpr=1&gdpr_consent= https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F4%2F6.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/101/4/6.gif?puid=72db512a-224f-4377-89cc-1158c6c30440&gdpr=1&gdpr_consent= https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons... https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F3%2F7.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp... https://id5-sync.com/c/12/108/3/7.gif?puid=8d0f8831-9e02-11ea-8a56-c6eed6eb2ed6&gdpr=1&gdpr_consent= https://uipglob.semasio.net/id5/1/get?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://uipglob.semasio.net/id5/1/get2?gdpr=1&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F112%2F2%2F8.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D1%26gdpr_consent%3D https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=	0 0
GET H/1.1	200 OK	push Show response properatersch.fun/	4 KB 3 KB	609ms 592ms	XHR text/plain	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/push?tid=832300&red=1&cs=UkQ1VlBjcgRkYWAhUGBoYyYENWBi&abt=0&v=0.5.30.0&sm=83&k=daily%20india%20make%20with%20money%20highest%20paying%20best%20shortener&sts=64&prn=0&emb=0&fs=1&m=2&ns=1&ndp=1&asi=1&ref=https%3A%2F%2Fiir.ai%2FYdS6J2&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&tzd=2&uloc=&if=0&_ijI4=1590354435851&crc=1 Requested by Host: d1ks8roequxbwa.cloudfront.net URL: https://d1ks8roequxbwa.cloudfront.net/?orskd=832300 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 41045a42fe61518bf5b381ebfaaf6fbc2fc5886b1a68966960bb4573cc1341f7 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:16 GMT content-encoding gzip CF-Cache-Status DYNAMIC P3P CP="NID DSP ALL COR" Connection keep-alive Content-Length 2172 cf-request-id 02ea1bf72c000075da569e0200000001 Pragma no-cache Server cloudflare Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Content-Type text/plain access-control-allow-origin https://iir.ai cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true Accept-Ranges bytes CF-RAY 5989fc384c4f75da-ARN
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/BT5UwN2jyUJCo7TdbwTYi_58/	310 KB 122 KB	25ms 6ms	Script text/javascript	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/BT5UwN2jyUJCo7TdbwTYi_58/recaptcha__en.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 277939603aa72db39886e49b3cb46a73c88b5e84e53797349969b3154dc3e107 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 19 May 2020 21:23:28 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 May 2020 18:40:32 GMT server sffe age 431028 vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=31536000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 124488 x-xss-protection 0 expires Wed, 19 May 2021 21:23:28 GMT
GET H2	200	cmp-3pc-check.html static.quantcast.mgr.consensu.org/v33/ Frame 5323	0 0	30ms 6ms	Document text/html	2600:9000:21f3:6400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v33/cmp-3pc-check.html Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers :method GET :authority static.quantcast.mgr.consensu.org :scheme https :path /v33/cmp-3pc-check.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 content-type text/html content-length 645 last-modified Thu, 14 May 2020 20:38:15 GMT x-amz-server-side-encryption AES256 accept-ranges bytes server AmazonS3 date Sun, 24 May 2020 20:52:27 GMT etag "55b98270d639ef0c34781d9f03cce91f" cache-control immutable, max-age=1209600 x-cache Hit from cloudfront via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id jf9d9k5cFQhdFzRphKayedFbqplHMnu9YkqMs4apRVSVz8YcnKAfGw== age 963
GET H2	200	localstore.js Show response script.4dex.io/	450 B 747 B	28ms 11ms	Script application/javascript	2606:4700:e6::ac40:c107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br cf-cache-status HIT age 1241 status 200 x-amz-request-id EAE8A90483FCD802 x-amz-id-2 /l5eU+U3fzsMeN0hl+V6N9/CNh2fd0wf9EhJ0Gk/DtEgOVkS2ntcBi85X/uypBEfGFZ9AO8jhi4= last-modified Mon, 06 Apr 2020 11:18:51 GMT server cloudflare etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=1800 cf-request-id 02ea1bf7b30000643d5aa28200000001 cf-ray 5989fc3918d6643d-FRA
GET H2	200	cmpui-banner.js Show response static.quantcast.mgr.consensu.org/v33/	257 KB 74 KB	8ms 7ms	Script text/javascript	2600:9000:21f3:6400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:21f3:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0698cc3dda9964a86ee88a18cc88e2b9ffa64dd4e36785d8a748ba827e5b0984 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 20:58:13 GMT content-encoding gzip last-modified Thu, 14 May 2020 20:38:14 GMT server AmazonS3 age 1324 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 status 200 cache-control immutable, max-age=1209600 x-amz-cf-pop FRA2-C2 x-amz-cf-id vGPnSW47qMvoNTfIqkiW1ud8fnG_Ju8HwX1rUWQZKwM30-YFivIYZA== via 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
GET H2	200	rules-p-6Fv0cGNfc_bw8.js Show response rules.quantcount.com/	1 KB 966 B	42ms 8ms	Script application/x-javascript	2600:9000:20eb:7e00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 20:37:05 GMT content-encoding gzip last-modified Mon, 19 Mar 2018 22:28:36 GMT server AmazonS3 age 1812 vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control max-age=3600 x-amz-cf-pop FRA2-C1 x-amz-cf-id zjw-S2x-8tAJCxe9XBykizFOurfBCcaXPYZyYCgMd8FwfhfQYZYbeA== via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
GET H2	200	adagio.js Show response script.4dex.io/	62 KB 18 KB	53ms 19ms	Fetch application/javascript	2606:4700:e6::ac40:c107 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:c107 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b21b082670143ac16a71038445d789a8875da5206df9b45e97ceeb44d50e0926 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT age 1146 status 200 x-amz-request-id 869ABD398E0A9859 x-amz-id-2 NqzRx72/aFun2e816os1ZKtY+trshErNqokstj4wPKVdlqMC+Lhiky98K25EbTgy/8YSSW4Azsg= last-modified Mon, 06 Apr 2020 11:18:49 GMT server cloudflare etag W/"69fac1b60dfd5d00b8ff023e19aca7e0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-request-id 02ea1bf7e700000610772be200000001 cf-ray 5989fc397ab70610-FRA
GET H2	200	anchor www.google.com/recaptcha/api2/ Frame 332D	0 0	22ms 22ms	Document text/html	2a00:1450:4001:816::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=BT5UwN2jyUJCo7TdbwTYi_58&size=normal&cb=vzfbvu36mxfm Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-43MAIPvlTzahxepE791BiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/anchor?ar=1&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&co=aHR0cHM6Ly9paXIuYWk6NDQz&hl=en&v=BT5UwN2jyUJCo7TdbwTYi_58&size=normal&cb=vzfbvu36mxfm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 24 May 2020 21:07:16 GMT content-security-policy script-src 'report-sample' 'nonce-43MAIPvlTzahxepE791BiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 10104 server GSE alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	container.html 5e425c937de723636bfd25c75ce60466.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 739D	0 0	6ms 6ms	Document text/html	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://5e425c937de723636bfd25c75ce60466.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 5e425c937de723636bfd25c75ce60466.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-37/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 2973 date Sun, 24 May 2020 21:07:13 GMT expires Mon, 24 May 2021 21:07:13 GMT last-modified Thu, 21 Nov 2019 16:01:11 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 3 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	70ms 13ms	Script text/javascript	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 656716137d4e28b0da293f471affb65b1beb1a6c2d9fe2fa9c3640a592754b1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1589974910160429" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27764 x-xss-protection 0 expires Sun, 24 May 2020 21:07:16 GMT
