tii.ai Open in urlscan Pro
2606:4700:3035::6815:48c5 Public Scan

URL:
https://tii.ai/QDRz8F
Submission: On May 04 via manual (May 4th 2021, 9:20:21 am UTC) from UA

Summary HTTP 117 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 48 IPs in 6 countries across 47 domains to perform 117 HTTP transactions. The main IP is 2606:4700:3035::6815:48c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is tii.ai.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.

This is the only time tii.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3035::6815:48c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.255.6.44 172.255.6.44	7979 (SERVERS-COM) (SERVERS-COM)
5	2606:4700:10:... 2606:4700:10::6816:3081	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:206... 2600:9000:206f:8400:1a:c7f7:5540:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
4	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	54.144.3.29 54.144.3.29	14618 (AMAZON-AES) (AMAZON-AES)
5	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:d76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	54.148.164.15 54.148.164.15	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1 1	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
1	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
9	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	63.34.247.151 63.34.247.151	16509 (AMAZON-02) (AMAZON-02)
1	54.230.182.143 54.230.182.143	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:210... 2600:9000:2104:5400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	51.195.5.232 51.195.5.232	16276 (OVH) (OVH)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5 11	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 3	34.250.26.236 34.250.26.236	16509 (AMAZON-02) (AMAZON-02)
2 2	63.33.120.132 63.33.120.132	16509 (AMAZON-02) (AMAZON-02)
1 1	3.11.29.5 3.11.29.5	16509 (AMAZON-02) (AMAZON-02)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	2606:4700:303... 2606:4700:3038::6815:eb99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.246.113.218 54.246.113.218	16509 (AMAZON-02) (AMAZON-02)
2	139.45.197.188 139.45.197.188	9002 (RETN-AS) (RETN-AS)
8	104.19.133.80 104.19.133.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	67.27.233.249 67.27.233.249	3356 (LEVEL3) (LEVEL3)
4	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	104.19.136.80 104.19.136.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	139.45.197.14 139.45.197.14	9002 (RETN-AS) (RETN-AS)
117	48

9 2606:4700:3035::6815:48c5 (United States)

ASN13335 (CLOUDFLARENET, US)

tii.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.255.6.44 (Netherlands)

ASN7979 (SERVERS-COM, US)

voltskegscurate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:3081 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:8400:1a:c7f7:5540:21 (United States)

ASN16509 (AMAZON-02, US)

d38itq6vdv6gr9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.241.23 (United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.3.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dejourned.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.148.164.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-164-15.us-west-2.compute.amazonaws.com

exchange.adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.114 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.247.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.182.143 (United States)

ASN16509 (AMAZON-02, US)

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:5400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.195.5.232 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: p15.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.87 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.250.26.236 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.120.132 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.29.5 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-29-5.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb99 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-adtrue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.113.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.133.80 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.27.233.249 (United States)

ASN3356 (LEVEL3, US)

