tii.ai Open in urlscan Pro
2606:4700:3036::681b:b9c0 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tii.ai/auth/
Submission Tags: 6716648
Submission: On August 03 via api (August 3rd 2020, 3:50:02 pm UTC) from NL

Summary HTTP 79 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 35 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3036::681b:b9c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is tii.ai.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 19th 2020. Valid for: 8 months.

This is the only time tii.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3036::681b:b9c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.208.134 143.204.208.134	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::6819:832c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.178.195.173 51.178.195.173	16276 (OVH) (OVH)
3	2606:4700:10:... 2606:4700:10::6814:326f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
3	139.45.196.72 139.45.196.72	9002 (RETN-AS) (RETN-AS)
1	52.86.219.129 52.86.219.129	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.88.238 52.217.88.238	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:5a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
8	13.249.125.101 13.249.125.101	16509 (AMAZON-02) (AMAZON-02)
2	52.10.109.135 52.10.109.135	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:d000:a:1c2:c200:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:3200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	139.45.195.162 139.45.195.162	9002 (RETN-AS) (RETN-AS)
2	54.148.186.197 54.148.186.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:c00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.196.217.48 18.196.217.48	16509 (AMAZON-02) (AMAZON-02)
1	13.35.254.73 13.35.254.73	16509 (AMAZON-02) (AMAZON-02)
2 14	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.19.135.80 104.19.135.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.35.254.89 13.35.254.89	16509 (AMAZON-02) (AMAZON-02)
1	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.5.109.251 23.5.109.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.105.245.5 23.105.245.5	7979 (SERVERS-COM) (SERVERS-COM)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	52.50.67.37 52.50.67.37	16509 (AMAZON-02) (AMAZON-02)
6 6	35.157.168.25 35.157.168.25	16509 (AMAZON-02) (AMAZON-02)
2 2	136.243.75.33 136.243.75.33	24940 (HETZNER-AS) (HETZNER-AS)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	3.126.63.176 3.126.63.176	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	139.45.195.176 139.45.195.176	9002 (RETN-AS) (RETN-AS)
79	37

7 2606:4700:3036::681b:b9c0 (United States)

ASN13335 (CLOUDFLARENET, US)

tii.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.134 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-134.fra53.r.cloudfront.net

dc5k8fg5ioc8s.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:832c (United States)

ASN13335 (CLOUDFLARENET, US)

shrinkearn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.178.195.173 (France)

ASN16276 (OVH, FR)
PTR: ip173.ip-51-178-195.eu

fenailany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:326f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.72 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.219.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-219-129.compute-1.amazonaws.com

aphycolourses.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.88.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:5a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.249.125.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tantsprovisitsc.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.109.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-109-135.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d000:a:1c2:c200:21 (United States)

ASN16509 (AMAZON-02, US)

dxz454z33ibrc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:3200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.162 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.186.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)

track.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.217.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-73.fra6.r.cloudfront.net

deserswhene.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.132.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.89 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-89.fra6.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.5.109.251 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-109-251.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.67.37 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.168.25 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.75.33 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.63.176 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.176 (Ascension Island)

ASN9002 (RETN-AS, EU)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com 2 redirects c.mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com cdn.mgid.com	154 KB
8	tantsprovisitsc.club tantsprovisitsc.club	1 KB
7	adtrue.com cdn.adtrue.com exchange.adtrue.com track.adtrue.com	64 KB
7	tii.ai tii.ai	220 KB
6	bidswitch.net 6 redirects x.bidswitch.net	3 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	158 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	180 KB
3	inpagepush.com inpagepush.com	26 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	730 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	829 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adhigh.net 2 redirects px.adhigh.net	938 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	613 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	steepto.com s-img.steepto.com	11 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	704 B
2	google.com www.google.com
2	google-analytics.com www.google-analytics.com	18 KB
2	shrinkearn.com shrinkearn.com	181 KB
2	cloudfront.net dc5k8fg5ioc8s.cloudfront.net d3al52d8cojds7.cloudfront.net Failed dxz454z33ibrc.cloudfront.net	156 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	onstunkyr.com onstunkyr.com	482 B
1	lentainform.com cm.lentainform.com	328 B
1	idealmedia.io cm.idealmedia.io	556 B
1	deserswhene.club deserswhene.club	367 B
1	rtmark.net my.rtmark.net	764 B
1	amazonaws.com s3.amazonaws.com	18 KB
1	aphycolourses.info aphycolourses.info	24 KB
1	recaptcha.net www.recaptcha.net	907 B
1	fenailany.com fenailany.com	1 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
0	mixmarket.biz Failed udata.mixmarket.biz Failed
0	boudja.com Failed boudja.com Failed
79	35

	Domain	Requested by
8	tantsprovisitsc.club	dc5k8fg5ioc8s.cloudfront.net dxz454z33ibrc.cloudfront.net
7	cm.mgid.com	jsc.mgid.com
7	tii.ai	tii.ai
6	x.bidswitch.net	6 redirects
4	fonts.gstatic.com	tii.ai
3	c.mgid.com	2 redirects
3	inpagepush.com	tii.ai inpagepush.com
3	cdn.adtrue.com	tii.ai exchange.adtrue.com
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	px.adhigh.net	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	s-img.mgid.com	jsc.mgid.com
2	s-img.steepto.com
2	track.adtrue.com	exchange.adtrue.com
2	www.google.com	www.gstatic.com
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	www.google-analytics.com	www.googletagmanager.com tii.ai
2	exchange.adtrue.com	tii.ai cdn.adtrue.com
2	shrinkearn.com	tii.ai
2	fonts.googleapis.com	tii.ai jsc.mgid.com
1	onstunkyr.com
1	acdn.adnxs.com	cdn.adtrue.com
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com
1	cm.idealmedia.io
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	exchange.adtrue.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	deserswhene.club
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	ib.adnxs.com	cdn.adtrue.com
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	my.rtmark.net	inpagepush.com
1	dxz454z33ibrc.cloudfront.net	tii.ai
1	www.gstatic.com	www.recaptcha.net
1	quantcast.mgr.consensu.org	tii.ai
1	s3.amazonaws.com	tii.ai
1	aphycolourses.info	tii.ai
1	www.recaptcha.net	tii.ai
1	fenailany.com	tii.ai
1	www.googletagmanager.com	tii.ai
1	dc5k8fg5ioc8s.cloudfront.net	tii.ai
0	udata.mixmarket.biz Failed
0	boudja.com Failed	tii.ai
0	d3al52d8cojds7.cloudfront.net Failed	tii.ai
79	52

This site contains links to these domains. Also see Links.

Domain
shrinkearn.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-19` - `2020-10-09`	8 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
fenailany.com Let's Encrypt Authority X3	`2020-07-17` - `2020-10-15`	3 months	crt.sh
*.adtrue.com COMODO RSA Domain Validation Secure Server CA	`2017-08-04` - `2020-09-02`	3 years	crt.sh
misc.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-05-20` - `2020-08-18`	3 months	crt.sh
aphycolourses.info Let's Encrypt Authority X3	`2020-07-14` - `2020-10-12`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
tantsprovisitsc.club Amazon	`2020-07-23` - `2021-08-23`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
deserswhene.club Amazon	`2020-07-13` - `2021-08-13`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
onstunkyr.com Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://tii.ai/auth/
Frame ID: DDE6B176684A207899C756523D4601CF
Requests: 43 HTTP requests in this frame

Frame: https://tantsprovisitsc.club/NERCaUtVJiEEdFV5IE8+Rih/THlyYXAvL1dxKVEtU3ErBigMN2wKJ1sxJg85Wyo2RyVRMGdbDUcVOAUgZy8TDh1TKzEMMVAVAyEvDCc1EShXKgAFHkwnLiIheQEGHgpDBRMCeXUVGB4dYHQyMCFQAAMhLwYeFDwNfgcMTHl2DDUsIH53diAaXTclIBpmFSAtCk4SJVB4eRdzDQpnMzYlHUMFIC0OXQYDAidkLTI/CHcwKgoTDRYYIRlZB3M7In8XCAgPZxU1JQ5bCSBaKHYMBDN9eBdzJwpnHioKGl8OCRAvWQdzOCd6dhslHXAOKgoaWBInAT9NABZEPxF2BAscbQgUKjgECXM8CWQXBwEeU3RnWwltHARMeXIRGgUxVhUyOikHHjgsGgwtDyp+YhUaDgNuIzY8AV10LTEOcnAmKhlXBjssOVUsOj4uXScwOjxHKgs+EngNLCN4VhUuIi1aEjgqIER8Jj4SeBIGAid+EiU+AgYCOg96cnEhW3t/ES8eM1IjZAM4WyoyVCB+MABZGX8GcQUSVw
Frame ID: 6122349E9B84FBF202F46C9B29C6723D
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/auth/&cb=2496960958&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/auth/
Frame ID: 124545703794BF5B18745035C1FC3B57
Requests: 3 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v35/cmp-3pc-check.html
Frame ID: 02CABC1E895845A54CFEDAB96F471491
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=o3s5dxbnn2tb
Frame ID: 171AC038DD4C42F5B844242F22D252ED
Requests: 1 HTTP requests in this frame