GET H2	200	vendorlist.json Show response vendorlist.consensu.org/	97 KB 18 KB	63ms 8ms	XHR application/json	2600:9000:20eb:ac00:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/vendorlist.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:ac00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 59b3a40d8afe6809772f568a403f5994910ddf1a1f3e39e830e490d66e31f90b Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 21 May 2020 16:11:00 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 276977 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 21 May 2020 16:01:21 GMT server AmazonS3 access-control-max-age 604800 access-control-allow-methods GET x-amz-version-id Yh6c11QRkOU5DxynD2yPL5LFEJecOV97 via 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop FRA2-C1 content-type application/json; charset=utf-8 x-amz-cf-id boVyE_gYA4iVL_1mH7mmgnicKvicZtFWIzMGSDmNNnjSlVST3u89rA==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.0.0/	84 KB 30 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 18 May 2020 19:21:38 GMT content-encoding gzip x-content-type-options nosniff age 524738 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30186 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 18 May 2021 19:21:38 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005012256000/ Frame 6160	204 KB 57 KB	171ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/ Origin https://iir.ai Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42863 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57019 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:12:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bf14143de8659308" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:12:53 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005012256000/ Frame 6160	204 KB 56 KB	181ms 15ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42863 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57019 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:12:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bf14143de8659308" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:12:53 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6160	16 KB 6 KB	179ms 14ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53420 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5877 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cf1fef681ae7494f" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:56 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6160	98 KB 30 KB	175ms 9ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42850 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30100 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:13:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "023298bf906f9a2c" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:13:06 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6160	4 KB 2 KB	174ms 9ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53425 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1637 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "eed6b15e1dd2165d" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:51 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame 6160	48 KB 16 KB	172ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53420 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15361 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d0b45204c403cb94" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:56 GMT
GET DATA	200 OK	truncated / Frame 6160	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1ffd1a364a33a39b3114c38f4a06fefc0de6755bab99f2ff2af4b800da19e57 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/012005012256000/	21 KB 7 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0517f76184f899b738515a124efe8f335f585847387b8889dfa7c0fb132f75a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 7784 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7437 x-xss-protection 0 server sffe date Sun, 24 May 2020 18:57:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "1b9b229ae83eaa45" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 18:57:32 GMT
GET H2	200	9544263937077279224 tpc.googlesyndication.com/simgad/ Frame 6160	60 KB 60 KB	98ms 95ms	Image image/gif	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9544263937077279224 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 58be431de26a3ab42a8d3c9c39470910dc62f93b7ae0d50f0c459b1c500e3228 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT x-content-type-options nosniff last-modified Thu, 21 May 2020 11:08:50 GMT server sffe status 200 x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61332 x-xss-protection 0 expires Mon, 24 May 2021 21:07:16 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6160	3 KB 3 KB	8ms 6ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sat, 23 May 2020 22:24:05 GMT x-content-type-options nosniff server cafe age 81791 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Sun, 24 May 2020 22:24:05 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6160	344 B 448 B	8ms 6ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 11:09:01 GMT x-content-type-options nosniff server cafe age 35895 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Mon, 25 May 2020 11:09:01 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame 6160	0 0	93ms 91ms	Image text/html	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdi9pA-LKXprtPJfogAfEo7TQBcDEoa9d6auXhqQLv-EeEAEgiLGRH2DqAcgBA6kCzFKmw7FKsj7gAgCoAwHIAwiqBNgBT9C1PhI6HuLiHvIZ1hXqn2u9xU1gG70t_B8GEMkQUOKOZWT2mplQs_XSrCFtbXGn9BmAf5XPzgh0mzBg9ISQS2nq-x9oUfqsfCafbSB0brVx5EY5Wf1r91UKuFBHuCIDOytVc8yRSif4oh9d1O3_M1WqBztmjm3cZHYXBptDRsElS_ruupP8m6rvVXxy180PhqSgki_adJlA7LYtBLLBA7Zxi18ZNBDxGXdhOne0h_B24NXHQnKjQpWmzLcwYykevK6cwCVe5jf24CHzrvn88qqYV2VLFThDwAS069WugAPgBAGSBQQIBBgBkgUECAUYBKAGA4AH7-ad0wGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQt9wE0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi00ODUyOTE1OTA1OTM2MTI0gAoDyAsB2BMC&sigh=VwL6ROd64zQ&tpd=AGWhJmsrISeJ8mgISZftLYwvSGEy-4_ZeiEr6Ogu-WJR8btcIg Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	purposes-es.json Show response vendorlist.consensu.org/	4 KB 2 KB	9ms 7ms	XHR application/json	2600:9000:20eb:ac00:1:af78:4c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vendorlist.consensu.org/purposes-es.json?timestamp=1590354436370 Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:ac00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 426d4f24124e83741759c3185abf6f7463c46df9f0b0ec5e7153a718eb005138 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id XLNOk9r0ERsNSSUJdfN6fUSlfy0sDda8 content-encoding gzip vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 10614 x-cache Hit from cloudfront status 200 access-control-allow-origin * last-modified Thu, 21 May 2020 16:21:08 GMT server AmazonS3 date Sun, 24 May 2020 18:10:23 GMT access-control-max-age 604800 access-control-allow-methods GET content-type application/json; charset=utf-8 via 1.1 69f13f852a135432abb1b7bfc5a8b421.cloudfront.net (CloudFront) cache-control max-age=259200 x-amz-cf-pop FRA2-C1 x-amz-cf-id 3ES5hgUzLYxtRD-qUfyfSszw7QEuPwZw65wn6__LUW_rpI14Bi_hWA==