cdn.run-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.136.80 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.14 (United Kingdom)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com	44 KB
10	adtrue.com cdn.adtrue.com exchange.adtrue.com	178 KB
9	zeotap.com spl.zeotap.com mwzeom.zeotap.com	3 KB
9	tii.ai tii.ai	327 KB
8	adskeeper.co.uk jsc.adskeeper.co.uk c.adskeeper.co.uk cdn.adskeeper.co.uk servicer.adskeeper.co.uk cm.adskeeper.co.uk s-img.adskeeper.co.uk	87 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	679 KB
5	inpagepush.com inpagepush.com	32 KB
5	google.com www.google.com	18 KB
4	criteo.net static.criteo.net	103 KB
4	criteo.com gum.criteo.com bidder.criteo.com	836 B
4	themoneytizer.com ads.themoneytizer.com	198 KB
3	onmarshtompor.com onmarshtompor.com	1 KB
3	adsrvr.org 2 redirects match.adsrvr.org	2 KB
3	id5-sync.com 2 redirects id5-sync.com	4 KB
2	run-syndicate.com cdn.run-syndicate.com	17 KB
2	cdnativepush.com static.cdnativepush.com	7 KB
2	rtmark.net my.rtmark.net	1 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
2	cdn-adtrue.com cdn-adtrue.com	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	752 B
2	google-analytics.com www.google-analytics.com	19 KB
2	tapad.com 2 redirects pixel.tapad.com	927 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	leadplace.fr tag.leadplace.fr	4 KB
2	cloudfront.net d38itq6vdv6gr9.cloudfront.net d2zur9cc2gf1tx.cloudfront.net	43 KB
2	voltskegscurate.com voltskegscurate.com
1	dutorterraom.com dutorterraom.com	326 B
1	steepto.com cm.steepto.com	313 B
1	casalemedia.com as-sec.casalemedia.com	304 B
1	adleadevent.com adtrack.adleadevent.com	517 B
1	rlcdn.com api.rlcdn.com	321 B
1	mathtag.com 1 redirects pixel.mathtag.com	708 B
1	agkn.com 1 redirects aa.agkn.com	384 B
1	quantcount.com rules.quantcount.com quantcount.com Failed	1 KB
1	bedrapiona.com bedrapiona.com	2 KB
1	consensu.org quantcast.mgr.consensu.org	6 KB
1	indexww.com js-sec.indexww.com	13 KB
1	cpx.to p.cpx.to
1	onetag-sys.com onetag-sys.com	818 B
1	tmyzer.com c.tmyzer.com	271 B
1	sascdn.com ced-ns.sascdn.com	10 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	132 B
1	themoneytizer.net g.themoneytizer.net	271 B
1	iclickcdn.com iclickcdn.com	19 KB
1	dejourned.club dejourned.club	19 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
117	47

	Domain	Requested by
11	ib.adnxs.com	5 redirects cdn.adtrue.com acdn.adnxs.com
9	tii.ai	tii.ai
6	mwzeom.zeotap.com	spl.zeotap.com tii.ai
6	www.gstatic.com	www.google.com www.gstatic.com
5	exchange.adtrue.com	tii.ai cdn.adtrue.com
5	inpagepush.com	tii.ai inpagepush.com
5	www.google.com	tii.ai www.gstatic.com www.google.com
5	cdn.adtrue.com	tii.ai exchange.adtrue.com
4	static.criteo.net	cdn.adtrue.com static.criteo.net
4	ads.themoneytizer.com	tii.ai ads.themoneytizer.com
3	onmarshtompor.com	iclickcdn.com
3	match.adsrvr.org	2 redirects js-sec.indexww.com
3	id5-sync.com	2 redirects tii.ai
3	spl.zeotap.com	ads.themoneytizer.com spl.zeotap.com
2	acdn.adnxs.com	cdn.adtrue.com
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	c.adskeeper.co.uk	jsc.adskeeper.co.uk
2	cdn.run-syndicate.com	exchange.adtrue.com cdn.run-syndicate.com
2	static.cdnativepush.com	tii.ai inpagepush.com
2	fonts.gstatic.com	www.google.com fonts.googleapis.com
2	bidder.criteo.com	cdn.adtrue.com
2	my.rtmark.net	inpagepush.com onmarshtompor.com
2	cdn-adtrue.com	exchange.adtrue.com
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.tapad.com	2 redirects
2	tag.leadplace.fr	ads.themoneytizer.com tag.leadplace.fr
2	gum.criteo.com	ads.themoneytizer.com static.criteo.net
2	voltskegscurate.com	tii.ai
1	dutorterraom.com
1	cm.steepto.com	tii.ai
1	s-img.adskeeper.co.uk	tii.ai
1	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
1	cdn.adskeeper.co.uk	tii.ai
1	fonts.googleapis.com	tii.ai
1	jsc.adskeeper.co.uk	exchange.adtrue.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	adtrack.adleadevent.com	ajax.googleapis.com
1	pixel.quantserve.com	tii.ai
1	api.rlcdn.com	js-sec.indexww.com
1	ajax.googleapis.com	d2zur9cc2gf1tx.cloudfront.net
1	pixel.mathtag.com	1 redirects
1	aa.agkn.com	1 redirects
1	rules.quantcount.com	secure.quantserve.com
1	bedrapiona.com	iclickcdn.com
1	quantcast.mgr.consensu.org	tii.ai
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	onetag-sys.com	ads.themoneytizer.com
1	c.tmyzer.com	ads.themoneytizer.com
1	ced-ns.sascdn.com	tii.ai
1	ww1097.smartadserver.com	1 redirects
1	g.themoneytizer.net	ads.themoneytizer.com
1	iclickcdn.com	tii.ai
1	dejourned.club	tii.ai
1	www.googletagmanager.com	tii.ai
1	d38itq6vdv6gr9.cloudfront.net	tii.ai
0	quantcount.com Failed	secure.quantserve.com
117	61