Frame: https://tantsprovisitsc.club/a3dYdWQKFTsYWwpKOlMRGRtlUFYtUmozABMNbEBQEURrHAYZFHYWCAQCPBMWBBksWwoOA31HIgwtHjccPBkBPTQTT2AmNipCHiIAKSIPHS4KIm02Kww+aTImOQMSHCUtIS8SEwoOHi0ADCI/MAgHHg4PPTM0MhEpDTUVPilbDyogJT5HHUcAKCYxJCYlJWkvKxwuLzcTCEYZD1wzMmssISRHKz80HAQiMgMMDw4yAxwiAEAmDUcKIAEpAG8zNVtSajcmPyIeMSw9NB8zKjwuGhJUKhAdTTIsHx82MC4kPkU2PicvP0FZMQozNQQhHx0jPSAZAAVbPm8vMkYffUciOTEJDSU4GDk0NwgiFzdUJT0eJwsmMR4fNgUlHiAKPTM5GVA7OBkgVywcHhwpBU4dIyAcLhUnKikuMzBdLgA7QiwFOQwjCSokFRI1JycKJ0FZMQo2LgQmNicjOBoKNAUAIRMvDylSajM2LSYyMCAcLx4fCD4WHDc2MkcCRTY9PWo3IwgkDkcqKDggNzwKJRYfIQc6IScgUyMZHzYhJ2gRMDJHDUE2HDZoJB5fIxoSQgEENxsUViAiBlczNmkiVw
Frame ID: 7FA806862AB5F9D017435EDB9E2EA858
Requests: 1 HTTP requests in this frame

Frame: https://tantsprovisitsc.club/dzVaa3gWVzkGRxYIOE0NBVlnTkoxEGgtHA9Pbl5MDQZpAhoFVnQIFBhAPg0KGFsuRRYSQX9ZPhVvahs2Lk8LLjIkeBwoADpfET1MOmM0E0ghZAgpMTMBFzwQEwYdPz4ZeBtTIjNCDwAwJnMNOjkccDsTHDh0aQ9dRXMIPR8wfxkbHTJSEwA0GwEcOisERRs6FCNXHgAsIEIiWDIfZz8tERxaHz09MGUNGC8hYzUFMR9ZPigBLkYIDCEfU2glLDJjDF0iJgAMKTs6XxxaCyJ8NwMpE14QXx4mRTsuAU9dCAwiL38jHDkyYwxdMR90CD0gGAQIDCIvUGlGSE93DCYuEnA1OS4vWikuSCZ5FhEXMGM9HBI4YAMsMS8Mf1k6IXcqPh4wXQgpPU9dEDkcLXZoUl1FcxMpPiFQMy4zL0IQHR5Gew4qERxYHilJNFASWzkvdw8HMTZsCD0pDwQPKQgvbxIHKzVzCAAdRnwIPSAYEGgpORt8HSQ7JXIYAj5SBxwNFCZUDCMABXM9ADwSbW86LiZzbw85MnsbWEgBYzYuOzt2NgktIW9jDRQTYgwCTAdgDCo7PHR8AQsYWypWLCVmDS4sGwQZPDRCQTQl
Frame ID: 2EB5EBD7A98AC113D2C0E45F5BEFC516
Requests: 1 HTTP requests in this frame

Frame: https://tantsprovisitsc.club/YXgxVjAAGlI7DwBFU3BFExQMcwInXQMQVBkCBWMEG0sCP1ITGx81XA4NVTBCDhZFeF4EDBRkdlk1dBB6L0h3AnwIHGMwWzAXfQdAUzoCHBVTPnNlVzYzSyZpLUhzbnkWTHwXYiNNVxJcWDlJPmYgD1YsUlE1BgB4GU90BQEzNEhieztJZCB7BghGEFkgDGcORyQiS2d4LRRFbnkKOUMHYygLYwViMzZcb3MoOQElegpIXg5zURd0OH5THHY1eDs5ey5pNxdWA0kGFmAvBSUzZiF1IABnLFU3TEcEczAUdDh9IDRyPmU7OXsuegoqWhdeJAB0OH0gG3l7XA4bcAdVBzoEPXEPPV4ESicbexIFMjEAJV8xKnssVA8qBxd3WTxVZEcnG2MxQSgtfCVoJioGMncwO1IFZgQzXQBbBA9SO2YyMVgBdwYuUmVcNDNkH0UrPns9cQYcSRR3WTlTZQAmG2AYRgcPaz1xDz0HAFkFKnwvcTIbAgwABB9zIHFSHEcHXhktUjhfJDF3DEkCPmdiZikhQxdZMy57LwAxMnAQAgQffDxxMi1FFGM3LnghFgsLXjhAXBIIGwEwSHoufSMpUxQIEw
Frame ID: DE727C53976D6A2606075643AEA00D57
Requests: 1 HTTP requests in this frame

Frame: https://tantsprovisitsc.club/T25KOTcuDClUCC5TKB9CPQJ3HAUJS3h/UzcUfgwDNV15UFU9DWRaWyAbLl9FIAA+F1kqGm8LcX0MHwwDFTtydn4dNw5adSQAAn9fezkCY3YZABB1fQ4dAXBlfhQJb3oOOSBaTRkZH3V+C1Y9fWI8WAtecTY2eF5iDS0PclR+WgtwZnoUGWx6Oi0ZQXEaOSFge387A3B1LAAMeFw6PQJOEn0sH35xKw96SWEVGQtPcDgZIn5kCiIObkcqKgwIbykZG15zDi8gan83Jwl6AwAPeklhBix/S2QjO3lqfzcnHHEPNgh6TgEqBRhLZCM7P3FjezsLfVAGIggUegIhelEPHwIIAWAiLAZsBT8ILFV2ACQyUl0JKwgAeyIaAW9kAisAawYOCBwJRwc/E1J2IgoubwR3IQBeWAQnLVFFHAcECm8iLANqBDsNLFJDAwscQUUcAh8BcwwJEH9OFScsfQIeCAxJUBxfBElwByMpb1k3CwZBAhgKLQAEBygDTWAMHS54Tjs4AQlbHAgMUkQcPw9LbzYBLntAaQQ5Vlk/UzsPeHgXAQt9KQANbHU
Frame ID: A8DEEE79C87AF685E04CF283236112EF
Requests: 1 HTTP requests in this frame

Frame: https://track.adtrue.com/track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2Fauth%2F&loc=https%3A%2F%2Ftii.ai%2Fauth%2F
Frame ID: 0509A0D92B295AD5F58BB91953F3946D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=nek22z6fll3s
Frame ID: 256CF186887D0C21D56FFBE4290645DE
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 548D7D94A67535DAF4A6D43806A4F779
Requests: 21 HTTP requests in this frame

Frame: https://track.adtrue.com/track/passback?pzoneid=18694
Frame ID: 0BC2CEF2402A4ACABFD9B04F1E112FB5
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1596469787033888795006
Frame ID: E4EE29EE081D1A11638270956CCC9A7E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 395F93FBFF49400F67EFF630FC686F9E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 498FEC95E92B220D9A1ED16A0A0EF7EA
Requests: 1 HTTP requests in this frame

Frame: https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
Frame ID: 7E8B79F770B9EAB47957A08AA1F10C62
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

79
Requests

95 %
HTTPS

32 %
IPv6

35
Domains

52
Subdomains

37
IPs

8
Countries

1251 kB
Transfer

3073 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://shrinkearn.com/

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShrinkearnClksh

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://c.mgid.com/c?pv=2&v=0|0|0|btAmVqw690BXyaQXPIJZnLbVdqwbuAp-JBysFVBN72qoJ1LrkE0v5PUnNiMu8Tl6&cid=949756&f=1&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445615bcZAcp2ph2020080310h&psid=3487732&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4MzU0NzQvMzI4eDMyOC8weDB4ODYweDU3My9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMemRsTWpBd1pqaG1aREV5TkRNeVpXSXpabUV6WVRJM056TXpZak16TVRrMUxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp

Request Chain 65

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azczS09jRTJRRk44&muidn=k73KOcE2QFN8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azczS09jRTJRRk44&muidn=k73KOcE2QFN8&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k73KOcE2QFN8&google_ula={guid},5&google_gid=CAESEGa49NGp0NhgKHYo_eVz6ik&google_cver=1

Request Chain 69

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=a78ff848-2cca-4449-975d-f61bcadd3734&ttl=1599061787

Request Chain 70

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMQZaAyxLpEk.AikABlFztQN_Vw&expires=30&ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=9&user_id=uMQZaAyxLpEk.AikABlFztQN_Vw&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=d517773b-b12d-4767-8647-a48bbc41fa78

Request Chain 71

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=SU8WVIAyRpCX0wb20MSf&pi=mgid&tc=1

Request Chain 72

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=6ce045bf-fb85-46fa-847d-6d472abd6e32

Request Chain 73

https://x.bidswitch.net/sync?dsp_id=303&user_id=k73KOcE2QFN8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k73KOcE2QFN8 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0&verify=true

Request Chain 79

https://c.mgid.com/c?pv=2&v=0|0|0|btAmVqw690BXyaQXPIJZnLbVdqwbuAp-JBysFVBN72qoJ1LrkE0v5PUnNiMu8Tl6&cid=949756&f=1&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445615bcZAcp2ph2020080310h&psid=3487732&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4MzU0NzQvMzI4eDMyOC8weDB4ODYweDU3My9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMemRsTWpBd1pqaG1aREV5TkRNeVpXSXpabUV6WVRJM056TXpZak16TVRrMUxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp

79 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tii.ai/auth/ 36 KB
16 KB 454ms
405ms Document
text/html 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fcb1b5c9105e3d96f12a8a2da14426d55459c725b07ec500be66298971c0510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tii.ai
:scheme: https
:path: /auth/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 15:49:37 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d27311e9e116c6ef32637e8109dea4f501596469777; expires=Wed, 02-Sep-20 15:49:37 GMT; path=/; domain=.tii.ai; HttpOnly; SameSite=Lax; Secure AppSession=33cab8c3cf5026d29fc08d36ec9d4a5a; path=/; HttpOnly; secure csrfToken=acc3166ab27a4793f7aa180ebfcebeada8056ec93371c930855b5fcb9f7353fb1581f459251703679f10584dc9403aaf04610d53bc07adce86de38f560c277dd; path=/; HttpOnly; secure
cache-control: no-store, no-cache, must-revalidate
cf-railgun: direct (starting new WAN connection)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
cf-request-id: 04569cac1b0000d6c50c9b8200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bd1308cf8c2d6c5-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 3 KB
567 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:09:41 GMT
server: ESF
date: Mon, 03 Aug 2020 15:49:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Aug 2020 15:49:37 GMT