GET H2	200	6M2EzMmsMFVpWVgRSAgFfBA%3D%3D Show response dkyp75kj7ldlr.cloudfront.net/	298 KB 105 KB	255ms 191ms	Script text/plain	2600:9000:20eb:6600:15:bb12:c7c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dkyp75kj7ldlr.cloudfront.net/6M2EzMmsMFVpWVgRSAgFfBA%3D%3D Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:6600:15:bb12:c7c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 230c85db5bfc1cffa3ffe25d6278fd71848607930be8789781b2f15f757261d4 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:16 GMT content-encoding gzip x-amz-cf-pop FRA2-C1 status 200 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 107407 via 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront) x-amz-cf-id 78-biM1JSNlhFv1VWQeVEbVQ86_afKuh3_-kwRQPraczGSlsFaDiiA==
GET H2	200	CookieAccess Show response apis.quantcast.mgr.consensu.org/	18 B 259 B	165ms 61ms	XHR application/json	52.58.64.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://apis.quantcast.mgr.consensu.org/CookieAccess Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/cmp.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.58.64.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-64-30.eu-central-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT server awselb/2.0 status 200 vary Origin access-control-allow-methods GET, POST content-type application/json access-control-allow-origin https://iir.ai cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Content-Type content-length 18
GET H2	200	bframe www.google.com/recaptcha/api2/ Frame CAB7	0 0	17ms 17ms	Document text/html	2a00:1450:4001:816::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=BT5UwN2jyUJCo7TdbwTYi_58&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=z2rgl6b98pu3 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bNhIwnhd/ysKnp2nMviNrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/bframe?hl=en&v=BT5UwN2jyUJCo7TdbwTYi_58&k=6LeizZ0UAAAAAObUkf5HqejauoK1BNiyNJH2AozF&cb=z2rgl6b98pu3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sun, 24 May 2020 21:07:16 GMT content-security-policy script-src 'report-sample' 'nonce-bNhIwnhd/ysKnp2nMviNrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1182 server GSE alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	notifyme.php Show response adtrack.adleadevent.com/	0 517 B	310ms 70ms	XHR application/x-javascript	54.228.220.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.220.169 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-220-169.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 May 2020 21:07:16 GMT Content-Encoding gzip Last-Modified Sun, 24 May 2020 21:07:16 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://iir.ai Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 6160 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	40ms 40ms	Image text/html	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers date Sun, 24 May 2020 21:07:16 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H2	200	9544263937077279224 tpc.googlesyndication.com/simgad/ Frame 6160	60 KB 60 KB	7ms 7ms	Image image/gif	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9544263937077279224 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 58be431de26a3ab42a8d3c9c39470910dc62f93b7ae0d50f0c459b1c500e3228 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:16 GMT x-content-type-options nosniff age 0 x-dns-prefetch-control off status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61332 x-xss-protection 0 last-modified Thu, 21 May 2020 11:08:50 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 21:07:16 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6160	3 KB 3 KB	6ms 5ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sat, 23 May 2020 22:24:05 GMT x-content-type-options nosniff server cafe age 81791 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Sun, 24 May 2020 22:24:05 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 6160	344 B 402 B	6ms 6ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 11:09:01 GMT x-content-type-options nosniff server cafe age 35895 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Mon, 25 May 2020 11:09:01 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005012256000/ Frame B8E3	204 KB 56 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/ Origin https://iir.ai Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42863 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57019 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:12:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bf14143de8659308" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:12:53 GMT
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/012005012256000/ Frame B8E3	204 KB 56 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2b891e379840927eaf16ac1147b0e270c409d7a9e2655dd866a175b996dea9c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42863 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 57019 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:12:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "bf14143de8659308" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:12:53 GMT
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame B8E3	16 KB 6 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-ad-exit-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6911cdf8bbf72eff1b6ae5fa039c42f4ca431e578f4f657dd29c55a65f85fd22 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53420 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5877 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "cf1fef681ae7494f" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:56 GMT
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame B8E3	98 KB 29 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd0c4ff5bc4e85bcd1ff717afc9d15b8274efe8e644542489bc31fae0346541b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 42850 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30100 x-xss-protection 0 server sffe date Sun, 24 May 2020 09:13:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "023298bf906f9a2c" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 09:13:06 GMT
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame B8E3	4 KB 2 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-fit-text-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f9ff4042daa13aa0766bc4854140f7a2942e4deae37d352a617b95000fa54ba Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53425 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1637 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "eed6b15e1dd2165d" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:51 GMT
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/rtv/012005012256000/v0/ Frame B8E3	48 KB 15 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012005012256000/v0/amp-form-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2c5d4e6a74355f147e25b3ced1d4a66288eab711d0bd3d449ef056fa777c184 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 53420 status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15361 x-xss-protection 0 server sffe date Sun, 24 May 2020 06:16:56 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d0b45204c403cb94" accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 06:16:56 GMT
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame B8E3	3 KB 3 KB	6ms 6ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sat, 23 May 2020 22:24:05 GMT x-content-type-options nosniff server cafe age 81791 etag 15880770647744369592 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2982 x-xss-protection 0 expires Sun, 24 May 2020 22:24:05 GMT
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame B8E3	344 B 402 B	6ms 6ms	Image image/png	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 11:09:01 GMT x-content-type-options nosniff server cafe age 35895 etag 6766994032117382215 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control public, max-age=86400 content-type image/png alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Mon, 25 May 2020 11:09:01 GMT
GET DATA	200 OK	truncated / Frame B8E3	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fed68bbce1567d06b5e03e57f747d1d13be2834fc6fd7c5463e345318d2a60ec Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	9601613588065482445 tpc.googlesyndication.com/simgad/ Frame B8E3	52 KB 52 KB	8ms 8ms	Image image/gif	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/9601613588065482445 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6a923cbc607fdb9dc6475d629ec9d318fbe8441aa35db33db64d8e2b05c8703c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:06:17 GMT x-content-type-options nosniff age 59 x-dns-prefetch-control off status 200 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53084 x-xss-protection 0 last-modified Thu, 21 May 2020 11:08:49 GMT server sffe content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 24 May 2021 21:06:17 GMT
GET H2	200	adview securepubads.g.doubleclick.net/pagead/ Frame B8E3	0 0	91ms 90ms	Image text/html	216.58.205.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=C5LwDBOLKXpiOHtnE-gbz66zYDMDEoa9doaqXhqQLv-EeEAEgiLGRH2DqAcgBA6kCzFKmw7FKsj7gAgCoAwHIAwiqBNsBT9DHr5zUVU5v3RBBAfesnz6BcWMFAF8X1cMaOsjbhYv03oOELnhWuHSUrUwb4J6oIyFbQrvk2wYV-OO8EpXGLjeVPtrf9ia5iQCpDR9BxMQFtyYM6j4P5EnRaqyCB513gzGOMr_yQbh5J-RobuhZLHh2_KGi3We0p9b_cuU3whYzLNbQitX5gXJ7VD3jVl28q1jJUCis7WnglDjBQq8o7LZLWnUpkY4lvSf09_EFuO6C3AGX6Umd9QCzW6ROPsRX-Tm9Xi9mUyV64FHmFUK-9at_X74CEGgEC_26wAS069WugAPgBAGSBQQIBBgBkgUECAUYBKAGA4AH7-ad0wGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ0JMD0ggJCIDhgHAQARgd8ggbYWR4LXN1YnN5bi00ODUyOTE1OTA1OTM2MTI0gAoDyAsB2BMC&sigh=yESPiJ4ILA0&tpd=AGWhJmtDfB90HwEfTaMqGY6Ur5CCDGkn8AvZDUyTlPwqOKThig Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s24-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers
GET H2	200	rid Show response match.adsrvr.org/track/	108 B 643 B	67ms 67ms	XHR application/json	52.49.118.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.118.177 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-118-177.eu-west-1.compute.amazonaws.com Software / Resource Hash cc78dc8b0b14b657c1a14d2052b5086ebab7e94f347e710766fc5ddcdef1cf3f Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sun, 24 May 2020 21:07:16 GMT x-aspnet-version 4.0.30319 status 200 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://iir.ai cache-control private access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept content-length 108 expires Tue, 23 Jun 2020 21:07:16 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame B8E3 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si	0 0	43ms 42ms	Image text/html	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Redirect headers date Sun, 24 May 2020 21:07:16 GMT x-content-type-options nosniff server safe status 302 content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si cache-control private alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 246 x-xss-protection 0
GET H/1.1	200 OK	Cookie set aQ4JCnstGAwmOQRj properatersch.fun/T1RXWU0uNjQ0ci5pNX84PThqfH8JcWUfKSQtJ254JD5gNSkjJnk6ISAhMz8/IDojdyMqIHJrCz81LQh9HTo8EBp+OzALJXYwAhE5AAwGGAgpPz8XFSQ3Jx81PB41CxRqZhUBfX5jEiEEKw4WGyoLBhEIDhcGMRt8GTUeDB8BAQE2IR0SOAo... Frame D06A	0 0	142ms 142ms	Document text/html	104.16.107.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://properatersch.fun/T1RXWU0uNjQ0ci5pNX84PThqfH8JcWUfKSQtJ254JD5gNSkjJnk6ISAhMz8/IDojdyMqIHJrCz81LQh9HTo8EBp+OzALJXYwAhE5AAwGGAgpPz8XFSQ3Jx81PB41CxRqZhUBfX5jEiEEKw4WGyoLBhEIDhcGMRt8GTUeDB8BAQE2IR0SOAobHB01DyoOBxohJRgDASp1ChUzABsYGhsVHAo1MzU1FRYVLj8IFT89GiUdAB4LOAYzDTkAFjAIOwksbgsaCBobDnwjAh0PNRUWESp8FxI8HBkIGhsOOhoREAwlKTUgHzsXEjwcGxsNHRt8CRAeIT4ODAJ0DyUHLmkPDWcRARoOHQU9CCMQD2g6NhIWOh8NMwE6Gh4GDhU1BhsSCBd9HDBsFRctOwgZKA0SEx8KDgBoJiUMETU0DmcdARo3Ox86GDsHED4bOAUSbQoNEAIACRkCEBV8Nw40Pgt+ADwMBQ45FhQbIxUfPRggHwI+KWpmER58BQUWIB8CEDsfHgY/EhYPHhpmDRwkEgIaBwMQZh8aaT4kNiM/aQ4JCnstGAwmOQRj Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host properatersch.fun Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie csu=362adb29-bc14-4186-905f-b60d7144c74f; fv=rjk4rdr8qdnHqiEFqjUErHk9qdr8vdw= Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Date Sun, 24 May 2020 21:07:17 GMT Content-Type text/html Content-Length 1246 Connection keep-alive Set-Cookie __cfduid=de4b00d85548d9aad773b63729fa868b11590354437; expires=Tue, 23-Jun-20 21:07:17 GMT; path=/; domain=.properatersch.fun; HttpOnly; SameSite=Lax; Secure cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip Accept-Ranges bytes CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 5989fc3fff1675da-ARN cf-request-id 02ea1bfbfe000075da56a21200000001
GET H2	200	/ Show response audit.quantcast.mgr.consensu.org/	80 B 486 B	153ms 50ms	XHR text/html	13.224.196.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit.quantcast.mgr.consensu.org/?log=;1590354437312;Moneytizer;https%3A%2F%2Fiir.ai%2FYdS6J2;;;;;b,off,false,,1,es,33,203,true,false,false;displayConsentUi:mandatory,;GDPR-s5jjyani304eebch1bl2 Requested by Host: static.quantcast.mgr.consensu.org URL: https://static.quantcast.mgr.consensu.org/v33/cmpui-banner.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.196.112 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-112.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 03:20:05 GMT via 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront) vary Origin age 64033 x-cache Hit from cloudfront status 200 content-length 80 last-modified Mon, 11 Jun 2018 22:07:34 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" access-control-max-age 3000 access-control-allow-methods GET content-type text/html access-control-allow-origin * x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id xpx5vx8S_HeCcKbvxvVtT66CXQtqwz6otrYpWecX9hX7tAflzYKutQ==
POST H/1.1	200 OK	headerstats Show response as-sec.casalemedia.com/	0 330 B	576ms 140ms	XHR text/plain	23.210.249.164 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Fiir.ai%2FYdS6J2&v=3 Requested by Host: js-sec.indexww.com URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-210-249-164.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Pragma no-cache Date Sun, 24 May 2020 21:07:17 GMT Server Apache Content-Type text/plain Access-Control-Allow-Origin https://iir.ai Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Sun, 24 May 2020 21:07:17 GMT