GET
H2 200 styles.min.css
tii.ai/cloud_theme/build/css/ 189 KB
31 KB 21ms
20ms Stylesheet
text/css 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 992206
status: 200
cf-request-id: 04569cadbf0000d6c50c9ef200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bd1308f9805d6c5-FRA
expires: Sat, 22 Aug 2020 04:12:48 GMT

GET
H2 200 / Show response
dc5k8fg5ioc8s.cloudfront.net/ 50 KB
20 KB 400ms
245ms Script
text/plain 143.204.208.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.134 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-208-134.fra53.r.cloudfront.net
Software: /
Resource Hash: 9eca13367080cdfde12b1051b4d64ca6c4fee0f4966dedb7a2f4a07716b3865e

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 19763
via: 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-cf-id: hbpO5jU5jA7Eh7ZRLh1_DicTV5X-NJ9DUH6NszJl34mlNdMDHcO8EQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
33 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c31924c39518af1f9c7c67280c958ff4c6d1356ddbae16e02aa528176a9cde2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34146
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Aug 2020 15:49:38 GMT

GET
H2 200 hmpglogo228x70.png
shrinkearn.com/webroot/modern_theme/img/ 4 KB
5 KB 73ms
19ms Image
image/png 2606:4700:20::6819:832c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkearn.com/webroot/modern_theme/img/hmpglogo228x70.png

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:832c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15403564
cf-polished: origSize=5281
status: 200
content-length: 4186
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Nov 2019 03:42:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/png
expires: Sat, 06 Feb 2021 09:03:33 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 04569cafb700001f35459ea200000001
accept-ranges: bytes
cf-ray: 5bd13092bb1a1f35-FRA
cf-bgj: imgq:100

GET
H/1.1 200
OK 14504 Show response
fenailany.com/trVUCXBUCLLp/ 5 B
1 KB 304ms
69ms Script
text/html 51.178.195.173
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://fenailany.com/trVUCXBUCLLp/14504

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_CBC

Server

51.178.195.173 , France, ASN16276 (OVH, FR),

Reverse DNS

ip173.ip-51-178-195.eu

Software

nginx /

Resource Hash

d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 15:49:38 GMT
Content-Encoding: gzip
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Keep-Alive: timeout=20

GET
H2 200 sw_2735395.js Show response
tii.ai/ 93 KB
34 KB 28ms
28ms Script
application/javascript 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/sw_2735395.js

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1312719
status: 200
cf-request-id: 04569caf170000d6c50ca06200000001
last-modified: Wed, 08 Jan 2020 13:18:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bd13091be43d6c5-FRA
expires: Tue, 18 Aug 2020 11:10:58 GMT

GET /
d3al52d8cojds7.cloudfront.net/ 0
0

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 65ms
13ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Oct 2019 03:52:05 GMT
server: cloudflare
age: 23964003
etag: W/"5d941ee5-1c42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bd13092bf3a05c8-FRA
cf-request-id: 04569cafb7000005c8dcb91200000001
expires: Sun, 25 Oct 2020 07:09:35 GMT

GET
H2 200 ads.js Show response
tii.ai/js/ 191 B
268 B 31ms
21ms Script
application/javascript 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/js/ads.js?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1312759
status: 200
cf-request-id: 04569caf6e0000d6c50ca0f200000001
last-modified: Mon, 02 Sep 2019 23:24:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bd130924821d6c5-FRA
expires: Tue, 18 Aug 2020 11:10:18 GMT

GET
H2 200 script.min.js Show response
tii.ai/cloud_theme/build/js/ 202 KB
57 KB 31ms
31ms Script
application/javascript 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1372590
status: 200
cf-request-id: 04569caf800000d6c50ca13200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 5bd130926868d6c5-FRA
expires: Mon, 17 Aug 2020 18:33:05 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 742 B
907 B 113ms
15ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a02f96cfc9407ea221d62bd3404a88078c854b20647b5ebcd8a091b6490d70cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Mon, 03 Aug 2020 15:49:38 GMT

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 NewBackground.jpeg
shrinkearn.com/webroot/modern_theme/img/ 176 KB
176 KB 77ms
34ms Image
image/jpeg 2606:4700:20::6819:832c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shrinkearn.com/webroot/modern_theme/img/NewBackground.jpeg

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::6819:832c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17980222
cf-polished: origSize=180059
status: 200
content-length: 179836
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Feb 2018 04:35:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
expires: Thu, 07 Jan 2021 13:19:15 GMT
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-request-id: 04569cafb700001f35459eb200000001
accept-ranges: bytes
cf-ray: 5bd13092bb1e1f35-FRA
cf-bgj: imgq:100

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Wed, 08 Jul 2020 23:44:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 2217911
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Thu, 08 Jul 2021 23:44:27 GMT

GET
H/1.1 200
OK 3487732 Show response
inpagepush.com/400/ 65 KB
24 KB 329ms
105ms Script
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3487732

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

7e9d2542d562d9ae9e0b476c580b7aa096227f795c4c40cc899ec729414dff04

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 89b61bc6b7eae263774d1dc427e128cb
Pragma: no-cache
Date: Mon, 03 Aug 2020 15:49:38 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 OXJ6azVCUAkcakwAFkkPGxoOH0VKSFVEQVAbVApcFgENNAcOQU9YDAxcEBgXFVAJBlMbSEtHF00THTRcXVBASQ0JR0JTARteWBhAWy0TDwcbSFhfAQpLS1sEDV8cWQEJX05cAAFfQg0GAV8bUgUPRU9bBQ9BTw8XRA Show response
aphycolourses.info/ 58 KB
24 KB 444ms
160ms Script
application/javascript 52.86.219.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aphycolourses.info/OXJ6azVCUAkcakwAFkkPGxoOH0VKSFVEQVAbVApcFgENNAcOQU9YDAxcEBgXFVAJBlMbSEtHF00THTRcXVBASQ0JR0JTARteWBhAWy0TDwcbSFhfAQpLS1sEDV8cWQEJX05cAAFfQg0GAV8bUgUPRU9bBQ9BTw8XRA
Requested by: Host: tii.ai
URL: https://tii.ai/sw_2735395.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.86.219.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-219-129.compute-1.amazonaws.com
Software: / Express
Resource Hash: 99453711e63d632c588d912394bd634920d80a2edf081aa2b5afb3d04cc392d9

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"e734-c6WRY5fh+/tGf63Q02jsQcbsNfI"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK 05adf9b142 Show response
s3.amazonaws.com/241b9fda506cc0f77f3f28c7c161801433388fdbfeab55ecb180b350/ 17 KB
18 KB 576ms
153ms XHR
binary/octet-stream 52.217.88.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/241b9fda506cc0f77f3f28c7c161801433388fdbfeab55ecb180b350/05adf9b142
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.88.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40797541de872ad815d81eb869fbcfecfb47577121b2a3325f4db6448d816170

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 15:49:39 GMT
x-amz-meta-pragma: no-cache
x-amz-request-id: AC1D6649C0A5481B
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Length: 17348
x-amz-id-2: VAmxpRMH2XqWfVmPBZuNhi+3iB48VHzIimSHZG2FvgeUTyTh+tiUENwzPcw9meriOMH1XNqW4Mo=
Last-Modified: Mon, 03 Aug 2020 15:24:09 GMT
Server: AmazonS3
ETag: "d0aa4a8a7045a1870cccc6c9aa3f13e5"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes

GET
H2 200 footer.jpg
tii.ai/cloud_theme/build/img/ 6 KB
6 KB 40ms
27ms Image
image/jpeg 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tii.ai/cloud_theme/build/img/footer.jpg

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12919293
status: 200
content-length: 6152
cf-request-id: 04569cb06f0000d6c50ca2d200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5bd13093ec72d6c5-FRA
expires: Sun, 07 Mar 2021 03:08:02 GMT

GET
H2 200 fontawesome-webfont.woff2
tii.ai/cloud_theme/build/fonts/ 75 KB
76 KB 21ms
20ms Font
font/woff2 2606:4700:3036::681b:b9c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681b:b9c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://tii.ai

Response headers

date: Mon, 03 Aug 2020 15:49:38 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 354772
status: 200
content-length: 77160
cf-request-id: 04569cb0710000d6c50ca30200000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: font/woff2
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5bd13093ec85d6c5-FRA
expires: Thu, 06 Aug 2020 13:16:44 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
13 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Tue, 14 Jul 2020 13:19:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
age: 1737000
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Wed, 14 Jul 2021 13:19:38 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://tii.ai

Response headers

date: Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1005872
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Fri, 23 Jul 2021 00:25:06 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 257 KB
70 KB 24ms
22ms Script
text/javascript 2600:9000:214f:5a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:5a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8b80635d65f907b3eccd5b25b9ce269f3ea4ae3ff47ac34d59e533dc782aef80

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 03 Aug 2020 15:43:02 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 22:07:20 GMT
server: AmazonS3
age: 396
etag: W/"2199494e2561c37afe3b476b00aff1dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wMZvruAl_2Td-P-E3_chUViJ01EPgOAxHl-HMf9ufpH3_lLNJXyvsA==
via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)