GET H/1.1	200 OK	popunder.gif traintincre.fun/	35 B 701 B	37ms 36ms	Image image/gif	104.16.107.2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://traintincre.fun/popunder.gif Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.16.107.2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma public Date Sun, 24 May 2020 21:07:17 GMT CF-Cache-Status HIT Server cloudflare Age 34704 Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Transfer-Encoding chunked Connection keep-alive CF-RAY 5989fc439fafcb00-ARN cf-request-id 02ea1bfe3d0000cb00c1355200000001
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame 6160	42 B 285 B	45ms 39ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthXaXHOOvksRnl9P60hcULFSKuq_xeh2AHlQxrmFCsgJOLO-BLOikDxbHxKGuASsdNU1-7ljUMhyUaVywrlUY51XGY-pYOXwa09JtQdMGmwojS&sai=AMfl-YRxA5RCCIsvsLdXYmi1ZGkzIqHCslt4P6mMlhdi_0i9Vbr2eeYDuBBFcQkd_cLq7hj4DN9v9Vk9M1V28TrBi31YDcH4Ln3QF5GQ0lK-&sig=Cg0ArKJSzIr7Nokj_aXnEAE&id=ampim&o=632,677&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=112&tls=1112&g=100&h=100&tt=1112&r=v&avms=ampa&adk=2252918807 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:17 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	activeview pagead2.googlesyndication.com/pcs/ Frame B8E3	42 B 107 B	40ms 40ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2GCWW4YBxQNZZ5ZptnKRfAuee8DnUJwaoMJc6so8avc2CZjg7VxqW4nq9xjpLplla5CwbMHDJ3n5bw5cSEqIb0QqXU-Slpu_nhRfGQe_NRCyr&sai=AMfl-YTGAgo_v6nqbJeAgByLse4RkauTZbN7ot7cSr8Z7o-aJSVY6maGjrYWqp1B0XwCPbNRhh5M9nSM5HfDz5DOs-bhFDcMOJfxlQP3CYsa&sig=Cg0ArKJSzA4XzWb6m-RUEAE&id=ampim&o=650,997&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=493&tls=1493&g=81.19999766349792&h=81.19999766349792&tt=1494&r=v&avms=ampa&adk=363645630 Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		thumbnail xml.realtime-bid.com/	0 0
GET H2	200	300x300_JV3ipgIYuREpVqhg2J7I.jpeg static.realtime-bid.com/n337/ad/ Frame C9CD Redirect Chain https://xml.realtime-bid.com/thumbnail?i=ZAbb6EhsLUM_1&imgt=icon https://static.realtime-bid.com/n337/ad/300x300_JV3ipgIYuREpVqhg2J7I.jpeg	13 KB 13 KB	121ms 33ms	Image image/jpeg	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Show image Full URL https://static.realtime-bid.com/n337/ad/300x300_JV3ipgIYuREpVqhg2J7I.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash a158f2ecee2585202bfe95c24282d6bae2fe173c84facfc347125fed64236c6b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:19 GMT last-modified Thu, 07 May 2020 02:51:39 GMT server nginx etag "5eb377bb-33f9" status 200 x-hw 1590354439.cds058.sk1.hn,1590354439.cds021.sk1.c content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 13305 Redirect headers Location https://static.realtime-bid.com/n337/ad/300x300_JV3ipgIYuREpVqhg2J7I.jpeg Date Sun, 24 May 2020 21:07:18 GMT Server nginx Connection keep-alive Content-Length 0
GET DATA	200 OK	truncated / Frame C9CD	795 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 40e7369d802a6b6488557987b4889a1f918613b1589715fc2cc45a607d39e863 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	38ms 20ms	XHR application/json	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020050602&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020050602.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cc5c34910d822aa65360c206bd3257eb316f6d8bd847e67f277ec7e3c9658386 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers timing-allow-origin * date Sun, 24 May 2020 21:07:18 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5514 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 5 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:18 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1582746470043195" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5456 x-xss-protection 0 expires Sun, 24 May 2020 21:07:18 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/209/ Frame 0444	0 0	7ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/209/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 5727 date Sun, 24 May 2020 21:03:21 GMT expires Mon, 24 May 2021 21:03:21 GMT last-modified Tue, 25 Feb 2020 17:32:01 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 237 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 55 B	38ms 38ms	Image image/gif	2a00:1450:4001:821::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020050602&jk=2243976357355849&bg=!JCelJz9Y5Pv1WD6Xc5ACAAAAYFIAAAAPmQFuduYWIr8lJp8Ev6hMW4hwsRvNE5FfyoWdIpIOwy-LSWLgH976cj3XhWK8geXetiVDulunTSQJHImwQcqdm55Ews63BKLa82Opcq6yPmwE1dOC_6vxO0rC70H37IudGeh1B3pJGAWlKDlRUPvxvK9No9UWRULBwoZMEqMEAzf2pcNZ3ONGKqjSRsLSTO9soOiTew1h7-y86W05KY3pQF2pNeuRbpbd5ACN01wC5i_WOd5G33e1fEor2VW3tkSXUYrqiGbaAJpXK3Y_RTXSSgWgJ5G00WCwBQNHpQ1mA73ybPDpXAW3B6akYkpGdnNoPXhkUtRRn3NVEvw-Sa87jqWGbCo1TkaRpyw8gHh9mrlZBFftrtH1zNdwp0WVJtPNiv6WIOJ8eJ4HGlQ_vwAOYfXb8lJF3wrDCSq910DkrSi1wJH8IdD1WlkdqzH47jszhL7ERDAmOmREOWjRSNE7kEO5Wk2SMNewr1C2BsdPHacg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:19 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	img.php img.cdn.house/ Frame C9CD	3 KB 3 KB	172ms 56ms	Image image/webp	148.251.137.8 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.cdn.house/img.php?id=NWVjNTFkMjFlMGFjMS5wbmc6MzU2OTo3MjI1NDoxNDoxODoxOTE6MjE0MTk1NTA6OTk5OQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 148.251.137.8 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.8.137.251.148.clients.your-server.de Software nginx / Resource Hash 242f146643768657d303086bf393e43d7fcb558aa90565d2870905e997018c3e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:21 GMT last-modified Wed, 20 May 2020 12:10:02 GMT server nginx content-type image/webp status 200 cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 accept-ranges bytes content-length 3342
GET H2	200	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FY... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....	12 KB 5 KB	69ms 68ms	XHR application/json	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220f3b325644d02%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22ff988644-33ae-409e-9371-e6176b6c3f21%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2234d2a9738bbe7%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%222abaca01-7147-4cd9-9f89-5b7de056207f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2246c66d05ceea85%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%224f56658c-b055-41b0-b0b2-df6821020b67%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%225303c5c22e017f%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%224502c2b5-5552-412c-9b5c-984a907a465d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%226b2c321dd3307%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%22c2ace565-400a-4faa-9802-9872ef3db537%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 05a35e98cbb6255c020d73257ac90ee33835b55ce9985739cfaff70a40b81444 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://iir.ai access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 5007 Redirect headers date Sun, 24 May 2020 21:07:26 