GET
H2 200 ES8eM1IjZAM4WyoyVCB+MABZGX8GcQUSVw
tantsprovisitsc.club/NERCaUtVJiEEdFV5IE8+Rih/THlyYXAvL1dxKVEtU3ErBigMN2wKJ1sxJg85Wyo2RyVRMGdbDUcVOAUgZy8TDh1TKzEMMVAVAyEvDCc1EShXKgAFHkwnLiIheQEGHgpDBRMCeXUVGB4dYHQyMCFQAAMhLwYeFDwNfgcMTHl2DDUsIH53... Frame 6122 0
0 496ms
171ms Document
text/html 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/NERCaUtVJiEEdFV5IE8+Rih/THlyYXAvL1dxKVEtU3ErBigMN2wKJ1sxJg85Wyo2RyVRMGdbDUcVOAUgZy8TDh1TKzEMMVAVAyEvDCc1EShXKgAFHkwnLiIheQEGHgpDBRMCeXUVGB4dYHQyMCFQAAMhLwYeFDwNfgcMTHl2DDUsIH53diAaXTclIBpmFSAtCk4SJVB4eRdzDQpnMzYlHUMFIC0OXQYDAidkLTI/CHcwKgoTDRYYIRlZB3M7In8XCAgPZxU1JQ5bCSBaKHYMBDN9eBdzJwpnHioKGl8OCRAvWQdzOCd6dhslHXAOKgoaWBInAT9NABZEPxF2BAscbQgUKjgECXM8CWQXBwEeU3RnWwltHARMeXIRGgUxVhUyOikHHjgsGgwtDyp+YhUaDgNuIzY8AV10LTEOcnAmKhlXBjssOVUsOj4uXScwOjxHKgs+EngNLCN4VhUuIi1aEjgqIER8Jj4SeBIGAid+EiU+AgYCOg96cnEhW3t/ES8eM1IjZAM4WyoyVCB+MABZGX8GcQUSVw
Requested by: Host: dc5k8fg5ioc8s.cloudfront.net
URL: https://dc5k8fg5ioc8s.cloudfront.net/?gfkcd=805884
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: tantsprovisitsc.club
:scheme: https
:path: /NERCaUtVJiEEdFV5IE8+Rih/THlyYXAvL1dxKVEtU3ErBigMN2wKJ1sxJg85Wyo2RyVRMGdbDUcVOAUgZy8TDh1TKzEMMVAVAyEvDCc1EShXKgAFHkwnLiIheQEGHgpDBRMCeXUVGB4dYHQyMCFQAAMhLwYeFDwNfgcMTHl2DDUsIH53diAaXTclIBpmFSAtCk4SJVB4eRdzDQpnMzYlHUMFIC0OXQYDAidkLTI/CHcwKgoTDRYYIRlZB3M7In8XCAgPZxU1JQ5bCSBaKHYMBDN9eBdzJwpnHioKGl8OCRAvWQdzOCd6dhslHXAOKgoaWBInAT9NABZEPxF2BAscbQgUKjgECXM8CWQXBwEeU3RnWwltHARMeXIRGgUxVhUyOikHHjgsGgwtDyp+YhUaDgNuIzY8AV10LTEOcnAmKhlXBjssOVUsOj4uXScwOjxHKgs+EngNLCN4VhUuIi1aEjgqIER8Jj4SeBIGAid+EiU+AgYCOg96cnEhW3t/ES8eM1IjZAM4WyoyVCB+MABZGX8GcQUSVw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 1228
date: Mon, 03 Aug 2020 15:49:39 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL51-C1
x-amz-cf-id: zsUIHfy3ZCkqbkkRs9wKTohdz-N_RP8N1Euc2mzwq71A5__GFUDcpg==

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame 1245 3 KB
3 KB 662ms
206ms Script
application/javascript 52.10.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/auth/&cb=2496960958&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/auth/
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.109.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-109-135.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 49547d962d1c5c3817d840bc92a5a215b90a5a8409643b18ad9aea7ca18a8ae3

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 15:49:39 GMT
server: nginx
x-adtrue-instance: java2
content-length: 3342
content-type: application/javascript

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/ 329 KB
130 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 16:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 04:05:59 GMT
server: sffe
age: 602508
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133012
x-xss-protection: 0
expires: Tue, 27 Jul 2021 16:27:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 5640
date: Mon, 03 Aug 2020 14:15:39 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 03 Aug 2020 16:15:39 GMT

GET
H2 200 HY1gwSDVcLFksCFRtCHAGWw%3D%3D Show response
dxz454z33ibrc.cloudfront.net/ 423 KB
137 KB 239ms
195ms Script
text/plain 2600:9000:214f:d000:a:1c2:c200:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:d000:a:1c2:c200:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3a49fec62e08592e6d6b22d5b32ad193cd85df1e6666787f79f65a3fdeb84f8f

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:39 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 139584
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
x-amz-cf-id: Yijec1yK4PONUQokoqXcufK70z6mEy5mOCLJZX9hvksPDQ02LyAz0Q==

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v35/ Frame 02CA 0
0 65ms
14ms Document
text/html 2600:9000:214f:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v35/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v35/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 09 Jul 2020 22:07:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Aug 2020 15:35:28 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8XArwH2j4S1E4ycTRbAiGwJz6vc5Ex9gpZdsrcC-q0fTw3SvJcbFww==
age: 852

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 171A 0
0 43ms
43ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=o3s5dxbnn2tb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHpCT07+a9OdPWtWyehduw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&size=normal&cb=o3s5dxbnn2tb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Aug 2020 15:49:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-vHpCT07+a9OdPWtWyehduw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10880
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
106 B 29ms
28ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1520125366&t=pageview&_s=1&dl=https%3A%2F%2Ftii.ai%2Fauth%2F&ul=en-us&de=UTF-8&dt=ShrinkEarn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1734684990&gjid=291461721&cid=795301080.1596469780&tid=UA-113561579-1&_gid=782316776.1596469780&_r=1&gtm=2ou7m1&z=1506970837

Requested by

Host: tii.ai
URL: https://tii.ai/auth/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 utx Show response
tantsprovisitsc.club/ 0
408 B 176ms
175ms XHR
text/plain 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/utx?cb=pPFpXvhskJjg&top=tii.ai&tid=758838
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:44 GMT
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: ATL51-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 85MTn0KMiYq_8iMDFuHzT0iR_zaW3Wyv0RP4xRFnJjuxmKb8C0okPA==

GET
H2 200 MAgHHg4PPTM0MhEpDTUVPilbDyogJT5HHUcAKCYxJCYlJWkvKxwuLzcTCEYZD1wzMmssISRHKz80HAQiMgMMDw4yAxwiAEAmDUcKIAEpAG8zNVtSajcmPyIeMSw9NB8zKjwuGhJUKhAdTTIsHx82MC4kPkU2PicvP0FZMQozNQQhHx0jPSAZAAVbPm8vMkYffUciO...
tantsprovisitsc.club/a3dYdWQKFTsYWwpKOlMRGRtlUFYtUmozABMNbEBQEURrHAYZFHYWCAQCPBMWBBksWwoOA31HIgwtHjccPBkBPTQTT2AmNipCHiIAKSIPHS4KIm02Kww+aTImOQMSHCUtIS8SEwoOHi0ADCI/ Frame 7FA8 0
0 175ms
174ms Document
text/html 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/a3dYdWQKFTsYWwpKOlMRGRtlUFYtUmozABMNbEBQEURrHAYZFHYWCAQCPBMWBBksWwoOA31HIgwtHjccPBkBPTQTT2AmNipCHiIAKSIPHS4KIm02Kww+aTImOQMSHCUtIS8SEwoOHi0ADCI/MAgHHg4PPTM0MhEpDTUVPilbDyogJT5HHUcAKCYxJCYlJWkvKxwuLzcTCEYZD1wzMmssISRHKz80HAQiMgMMDw4yAxwiAEAmDUcKIAEpAG8zNVtSajcmPyIeMSw9NB8zKjwuGhJUKhAdTTIsHx82MC4kPkU2PicvP0FZMQozNQQhHx0jPSAZAAVbPm8vMkYffUciOTEJDSU4GDk0NwgiFzdUJT0eJwsmMR4fNgUlHiAKPTM5GVA7OBkgVywcHhwpBU4dIyAcLhUnKikuMzBdLgA7QiwFOQwjCSokFRI1JycKJ0FZMQo2LgQmNicjOBoKNAUAIRMvDylSajM2LSYyMCAcLx4fCD4WHDc2MkcCRTY9PWo3IwgkDkcqKDggNzwKJRYfIQc6IScgUyMZHzYhJ2gRMDJHDUE2HDZoJB5fIxoSQgEENxsUViAiBlczNmkiVw
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: tantsprovisitsc.club
:scheme: https
:path: /a3dYdWQKFTsYWwpKOlMRGRtlUFYtUmozABMNbEBQEURrHAYZFHYWCAQCPBMWBBksWwoOA31HIgwtHjccPBkBPTQTT2AmNipCHiIAKSIPHS4KIm02Kww+aTImOQMSHCUtIS8SEwoOHi0ADCI/MAgHHg4PPTM0MhEpDTUVPilbDyogJT5HHUcAKCYxJCYlJWkvKxwuLzcTCEYZD1wzMmssISRHKz80HAQiMgMMDw4yAxwiAEAmDUcKIAEpAG8zNVtSajcmPyIeMSw9NB8zKjwuGhJUKhAdTTIsHx82MC4kPkU2PicvP0FZMQozNQQhHx0jPSAZAAVbPm8vMkYffUciOTEJDSU4GDk0NwgiFzdUJT0eJwsmMR4fNgUlHiAKPTM5GVA7OBkgVywcHhwpBU4dIyAcLhUnKikuMzBdLgA7QiwFOQwjCSokFRI1JycKJ0FZMQo2LgQmNicjOBoKNAUAIRMvDylSajM2LSYyMCAcLx4fCD4WHDc2MkcCRTY9PWo3IwgkDkcqKDggNzwKJRYfIQc6IScgUyMZHzYhJ2gRMDJHDUE2HDZoJB5fIxoSQgEENxsUViAiBlczNmkiVw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 1258
date: Mon, 03 Aug 2020 15:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL51-C1
x-amz-cf-id: yns8U0bKAFHnIUqHZS1dOrouiCe9RK19Wa9eUMKYIOupsgh-GlwWFg==

GET
H2 204 utx Show response
tantsprovisitsc.club/ 0
408 B 184ms
184ms XHR
text/plain 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/utx?cb=ibjL6Bbss8hj&top=tii.ai&tid=816960
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:44 GMT
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: ATL51-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: IiQ6-VK0hycJc9H_VRn6TGQ5R5iAKy-FtMcxoBohZXGsCZR624SXpQ==

GET
H2 200 dzVaa3gWVzkGRxYIOE0NBVlnTkoxEGgtHA9Pbl5MDQZpAhoFVnQIFBhAPg0KGFsuRRYSQX9ZPhVvahs2Lk8LLjIkeBwoADpfET1MOmM0E0ghZAgpMTMBFzwQEwYdPz4ZeBtTIjNCDwAwJnMNOjkccDsTHDh0aQ9dRXMIPR8wfxkbHTJSEwA0GwEcOisERRs6FCNXH...
tantsprovisitsc.club/ Frame 2EB5 0
0 174ms
173ms Document
text/html 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/dzVaa3gWVzkGRxYIOE0NBVlnTkoxEGgtHA9Pbl5MDQZpAhoFVnQIFBhAPg0KGFsuRRYSQX9ZPhVvahs2Lk8LLjIkeBwoADpfET1MOmM0E0ghZAgpMTMBFzwQEwYdPz4ZeBtTIjNCDwAwJnMNOjkccDsTHDh0aQ9dRXMIPR8wfxkbHTJSEwA0GwEcOisERRs6FCNXHgAsIEIiWDIfZz8tERxaHz09MGUNGC8hYzUFMR9ZPigBLkYIDCEfU2glLDJjDF0iJgAMKTs6XxxaCyJ8NwMpE14QXx4mRTsuAU9dCAwiL38jHDkyYwxdMR90CD0gGAQIDCIvUGlGSE93DCYuEnA1OS4vWikuSCZ5FhEXMGM9HBI4YAMsMS8Mf1k6IXcqPh4wXQgpPU9dEDkcLXZoUl1FcxMpPiFQMy4zL0IQHR5Gew4qERxYHilJNFASWzkvdw8HMTZsCD0pDwQPKQgvbxIHKzVzCAAdRnwIPSAYEGgpORt8HSQ7JXIYAj5SBxwNFCZUDCMABXM9ADwSbW86LiZzbw85MnsbWEgBYzYuOzt2NgktIW9jDRQTYgwCTAdgDCo7PHR8AQsYWypWLCVmDS4sGwQZPDRCQTQl
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: tantsprovisitsc.club
:scheme: https
:path: /dzVaa3gWVzkGRxYIOE0NBVlnTkoxEGgtHA9Pbl5MDQZpAhoFVnQIFBhAPg0KGFsuRRYSQX9ZPhVvahs2Lk8LLjIkeBwoADpfET1MOmM0E0ghZAgpMTMBFzwQEwYdPz4ZeBtTIjNCDwAwJnMNOjkccDsTHDh0aQ9dRXMIPR8wfxkbHTJSEwA0GwEcOisERRs6FCNXHgAsIEIiWDIfZz8tERxaHz09MGUNGC8hYzUFMR9ZPigBLkYIDCEfU2glLDJjDF0iJgAMKTs6XxxaCyJ8NwMpE14QXx4mRTsuAU9dCAwiL38jHDkyYwxdMR90CD0gGAQIDCIvUGlGSE93DCYuEnA1OS4vWikuSCZ5FhEXMGM9HBI4YAMsMS8Mf1k6IXcqPh4wXQgpPU9dEDkcLXZoUl1FcxMpPiFQMy4zL0IQHR5Gew4qERxYHilJNFASWzkvdw8HMTZsCD0pDwQPKQgvbxIHKzVzCAAdRnwIPSAYEGgpORt8HSQ7JXIYAj5SBxwNFCZUDCMABXM9ADwSbW86LiZzbw85MnsbWEgBYzYuOzt2NgktIW9jDRQTYgwCTAdgDCo7PHR8AQsYWypWLCVmDS4sGwQZPDRCQTQl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 1271
date: Mon, 03 Aug 2020 15:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL51-C1
x-amz-cf-id: kyVxX7df4TqpzNtiyXNF6Jy82VkWh3_lVGPE6nsSZSHv_INZVz3L_w==

GET
H2 204 utx Show response
tantsprovisitsc.club/ 0
409 B 176ms
176ms XHR
text/plain 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/utx?cb=XDR83BUvRvjT&top=tii.ai&tid=773609
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:44 GMT
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: ATL51-C1
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://tii.ai
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: 9Nz7HPXQPLEgfGX-8fTm75vw1oNksRxvBuuCmlZaKQvlwGpVwKVyzg==

GET
H2 200 YXgxVjAAGlI7DwBFU3BFExQMcwInXQMQVBkCBWMEG0sCP1ITGx81XA4NVTBCDhZFeF4EDBRkdlk1dBB6L0h3AnwIHGMwWzAXfQdAUzoCHBVTPnNlVzYzSyZpLUhzbnkWTHwXYiNNVxJcWDlJPmYgD1YsUlE1BgB4GU90BQEzNEhieztJZCB7BghGEFkgDGcORyQiS...
tantsprovisitsc.club/ Frame DE72 0
0 229ms
224ms Document
text/html 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/YXgxVjAAGlI7DwBFU3BFExQMcwInXQMQVBkCBWMEG0sCP1ITGx81XA4NVTBCDhZFeF4EDBRkdlk1dBB6L0h3AnwIHGMwWzAXfQdAUzoCHBVTPnNlVzYzSyZpLUhzbnkWTHwXYiNNVxJcWDlJPmYgD1YsUlE1BgB4GU90BQEzNEhieztJZCB7BghGEFkgDGcORyQiS2d4LRRFbnkKOUMHYygLYwViMzZcb3MoOQElegpIXg5zURd0OH5THHY1eDs5ey5pNxdWA0kGFmAvBSUzZiF1IABnLFU3TEcEczAUdDh9IDRyPmU7OXsuegoqWhdeJAB0OH0gG3l7XA4bcAdVBzoEPXEPPV4ESicbexIFMjEAJV8xKnssVA8qBxd3WTxVZEcnG2MxQSgtfCVoJioGMncwO1IFZgQzXQBbBA9SO2YyMVgBdwYuUmVcNDNkH0UrPns9cQYcSRR3WTlTZQAmG2AYRgcPaz1xDz0HAFkFKnwvcTIbAgwABB9zIHFSHEcHXhktUjhfJDF3DEkCPmdiZikhQxdZMy57LwAxMnAQAgQffDxxMi1FFGM3LnghFgsLXjhAXBIIGwEwSHoufSMpUxQIEw
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: tantsprovisitsc.club
:scheme: https
:path: /YXgxVjAAGlI7DwBFU3BFExQMcwInXQMQVBkCBWMEG0sCP1ITGx81XA4NVTBCDhZFeF4EDBRkdlk1dBB6L0h3AnwIHGMwWzAXfQdAUzoCHBVTPnNlVzYzSyZpLUhzbnkWTHwXYiNNVxJcWDlJPmYgD1YsUlE1BgB4GU90BQEzNEhieztJZCB7BghGEFkgDGcORyQiS2d4LRRFbnkKOUMHYygLYwViMzZcb3MoOQElegpIXg5zURd0OH5THHY1eDs5ey5pNxdWA0kGFmAvBSUzZiF1IABnLFU3TEcEczAUdDh9IDRyPmU7OXsuegoqWhdeJAB0OH0gG3l7XA4bcAdVBzoEPXEPPV4ESicbexIFMjEAJV8xKnssVA8qBxd3WTxVZEcnG2MxQSgtfCVoJioGMncwO1IFZgQzXQBbBA9SO2YyMVgBdwYuUmVcNDNkH0UrPns9cQYcSRR3WTlTZQAmG2AYRgcPaz1xDz0HAFkFKnwvcTIbAgwABB9zIHFSHEcHXhktUjhfJDF3DEkCPmdiZikhQxdZMy57LwAxMnAQAgQffDxxMi1FFGM3LnghFgsLXjhAXBIIGwEwSHoufSMpUxQIEw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 1270
date: Mon, 03 Aug 2020 15:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL51-C1
x-amz-cf-id: P_6Z1qevK9vIXHhEXbaoN-m4D_F7vcwNLRfytxmyL5wGkKS23th_zw==