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2235c54802bef78e8%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2220f3b325644d02%22%2C%22pid%22%3A%2222241472%22%2C%22tid%22%3A%22ff988644-33ae-409e-9371-e6176b6c3f21%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2234d2a9738bbe7%22%2C%22pid%22%3A%2222240932%22%2C%22tid%22%3A%222abaca01-7147-4cd9-9f89-5b7de056207f%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2246c66d05ceea85%22%2C%22pid%22%3A%2222241473%22%2C%22tid%22%3A%224f56658c-b055-41b0-b0b2-df6821020b67%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%225303c5c22e017f%22%2C%22pid%22%3A%2222244891%22%2C%22tid%22%3A%224502c2b5-5552-412c-9b5c-984a907a465d%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%226b2c321dd3307%22%2C%22pid%22%3A%2222263943%22%2C%22tid%22%3A%22c2ace565-400a-4faa-9802-9872ef3db537%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://iir.ai access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	hb Show response ice.360yield.com/ul_cb/ Redirect Chain https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FY... https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir....	3 KB 2 KB	58ms 58ms	XHR application/json	52.57.38.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2276a117bd1dc8ef%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2279960f77-4134-4336-ad73-d84cf4ec0961%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.38.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-57-38-160.eu-central-1.compute.amazonaws.com Software / Resource Hash 116b3781d7c89f404b4dc655a0d43f5d3e994de7c0b51077080ee14804768109 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip status 200 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://iir.ai access-control-allow-credentials true content-type application/json; charset=UTF-8 content-length 1768 Redirect headers date Sun, 24 May 2020 21:07:26 GMT status 302 location https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2236a38fb749e9585%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2258791%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2276a117bd1dc8ef%22%2C%22pid%22%3A%2222263945%22%2C%22tid%22%3A%2279960f77-4134-4336-ad73-d84cf4ec0961%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" access-control-allow-origin https://iir.ai access-control-allow-credentials true content-type text/plain content-length 0
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	633 B 669 B	90ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=20&formatid=26706&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 50728b2e44305cb1a39f419ca118a6250efdb9c717216a728d8db2c401b51ef9 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 438 expires Mon, 25 May 2020 21:07:26 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	627 B 660 B	89ms 30ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=19&formatid=26711&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 2253e27d8c8871590c60f89b3510bbc00bdc43672655526710d8c8fa416c7c33 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 429 expires Mon, 25 May 2020 21:07:26 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	91ms 31ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=31&formatid=39287&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 23fdd66c8768fd6605d350986c5ef0f5f6c34cb628c4397712ad286a11de7880 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Mon, 25 May 2020 21:07:26 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	631 B 666 B	90ms 31ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=28&formatid=30012&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash 2b4ef64427e8ba3eb0069e595ff5e5b4b7d1934ef659b30dd66638893d0f85f7 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 435 expires Mon, 25 May 2020 21:07:26 GMT
GET H2	200	moneybid.js Show response ads.themoneytizer.com/bidder1/	628 B 662 B	89ms 31ms	XHR text/html	151.139.241.23 HIGHWINDS2
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=58791&adid=3&formatid=26323&size=desktop Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US), Reverse DNS Software nginx / PHP/5.4.45 Resource Hash cdce76552ad1f66edd20e25ce326185f635772d6f88d1a84ff4bc036bd1cd525 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx status 200 x-powered-by PHP/5.4.45 vary Accept-Encoding x-cache HIT content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes content-length 431 expires Mon, 25 May 2020 21:07:26 GMT
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 413 B	56ms 56ms	XHR application/json	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.251 , Germany, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=2592000 content-encoding gzip status 200 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://iir.ai access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	210ms 68ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	209ms 68ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	234ms 93ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	229ms 88ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	233ms 93ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H2	200	/ Show response shb.richaudience.com/hb/	4 B 210 B	233ms 93ms	XHR text/html	159.69.63.105 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.69.63.105 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.105.63.69.159.clients.your-server.de Software nginx/1.10.3 / Resource Hash d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip server nginx/1.10.3 status 200 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://iir.ai access-control-max-age 86400 access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	19 B 704 B	63ms 63ms	XHR application/json	185.33.221.50 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.13.4 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Sun, 24 May 2020 21:07:28 GMT X-Proxy-Origin 165.231.142.36; 165.231.142.36; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80 AN-X-Request-Uuid 585f7206-a6fd-4a66-81f9-0baba239c8e5 Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://iir.ai Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 19 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	ac Show response ww1097.smartadserver.com/	22 B 462 B	331ms 200ms	Script application/javascript	185.86.137.113 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://ww1097.smartadserver.com/ac?nwid=1097&siteid=345731&pgid=1206499&fmtid=26711&async=1&visit=m&tmstp=1401845709&tag=sas_26711&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fiir.ai%2FYdS6J2&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,58791,1,iir.ai,iir.ai Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash bc5c2e3cd528daf1f1651b4853877fb3eaa7e244620d89b4c9c9a0fa4ce53046 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers pragma no-cache date Sun, 24 May 2020 21:07:26 GMT content-encoding gzip x-smrt-d 3%3b14%3b103 vary Accept-Encoding p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache, no-store content-type application/javascript; charset=utf-8 content-length 140 expires -1