GET
H2 200 UzsPeHgXAQt9KQANbHU
tantsprovisitsc.club/T25KOTcuDClUCC5TKB9CPQJ3HAUJS3h/UzcUfgwDNV15UFU9DWRaWyAbLl9FIAA+F1kqGm8LcX0MHwwDFTtydn4dNw5adSQAAn9fezkCY3YZABB1fQ4dAXBlfhQJb3oOOSBaTRkZH3V+C1Y9fWI8WAtecTY2eF5iDS0PclR+WgtwZnoU... Frame A8DE 0
0 171ms
168ms Document
text/html 13.249.125.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tantsprovisitsc.club/T25KOTcuDClUCC5TKB9CPQJ3HAUJS3h/UzcUfgwDNV15UFU9DWRaWyAbLl9FIAA+F1kqGm8LcX0MHwwDFTtydn4dNw5adSQAAn9fezkCY3YZABB1fQ4dAXBlfhQJb3oOOSBaTRkZH3V+C1Y9fWI8WAtecTY2eF5iDS0PclR+WgtwZnoUGWx6Oi0ZQXEaOSFge387A3B1LAAMeFw6PQJOEn0sH35xKw96SWEVGQtPcDgZIn5kCiIObkcqKgwIbykZG15zDi8gan83Jwl6AwAPeklhBix/S2QjO3lqfzcnHHEPNgh6TgEqBRhLZCM7P3FjezsLfVAGIggUegIhelEPHwIIAWAiLAZsBT8ILFV2ACQyUl0JKwgAeyIaAW9kAisAawYOCBwJRwc/E1J2IgoubwR3IQBeWAQnLVFFHAcECm8iLANqBDsNLFJDAwscQUUcAh8BcwwJEH9OFScsfQIeCAxJUBxfBElwByMpb1k3CwZBAhgKLQAEBygDTWAMHS54Tjs4AQlbHAgMUkQcPw9LbzYBLntAaQQ5Vlk/UzsPeHgXAQt9KQANbHU
Requested by: Host: dxz454z33ibrc.cloudfront.net
URL: https://dxz454z33ibrc.cloudfront.net/HY1gwSDVcLFksCFRtCHAGWw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.249.125.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.17.8.2 /
Resource Hash

Request headers

:method: GET
:authority: tantsprovisitsc.club
:scheme: https
:path: /T25KOTcuDClUCC5TKB9CPQJ3HAUJS3h/UzcUfgwDNV15UFU9DWRaWyAbLl9FIAA+F1kqGm8LcX0MHwwDFTtydn4dNw5adSQAAn9fezkCY3YZABB1fQ4dAXBlfhQJb3oOOSBaTRkZH3V+C1Y9fWI8WAtecTY2eF5iDS0PclR+WgtwZnoUGWx6Oi0ZQXEaOSFge387A3B1LAAMeFw6PQJOEn0sH35xKw96SWEVGQtPcDgZIn5kCiIObkcqKgwIbykZG15zDi8gan83Jwl6AwAPeklhBix/S2QjO3lqfzcnHHEPNgh6TgEqBRhLZCM7P3FjezsLfVAGIggUegIhelEPHwIIAWAiLAZsBT8ILFV2ACQyUl0JKwgAeyIaAW9kAisAawYOCBwJRwc/E1J2IgoubwR3IQBeWAQnLVFFHAcECm8iLANqBDsNLFJDAwscQUUcAh8BcwwJEH9OFScsfQIeCAxJUBxfBElwByMpb1k3CwZBAhgKLQAEBygDTWAMHS54Tjs4AQlbHAgMUkQcPw9LbzYBLntAaQQ5Vlk/UzsPeHgXAQt9KQANbHU
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ut=x
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html
content-length: 1250
date: Mon, 03 Aug 2020 15:49:44 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b0cbf3ff399b82fca26af1186509acfa.cloudfront.net (CloudFront)
x-amz-cf-pop: ATL51-C1
x-amz-cf-id: 9IsKxrj1Jc__R_3czmCRBT7sxNPwbwguMAERiKDfBcOIejjC1buv2Q==

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
764 B 284ms
65ms XHR
application/json 139.45.195.162
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.162 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

24d24b24d450945690c522f09017c3fdaf1961d252604a622af97c2531ff36af

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 15:49:45 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://tii.ai
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v35/ 250 KB
68 KB 9ms
8ms Script
text/javascript 2600:9000:214f:3200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:3200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5473df52a14c0356aec01678c4eb7b16c1311a18519f7c1fc8d37bb7cafe9dda

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:38:53 GMT
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 22:07:14 GMT
server: AmazonS3
age: 652
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 975Q_GL0nQF3sZFqInsUu-CnWzF7TmNHRuP1aE7kM9Gl3EHLFJ5MvA==
via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)

GET
H2 200 prebid3.16.0.js Show response
cdn.adtrue.com/pb/ Frame 1245 175 KB
56 KB 23ms
21ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/auth/&cb=2496960958&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/auth/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 20 Apr 2020 02:42:42 GMT
server: cloudflare
age: 8767537
etag: W/"5e9d0c22-2bc02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bd130bc1e4805c8-FRA
cf-request-id: 04569cc991000005c8dca83200000001
expires: Mon, 19 Apr 2021 04:24:07 GMT

GET
H2 200 request
track.adtrue.com/track/ Frame 0509 0
0 687ms
212ms Document
text/html 54.148.186.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2Fauth%2F&loc=https%3A%2F%2Ftii.ai%2Fauth%2F
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https://tii.ai/auth/&cb=2496960958&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/auth/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.186.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/request?pzoneid=18694&domain=tii.ai&ref=https%3A%2F%2Ftii.ai%2Fauth%2F&loc=https%3A%2F%2Ftii.ai%2Fauth%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
date: Mon, 03 Aug 2020 15:49:45 GMT
content-type: text/html
content-length: 397
server: nginx
x-host-name: java4

GET
H/1.1 200
OK 3487732 Show response
inpagepush.com/500/ 2 KB
2 KB 354ms
230ms XHR
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=&oaid=335fcbd098d640479f9b1bc5fd41672d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ftii.ai%2Fauth%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

683b6b8c9a2553187b64f4038a2881b7b6ae12533ab4e596114543c9df721a52

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Aug 2020 15:49:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c2c1b179c572747131f9571af6d7b3d6
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://tii.ai
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 99 KB
18 KB 46ms
11ms XHR
application/json 2600:9000:2057:c00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:c00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 16:10:33 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 344353
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 16:00:38 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: reOIFJV51MP7DSnJY4Drcaf.WGBefbQC
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: 6LLnn3B0pihO_EeYVi9gT9oIJb4n3CnZmC9RUTXJpTN_2jPKGgV3dQ==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1245 19 B
704 B 177ms
60ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 15:49:45 GMT
X-Proxy-Origin: 165.231.142.36; 165.231.142.36; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.105:80
AN-X-Request-Uuid: 298b4233-f598-4123-ab7e-6a0776ecc11e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 256C 0
0 18ms
16ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=nek22z6fll3s

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/AFBwIe6h0oOL7MOVu88LHld-/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EtVboug7PNVGd+6QQdRlhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=AFBwIe6h0oOL7MOVu88LHld-&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=nek22z6fll3s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 Aug 2020 15:49:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-EtVboug7PNVGd+6QQdRlhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1179
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
259 B 184ms
69ms XHR
application/json 18.196.217.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.217.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:45 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://tii.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET popunder.gif
boudja.com/ 0
0

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 548D 692 B
677 B 16ms
15ms Script
application/x-javascript 2606:4700:10::6814:326f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: tii.ai
URL: https://tii.ai/auth/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:326f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 06:49:22 GMT
server: cloudflare
age: 26987193
etag: W/"5833ea72-2b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31104000
cf-ray: 5bd130c1386c05c8-FRA
cf-request-id: 04569cccc0000005c8dcac1200000001
expires: Sun, 20 Sep 2020 07:23:12 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 popunder.gif
deserswhene.club/ 35 B
367 B 286ms
151ms Image
image/gif 13.35.254.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deserswhene.club/popunder.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.73 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-73.fra6.r.cloudfront.net
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Mon, 03 Aug 2020 15:49:46 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront)
x-amz-cf-id: GhmeEqSL6BFiZRcxKh-BBWjXAjMOdjTVY3alseG8YFzcePmwatA9MA==

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
s-img.steepto.com/g/3835474/328x328/0x0x860x573/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|btAmVqw690BXyaQXPIJZnLbVdqwbuAp-JBysFVBN72qoJ1LrkE0v5PUnNiMu8Tl6&cid=949756&f=1&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445615bcZAcp2ph20200...
https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp

5 KB
6 KB

122ms
41ms

Image
image/webp

104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119c9f7d75b022f9ca6add42cce7b9e3a0b60160798d27aa1341fff5a826836d

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:46 GMT
cf-cache-status: HIT
x-mg-request-uuid: afa3dca9-d4ae-4cd6-b424-6a3644a67d2e
age: 928037
status: 200
content-length: 5208
cf-request-id: 04569ccecb00001685599a1200000001
last-modified: Thu, 23 Jul 2020 22:02:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5bd130c478661685-ARN
expires: Tue, 03 Aug 2021 15:49:46 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:46 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: f592edfd-c3e1-432a-ab30-6e02735d1d62
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130c2f8b4f13e-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04569ccddd0000f13e488b3200000001
server: cloudflare

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
477 B 185ms
62ms XHR
text/html 13.35.254.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1596469786068;AdShort%20Media%20Advertising;https%3A%2F%2Ftii.ai%2Fauth%2F;;;;;b,off,false,,1,en,35,213,true,false,false;displayConsentUi:mandatory,;GDPR-1lus87wkyxv37by4ep7q
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.254.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-89.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 03:12:43 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
vary: Origin
age: 45424
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: OARQ0fqUeklQ79IRWBUlpedvp1_Nw3T6ak46UmjkqXrplCVqja8NWQ==

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 548D 511 B
598 B 215ms
215ms Script
application/javascript 52.10.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1121345484
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.10.109.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-10-109-135.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 51ddb9e33f565949cd20591a0c4e154f8482165ff0c04503d45feb4ddcd62f3c

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 15:49:46 GMT
server: nginx
content-length: 511
content-type: application/javascript

GET
H2 200 exchange.adtrue.com.892972.js Show response
jsc.mgid.com/e/x/ Frame 548D 222 KB
60 KB 75ms
67ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1121345484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8cec1160d77c1f447c83e354b09b8bf21ec1eda8487d7610e0d6f43dcea0bd