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 200 B	249ms 64ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=58791&f=19&fi=0 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58791&formatId=19 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sun, 24 May 2020 21:07:26 GMT Server nginx X-IPLB-Instance 24855 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tbframe.js Show response cdn.taboola.com/shared/ Frame 58CF	14 KB 4 KB	164ms 53ms	Script application/x-javascript	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/shared/tbframe.js Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq content-encoding gzip etag "0c6cdb6c2f89bf98124c3679a3412fb6" age 17189 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 3897 x-amz-id-2 +9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo= x-served-by cache-hhn4081-HHN last-modified Thu, 14 Apr 2016 14:04:36 GMT server AmazonS3 x-timer S1590354447.930915,VS0,VE0 date Sun, 24 May 2020 21:07:26 GMT vary Accept-Encoding x-amz-request-id 95F04980218A6F57 via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/x-javascript abp 6 x-cache-hits 9855
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/themonetizer-network/ Frame 5900	717 KB 183 KB	53ms 53ms	Script application/javascript	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/shared/tbframe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 1f274f72ef76bd394f4ceca509ee43800a2f915b4e2ceb7284c62b70942d7c89 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id i_.ZY.MgAR8c8Gy.KNyq.vaLxJyesmY1 content-encoding gzip etag "85717bfb90db94273bfe728f7ab70c63" age 83 x-cache HIT status 200 content-length 186550 x-amz-id-2 I/oZEWQpCsqDfm5sofgQ7k37da+ZkAmu1I9YId9vEjkKhttmBtCq0HHOic6fmretXFlUlRM/A2M= x-served-by cache-hhn4081-HHN last-modified Sun, 24 May 2020 12:40:00 GMT server AmazonS3 x-timer S1590354447.010376,VS0,VE0 date Sun, 24 May 2020 21:07:27 GMT vary Accept-Encoding x-amz-request-id A36615C318F4A96C via 1.1 varnish cache-control private,max-age=14401 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 54 x-cache-hits 6
GET H2	200	impl.20200523-3-RELEASE.js Show response cdn.taboola.com/libtrc/ Frame 5900	446 KB 126 KB	53ms 53ms	Script application/javascript	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20200523-3-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d19f44f3fad81c7dcd710ec797b6123c840125f548a9d0de5fc8b9fbcdb625dd Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-amz-version-id IoHX8OuUjWuX7OM1aaqVNFqTZimaiD2n content-encoding gzip etag "6abe64399014ff6b48cd74dcdb0e9a02" age 31 x-cache HIT status 200 x-amz-replication-status COMPLETED content-length 128893 x-amz-id-2 U6KMqDBv3SffWHsBa5SAeAjEXgkspaBP2E5sAXnXSiqtJD6RcuVq/TpOTrVo45RPV8TaH6LmaDQ= x-served-by cache-hhn4081-HHN last-modified Sun, 24 May 2020 08:53:54 GMT server AmazonS3 x-timer S1590354447.175345,VS0,VE0 date Sun, 24 May 2020 21:07:27 GMT vary Accept-Encoding x-amz-request-id 6E668D3ACF62C655 via 1.1 varnish cache-control private,max-age=31536000 accept-ranges bytes content-type application/javascript; charset=utf-8 abp 6 x-cache-hits 11
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/ Frame 5900	1 KB 1 KB	223ms 66ms	Script application/x-javascript	172.227.85.103 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a172-227-85-103.deploy.static.akamaitechnologies.com Software / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 24 May 2020 21:07:27 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Mon, 25 May 2020 21:07:27 GMT
GET H2	200	json Show response trc.taboola.com/themonetizer-iirai/trc/3/ Frame 5900	31 B 348 B	63ms 62ms	Script text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/themonetizer-iirai/trc/3/json?tim=23%3A07%3A27.243&lti=deflated&data=%7B%22id%22%3A643%2C%22ii%22%3A%22%2Fyds6j2%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1590354447240%2C%22cv%22%3A%2220200523-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fiir.ai%2FYdS6J2%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22345731-PAVE%20BAS%22%2C%22orig_uip%22%3A%22345731-PAVE%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20200523-3-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 10 date Sun, 24 May 2020 21:07:27 GMT content-encoding gzip access-control-allow-origin * x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" status 200 x-served-by cache-hhn4081-HHN server nginx x-timer S1590354447.276047,VS0,VE10 vary Accept-Encoding content-type text/plain;charset=utf-8 via 1.1 varnish access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	204	debug trc.taboola.com/themonetizer-iirai/log/2/ Frame 5900	0 111 B	53ms 52ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=23%3A07%3A27.310&type=error&msg=Server%20did%20not%20respond%20to%20loadRBox&id=972&cv=20200523-3-RELEASE&lt=deflated Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Sun, 24 May 2020 21:07:27 GMT via 1.1 varnish server Varnish x-timer S1590354447.342406,VS0,VE0 x-served-by cache-hhn4081-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0
GET H2	204	debug trc.taboola.com/themonetizer-iirai/log/2/ Frame 5900	0 55 B	53ms 53ms	Image text/plain	151.101.113.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/themonetizer-iirai/log/2/debug?tim=23%3A07%3A27.312&type=error&msg=loadRBox%20failed%2C%20aborting.&id=153&cv=20200523-3-RELEASE&lt=deflated Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers x-vcl-time-ms 0 date Sun, 24 May 2020 21:07:27 GMT via 1.1 varnish server Varnish x-timer S1590354447.342493,VS0,VE0 x-served-by cache-hhn4081-HHN x-cache HIT content-type status 204 cache-control no-store access-control-allow-credentials true accept-ranges bytes x-sy true retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	b2 sb.scorecardresearch.com/ Frame 5900 Redirect Chain https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9= https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9=	0 248 B	66ms 66ms	Image text/plain	172.227.85.103 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9= Requested by Host: iir.ai URL: https://iir.ai/YdS6J2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a172-227-85-103.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Sun, 24 May 2020 21:07:27 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1590354447371&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fiir.ai%2FYdS6J2&c9= Pragma no-cache Date Sun, 24 May 2020 21:07:27 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200	12.json Show response id5-sync.com/g/v1/	130 B 434 B	156ms 49ms	XHR text/json	54.36.109.22 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v1/12.json?1puid=&gdpr=0&gdpr_consent= Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.22 , Germany, ASN16276 (OVH, FR), Reverse DNS p09.id5-sync.com Software / Resource Hash 44bb8e9558b1e2c2b925560403b00f61e737dc4b972f777da27aadb39412ff90 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://iir.ai Date Sun, 24 May 2020 21:07:28 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type text/json;charset=utf-8
GET H/1.1	200 OK	async_usersync.html acdn.adnxs.com/ib/static/usersync/v3/ Frame 6CA9	0 0	160ms 52ms	Document text/html	151.101.113.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx/1.9.13 / Resource Hash Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Connection keep-alive Content-Length 506 Server nginx/1.9.13 Content-Type text/html Last-Modified Fri, 20 May 2016 02:07:09 GMT ETag W/"573e714d-3e3" Expires Sun, 06 Aug 2017 09:41:59 GMT Cache-Control max-age=31536000 Access-Control-Allow-Origin * Content-Encoding gzip Via 1.1 varnish 1.1 varnish Accept-Ranges bytes Date Sun, 24 May 2020 21:07:29 GMT Age 25269933 X-Served-By cache-jfk8123-JFK, cache-hhn4039-HHN X-Cache HIT, HIT X-Cache-Hits 1276778, 4693645 X-Timer S1590354449.443105,VS0,VE0 Vary Accept-Encoding