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 269
cf-polished: origSize=227268
status: 200
last-modified: Wed, 29 Jul 2020 13:41:00 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 12C7BAE1FA81313A
x-amz-id-2: E4+9fcoe02QlOlORCeEDW9SJPxlwhxJ8AID1xALbEJFekAw90lC17t+D+lLy+/Ee+3XPPtfCl0M=
cf-bgj: minify
server: cloudflare
etag: W/"a5bb55b19ae0817cddd3d72d9b3af0d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 04569cd0390000f13e488d9200000001
cf-ray: 5bd130c6cfb4f13e-ARN
expires: Mon, 03 Aug 2020 16:49:46 GMT

GET
H2 200 passback
track.adtrue.com/track/ Frame 0BC2 0
0 212ms
211ms Document
text/html 54.148.186.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adtrue.com/track/passback?pzoneid=18694
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1121345484
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.186.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: track.adtrue.com
:scheme: https
:path: /track/passback?pzoneid=18694
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/auth/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.1573234276.1596469786; _gid=GA1.2.1179399441.1596469786; _gat_gtag_UA_66441855_40=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

status: 200
date: Mon, 03 Aug 2020 15:49:46 GMT
content-type: text/html
content-length: 0
server: nginx
x-host-name: java1

GET
H2 200 css
fonts.googleapis.com/ Frame 548D 2 KB
670 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:24:20 GMT
server: ESF
date: Mon, 03 Aug 2020 15:49:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Aug 2020 15:49:46 GMT

GET
DATA 200
OK truncated
/ Frame 548D 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 548D 9 KB
9 KB 15ms
9ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://tii.ai

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 619991
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 1 Show response
servicer.mgid.com/892972/ Frame 548D 958 B
769 B 71ms
69ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/892972/1?w=300&h=250&cols=1&pv=5&cbuster=1596469786948585890814&uniqId=0e924&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Ftii.ai%2Fauth%2F&lu=https%3A%2F%2Ftii.ai%2Fauth%2F&pageView=1&pvid=173b503b94590cc1f51&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebfecfee6a505463dbd3c65f52bb2cd9065235444fc2c81813ee264d2d4b5605

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130c88b12f13e-ARN
content-type: application/x-javascript; charset=utf-8
cf-request-id: 04569cd1580000f13e488f0200000001

GET
H2 200 i.js Show response
cm.mgid.com/ Frame 548D 1 KB
692 B 68ms
67ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1596469787028307482550
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ad3ee55ff9bc100c5c8571e526b5b26cf119a62c99f0c9bb8c25072b0de1ed

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: bdda45f8-ee69-4633-a26a-201d23b4d86b
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04569cd1a70000f13e488f6200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130c90c00f13e-ARN

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame E4EE 186 B
668 B 65ms
65ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1596469787033888795006
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 07045bd3-3b1e-4382-9296-24949a543bf5
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04569cd1ac0000f13e488f7200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130c91c0af13e-ARN

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw**.webp Show response
s-img.mgid.com/g/3944301/492x328/0x0x900x600/ Frame 548D 44 KB
44 KB 135ms
46ms Fetch
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s-img.mgid.com/g/3944301/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw**.webp
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231469f6b86ec520cbdcd3eebbb079f2f9ac8f154109799e9a5032a3507642cb

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: ef16df0f-5e50-4518-8da4-520822748e69
age: 246681
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44986
cf-request-id: 04569cd205000015e8269e4200000001
last-modified: Fri, 26 Jun 2020 01:58:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bd130c9ac2515e8-ARN

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ Frame 548D 2 KB
1 KB 57ms
55ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 3067
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 04569cd1b20000f13e488fa200000001
cf-ray: 5bd130c91c1cf13e-ARN

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw**.webp
s-img.mgid.com/g/3944301/492x328/0x0x900x600/ Frame 548D 44 KB
44 KB 42ms
41ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944301/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE3NTA3Nzk0Mjg0ZTNmNTEyNzQ2OGVhNDExZTJmMmZlLnBuZw**.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 231469f6b86ec520cbdcd3eebbb079f2f9ac8f154109799e9a5032a3507642cb

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: HIT
age: 1448103
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44986
cf-request-id: 04569cd1b10000f13e488f9200000001
last-modified: Tue, 30 Jul 2019 12:01:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5bd130c91c1bf13e-ARN
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 395F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

218ms
64ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1596469787028307482550
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/auth/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 29 Jul 2020 16:40:43 GMT
Content-Encoding: gzip
Content-Length: 9470
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=50018
Expires: Tue, 04 Aug 2020 05:43:25 GMT
Date: Mon, 03 Aug 2020 15:49:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Mon, 03 Aug 2020 15:49:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.idealmedia.io/setmuidn/ Frame 548D 0
556 B 158ms
63ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k73KOcE2QFN8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130ca2911f134-ARN
content-type: image/gif
cf-request-id: 04569cd2540000f1343ab0d200000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ Frame 548D 0
328 B 177ms
53ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k73KOcE2QFN8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

google
cm.mgid.com/ Frame 548D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azczS09jRTJRRk44&muidn=k73KOcE2QFN8
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azczS09jRTJRRk44&muidn=k73KOcE2QFN8&google_tc=
https://cm.mgid.com/google?muidn=k73KOcE2QFN8&google_ula={guid},5&google_gid=CAESEGa49NGp0NhgKHYo_eVz6ik&google_cver=1

0
96 B

63ms
62ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k73KOcE2QFN8&google_ula={guid},5&google_gid=CAESEGa49NGp0NhgKHYo_eVz6ik&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130ca9f68f13e-ARN
content-type: text/plain
cf-request-id: 04569cd29f0000f13e48902200000001

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k73KOcE2QFN8&google_ula={guid},5&google_gid=CAESEGa49NGp0NhgKHYo_eVz6ik&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame 548D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=a78ff848-2cca-4449-975d-f61bcadd3734&ttl=1599061787

43 B
211 B

66ms
66ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=a78ff848-2cca-4449-975d-f61bcadd3734&ttl=1599061787
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: d2719fb8-ffc3-459a-a4da-e152822625c1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130ca9f65f13e-ARN
content-type: image/gif
cf-request-id: 04569cd29e0000f13e48901200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=a78ff848-2cca-4449-975d-f61bcadd3734&ttl=1599061787
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/ Frame 548D
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMQZaAyxLpEk.AikABlFztQN_Vw&expires=30&ssp=mgid
https://x.bidswitch.net/ul_cb/sync?dsp_id=9&user_id=uMQZaAyxLpEk.AikABlFztQN_Vw&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=d517773b-b12d-4767-8647-a48bbc41fa78

43 B
315 B

67ms
67ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=d517773b-b12d-4767-8647-a48bbc41fa78
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 8936ad0d-6b81-4333-b370-89385b88050d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130cd2c44f13e-ARN
content-type: image/gif
cf-request-id: 04569cd4340000f13e48917200000001
server: cloudflare

Redirect headers

status: 302
date: Mon, 03 Aug 2020 15:49:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=d517773b-b12d-4767-8647-a48bbc41fa78
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/ Frame 548D
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=SU8WVIAyRpCX0wb20MSf&pi=mgid&tc=1

43 B
253 B

71ms
62ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=SU8WVIAyRpCX0wb20MSf&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 20798004-f7ef-4930-a468-825595abc2d2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130ca8f55f13e-ARN
content-type: image/gif
cf-request-id: 04569cd2990000f13e48900200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT, Mon, 03 Aug 2020 15:49:47 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=SU8WVIAyRpCX0wb20MSf&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/ Frame 548D
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=6ce045bf-fb85-46fa-847d-6d472abd6e32

43 B
331 B

70ms
67ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=6ce045bf-fb85-46fa-847d-6d472abd6e32
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 386fa24e-bc86-4f2f-bae9-35cd49f1269f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130cebee5f13e-ARN
content-type: image/gif
cf-request-id: 04569cd52e0000f13e4891c200000001
server: cloudflare

Redirect headers

date: Mon, 03 Aug 2020 15:49:47 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=6ce045bf-fb85-46fa-847d-6d472abd6e32
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55859/ Frame 548D
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k73KOcE2QFN8
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k73KOcE2QFN8
https://pixel.advertising.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=
https://pixel.advertising.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0
https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0&verify=true

0
977 B

59ms
58ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 15:49:47 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Mon, 03 Aug 2020 15:49:47 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=3b11bde3-2c92-4216-b05b-4711a79cc071&_origin=1&gdpr=&gdpr_consent=&apid=UPf53905d3-d5a0-11ea-8851-0683af1171e0&verify=true
Connection: keep-alive
Content-Length: 0

GET tr.php
udata.mixmarket.biz/ Frame E4EE 0
0

GET
DATA 200
OK truncated
/ Frame 548D 44 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 231469f6b86ec520cbdcd3eebbb079f2f9ac8f154109799e9a5032a3507642cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 c
c.mgid.com/ Frame 548D 43 B
283 B 147ms
146ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=300|200|28|gk2jiZ4a5KR8_Z3Qc0-8MFGo9k8CVlNdYqPkU6aF8iHmcA3drBKF9YFho8DBFBrs&fw=1&extjs=66046&imgdim=1&cid=892972&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=f4fc12da-d5a0-11ea-b679-d094662c24f7&tt=Direct&pageImp=1&muid=k73KOcE2QFN8&cbuster=1596469788112532248873&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:48 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 7cd91024-bc17-4fa9-8425-7ef91918aa65
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130cfd925f13e-ARN
content-type: image/gif
cf-request-id: 04569cd5e90000f13e48928200000001
server: cloudflare

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 498F 0
0 199ms
64ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid3.16.0.js?v=2.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/auth/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tii.ai/auth/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 03 Aug 2021 15:49:48 GMT
Date: Mon, 03 Aug 2020 15:49:48 GMT
Connection: keep-alive

GET
H/1.1 200
OK nftr-qgcnq0KwzpIUwvMdePWBE8y25QG1BZewEmHcFDNyxMVt1q6m8VD9GMH-OAfK1ozxBmETp4J7-TFrdD6CpAuDO5gJd8lccO1_lV4LZGmhaYNudGQctEB0VqW_TdesRQ-A8JPCaaskH8ceD71jXM9X6ahuT-9zI9G9RTP5gNSQ1hJ1JnmnerllqislnpFX47T1...
onstunkyr.com/impression/ 43 B
482 B 273ms
74ms Image
image/gif 139.45.195.176
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/nftr-qgcnq0KwzpIUwvMdePWBE8y25QG1BZewEmHcFDNyxMVt1q6m8VD9GMH-OAfK1ozxBmETp4J7-TFrdD6CpAuDO5gJd8lccO1_lV4LZGmhaYNudGQctEB0VqW_TdesRQ-A8JPCaaskH8ceD71jXM9X6ahuT-9zI9G9RTP5gNSQ1hJ1JnmnerllqislnpFX47T19G0PVJUSvpgKi1Yctbu9JAOjtRxJk3Rd-ajZVJ-hzBjFJMrgqm5Q3LaWCSvZtKBbIE_yEIRDJAfz3EaUL1bDkR2vkKVRVNFJ3NDtBXF2eyEaj349MCEGt8Qc8x-153ySA==?z=3487732&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Ftii.ai%2Fauth%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.176 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: c8e995283c84fb707a47f36f7ff3ddd4
Pragma: no-cache
Date: Mon, 03 Aug 2020 15:49:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
s-img.steepto.com/g/3835474/328x328/0x0x860x573/ Frame 7E8B
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|btAmVqw690BXyaQXPIJZnLbVdqwbuAp-JBysFVBN72qoJ1LrkE0v5PUnNiMu8Tl6&cid=949756&f=1&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=z3487732zb6445615bcZAcp2ph20200...
https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp

5 KB
5 KB

45ms
44ms

Image
image/webp

104.19.135.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119c9f7d75b022f9ca6add42cce7b9e3a0b60160798d27aa1341fff5a826836d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:49:49 GMT
cf-cache-status: HIT
x-mg-request-uuid: afa3dca9-d4ae-4cd6-b424-6a3644a67d2e
age: 928040
status: 200
content-length: 5208
cf-request-id: 04569cdc370000168559a36200000001
last-modified: Thu, 23 Jul 2020 22:02:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5bd130d9fb701685-ARN
expires: Tue, 03 Aug 2021 15:49:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 15:49:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b0188c8a-2e15-4eee-8352-ac2665bfec36
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/3835474/328x328/0x0x860x573/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdlMjAwZjhmZDEyNDMyZWIzZmEzYTI3NzMzYjMzMTk1LmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5bd130d89809f13e-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04569cdb5f0000f13e4897c200000001
server: cloudflare

GET
H/1.1 200
OK 3487732 Show response
inpagepush.com/500/ 10 B
705 B 67ms
66ms XHR
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=6445615&oaid=335fcbd098d640479f9b1bc5fd41672d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Ftii.ai%2Fauth%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/auth/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 03 Aug 2020 15:49:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 10
X-Trace-Id: 582dfe5ebd951f4b1f41e2a67312d440
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://tii.ai
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d3al52d8cojds7.cloudfront.net
URL: https://d3al52d8cojds7.cloudfront.net/?tid=758838

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Domain: boudja.com
URL: https://boudja.com/popunder.gif

Domain: udata.mixmarket.biz
URL: https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tii.ai/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
			tii.ai/	1969-12-31 23:59:59	Name: ab Value: 2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v35/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	debug	URL: https://jsc.mgid.com/e/x/exchange.adtrue.com.892972.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ams.creativecdn.com
aphycolourses.info
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
boudja.com
c.mgid.com
cdn.adtrue.com
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
d3al52d8cojds7.cloudfront.net
dc5k8fg5ioc8s.cloudfront.net
deserswhene.club
dxz454z33ibrc.cloudfront.net
eus.rubiconproject.com
exchange.adtrue.com
fenailany.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
inpagepush.com
jsc.mgid.com
match.adsrvr.org
my.rtmark.net
onstunkyr.com
pixel.advertising.com
px.adhigh.net
quantcast.mgr.consensu.org
rtb-usw.mfadsrvr.com
s-img.mgid.com
s-img.steepto.com
s3.amazonaws.com
secure-assets.rubiconproject.com
servicer.mgid.com
shrinkearn.com
static.quantcast.mgr.consensu.org
tantsprovisitsc.club
tii.ai
track.adtrue.com
udata.mixmarket.biz
ups.analytics.yahoo.com
vendorlist.consensu.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
x.bidswitch.net
boudja.com
d3al52d8cojds7.cloudfront.net
udata.mixmarket.biz
104.111.230.142
104.16.199.73
104.19.132.78
104.19.134.78
104.19.135.80
13.249.125.101
13.35.254.73
13.35.254.89
136.243.75.33
139.45.195.162
139.45.195.176
139.45.196.72
143.204.208.134
172.217.18.2
18.196.217.48
185.184.8.30
185.33.220.241
23.105.245.5
23.210.249.83
23.5.109.251
2600:9000:2057:c00:1:af78:4c0:93a1
2600:9000:214f:3200:9:46dc:4700:93a1
2600:9000:214f:5a00:9:46dc:4700:93a1
2600:9000:214f:d000:a:1c2:c200:21
2606:4700:10::6814:326f
2606:4700:20::6819:832c
2606:4700:3036::681b:b9c0
2a00:1450:4001:801::2004
2a00:1450:4001:808::2008
2a00:1450:4001:814::2003
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81e::200a
3.126.56.137
3.126.63.176
35.157.168.25
35.212.212.222
51.178.195.173
52.10.109.135
52.217.88.238
52.50.67.37
52.86.219.129
54.148.186.197
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
119c9f7d75b022f9ca6add42cce7b9e3a0b60160798d27aa1341fff5a826836d
231469f6b86ec520cbdcd3eebbb079f2f9ac8f154109799e9a5032a3507642cb
24d24b24d450945690c522f09017c3fdaf1961d252604a622af97c2531ff36af
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
38a785b99b44422997eabef556a6326eca4029b66b7f55682ea7bd05ee84e276
3a49fec62e08592e6d6b22d5b32ad193cd85df1e6666787f79f65a3fdeb84f8f
3b90d10d60cd1609b54fb8ab62e119c7cde85bbd289e285693e18c9e2ce98b78
3ba110c59f4fdd97a91d83fb41f2acfa25928f830382f45c3e0b8bb1082fc06a
40797541de872ad815d81eb869fbcfecfb47577121b2a3325f4db6448d816170
49547d962d1c5c3817d840bc92a5a215b90a5a8409643b18ad9aea7ca18a8ae3
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51ddb9e33f565949cd20591a0c4e154f8482165ff0c04503d45feb4ddcd62f3c
5473df52a14c0356aec01678c4eb7b16c1311a18519f7c1fc8d37bb7cafe9dda
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5cdfa83efe8e1c78239a7438231903de9dd92a5c623e78da111638eaafc419e5
62b07f5b473f87a3ebe9738f063584774f835dcf8b0c423cab5f8515c93553f5
67ad3ee55ff9bc100c5c8571e526b5b26cf119a62c99f0c9bb8c25072b0de1ed
683b6b8c9a2553187b64f4038a2881b7b6ae12533ab4e596114543c9df721a52
6fcb1b5c9105e3d96f12a8a2da14426d55459c725b07ec500be66298971c0510
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
7e9d2542d562d9ae9e0b476c580b7aa096227f795c4c40cc899ec729414dff04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8b80635d65f907b3eccd5b25b9ce269f3ea4ae3ff47ac34d59e533dc782aef80
8f8cec1160d77c1f447c83e354b09b8bf21ec1eda8487d7610e0d6f43dcea0bd
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92a42e8512e6a56fe2d3b051b199aa61a200de89b0792182ba641a43ab4361b7
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
99453711e63d632c588d912394bd634920d80a2edf081aa2b5afb3d04cc392d9
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c31924c39518af1f9c7c67280c958ff4c6d1356ddbae16e02aa528176a9cde2
9eca13367080cdfde12b1051b4d64ca6c4fee0f4966dedb7a2f4a07716b3865e
a02f96cfc9407ea221d62bd3404a88078c854b20647b5ebcd8a091b6490d70cf
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
bbfdf00bfbcafbe701ab7e6ab991fa0a2cdd2def78339ed3ec37bf85de410a66
c32ef61412692fadee5b42c0b9fad18bc296d8e9ce79346bbec5232d32a3b184
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfecfee6a505463dbd3c65f52bb2cd9065235444fc2c81813ee264d2d4b5605
f19d89cdbffedb9bd8a76d2423a06280ddd513070445f2c11a1a5f6af8834f65
f3c689523d23693d898b0fff66ef380027572e1896e28552f0e029a5626dd46b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

tii.ai Open in urlscan Pro 2606:4700:3036::681b:b9c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

79 Requests

95 %HTTPS

32 %IPv6

35 Domains

52 Subdomains

37 IPs

8 Countries

1251 kBTransfer

3073 kBSize

2 Cookies

10 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tii.ai Open in urlscan Pro
2606:4700:3036::681b:b9c0 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

95 %
HTTPS

32 %
IPv6

35
Domains

52
Subdomains

37
IPs

8
Countries

1251 kB
Transfer

3073 kB
Size

2
Cookies

79 HTTP transactions
3 data transactions