GET H/1.1	200 OK	/ sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 8B2C	0 0	176ms 62ms	Document text/html	159.69.60.133 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=5323644551 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.69.60.133 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.133.60.69.159.clients.your-server.de Software nginx/1.14.2 / Resource Hash Request headers Host sync.richaudience.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://iir.ai/YdS6J2 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers Server nginx/1.14.2 Date Sun, 24 May 2020 21:07:29 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Encoding gzip
GET H2	200	/ onetag-sys.com/usync/ Frame CBD3	0 0	53ms 53ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?cb=1590354446116 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 51.89.9.251 , Germany, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?cb=1590354446116 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://iir.ai/YdS6J2 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://iir.ai/YdS6J2 Response headers status 200 content-type text/html cache-control no-transform, no-cache content-encoding gzip strict-transport-security max-age=2592000
GET H2	200	match euc-ice.360yield.com/ul_cb/ Redirect Chain https://ib.adnxs.com/getuid?https://euc-ice.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Feuc-ice.360yield.com%2Fmatch%3Fexternal_user_id%3D%24UID%26publisher_dsp_id%3D40%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://euc-ice.360yield.com/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://euc-ice.360yield.com/ul_cb/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA	43 B 421 B	57ms 56ms	Image image/gif	54.93.108.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://euc-ice.360yield.com/ul_cb/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.108.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-108-65.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:29 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers status 302 date Sun, 24 May 2020 21:07:29 GMT content-type text/plain content-length 0 location https://euc-ice.360yield.com:443/ul_cb/match?external_user_id=1328147870809817012&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	match euc-ice.360yield.com/ul_cb/ Redirect Chain https://match.adsby.bidtheatre.com/idmatch?publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=69&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3A... https://euc-ice.360yield.com/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69 https://euc-ice.360yield.com/ul_cb/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69	43 B 443 B	56ms 55ms	Image image/gif	54.93.108.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://euc-ice.360yield.com/ul_cb/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.108.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-108-65.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:29 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers status 302 date Sun, 24 May 2020 21:07:29 GMT content-type text/plain content-length 0 location https://euc-ice.360yield.com:443/ul_cb/match?gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&gdpr=1&expiration=1591564049&external_user_id=2ddbfd1b-c70f-4fb5-be9b-9047dc1234f6&publisher_dsp_id=69 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	match euc-ice.360yield.com/ul_cb/ Redirect Chain https://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAA... https://track.adform.net/serving/cookie/match/?CC=1&party=5&publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIv... https://euc-ice.360yield.com/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455 https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455	43 B 422 B	57ms 56ms	Image image/gif	54.93.108.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://euc-ice.360yield.com/ul_cb/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.108.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-108-65.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:29 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers status 302 date Sun, 24 May 2020 21:07:29 GMT content-type text/plain content-length 0 location https://euc-ice.360yield.com:443/ul_cb/match?publisher_dsp_id=42&Expiration=1591564049&external_user_id=5480052539151076455 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	match euc-ice.360yield.com/ Redirect Chain https://id5-sync.com/match?publisher_user_id=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&publisher_red... https://id5-sync.com/c/124/124/1/1.gif?puid=5adbdbd8-4dda-4811-a9dd-7ba7949e366e&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F124%2F101%2F0%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3DBOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://id5-sync.com/c/124/101/0/2.gif?puid=424a0943-a7c4-452d-a23d-ca18ea5e7505&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOVQzeQSfDiw5OeL01a8m4dDNcsRD-9L_LmOyYiQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA	43 B 524 B	56ms 55ms	Image image/gif	54.93.108.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOVQzeQSfDiw5OeL01a8m4dDNcsRD-9L_LmOyYiQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.93.108.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-93-108-65.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:29 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers Location https://euc-ice.360yield.com/match?publisher_dsp_id=79&external_user_id=ID5-ZHMOVQzeQSfDiw5OeL01a8m4dDNcsRD-9L_LmOyYiQ&dsp_callback=0&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA Date Sun, 24 May 2020 21:07:28 GMT Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload P3P CP="CAO PSA OUR"
GET H2	200	match ad.360yield.com/ul_cb/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm=&google_sc=&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&google_tc= https://ad.360yield.com/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1 https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1	43 B 433 B	54ms 54ms	Image image/gif	18.185.245.187 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.185.245.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-185-245-187.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://iir.ai/YdS6J2 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Sun, 24 May 2020 21:07:29 GMT access-control-allow-origin * content-type image/gif content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Redirect headers status 302 date Sun, 24 May 2020 21:07:29 GMT content-type text/plain content-length 0 location https://ad.360yield.com:443/ul_cb/match?publisher_dsp_id=55&gdpr=1&gdpr_consent=BOo5R8OOz4uIvCLAAAENDL-AAAAv3AAA&external_user_id=CAESEI7EvTqzBeO8bZf0C3khA3Q&google_cver=1 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

id5-sync.com

URL

https://id5-sync.com/c/12/112/2/8.gif?puid=0&gdpr=1&gdpr_consent=

Domain

xml.realtime-bid.com

URL

https://xml.realtime-bid.com/thumbnail?i=ZAbb6EhsLUM_1&imgt=icon