This site contains links to these domains. Also see Links.

Domain
loan2host.com
shrinkearn.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
voltskegscurate.com R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
*.adtrue.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-08-14`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.themoneytizer.com GoGetSSL RSA DV CA	`2021-02-14` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
dejourned.club R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
inpagepush.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-08` - `2022-04-13`	a year	crt.sh
c.tmyzer.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2020-09-11` - `2021-09-12`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-02` - `2022-02-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
bedrapiona.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
onmarshtompor.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
cdn.run-syndicate.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
dutorterraom.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://tii.ai/QDRz8F
Frame ID: 024EA19ED6B5B316FEF79A6CC5ED9D75
Requests: 51 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Frame ID: B77B225F0F72618CF728897D019BDE2A
Requests: 7 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=28899&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=320&adHeight=100&loc=https://tii.ai/QDRz8F
Frame ID: D49A1E32A5154458C5CFDD057F72965A
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Frame ID: BBFA98BE8224E6C84019CCE2E763BD68
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1620120000511
Frame ID: 4575432FF0A2D871BB439EB5D35445DA
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258&cmp=0
Frame ID: D3F0C1207B16737210837A3FC48BC26B
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c
Frame ID: A5E513E1605273088559976F7D2825AB
Requests: 9 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=071f98b9f8a54028a1a9fdbe87070255&oaidts=1620120001
Frame ID: 15E1B3DFE8F9914BA3DE6EEE9A4437FA
Requests: 2 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ftii.ai%2FQDRz8F&id=MTIZ
Frame ID: 43B97FD5AD10BEAEAE2706A3E1AD6E5E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=7yqtji2hlws7
Frame ID: CF7909110DADB5C14064575C14C5EC92
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 6B691F1619FE6A5A8695CD5F700BFC77
Requests: 13 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 8A917FC18124E0C001D25578ACEFC2CC
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=tii.ai
Frame ID: DFC4873B500DE8B6E4EFA2AD7D41F1BB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1620120004260871601348
Frame ID: A76A9516183B43B6204F437353B201EC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FADECA5B20A98C5348639B788A273532
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7D287912756D2D676DCE6D83900DAA64
Requests: 3 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Frame ID: D6595F646F21469DED6495AF4B78932A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

117
Requests

99 %
HTTPS

36 %
IPv6

47
Domains

61
Subdomains

48
IPs

6
Countries

1909 kB
Transfer

5662 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://loan2host.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/category/loan-insurance/
Title: Loan & Insurance

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/category/health-fitness/
Title: Health & Fitness

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/category/law-attorney/
Title: Law & Attorney

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/faq
Title: How it works

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/know-how-to-choose-the-right-lawyer-for-you/
Title: Know How To Choose the Right Lawyer for You

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/8-yoga-poses-you-can-do-in-your-desk-chair/
Title: 8 Yoga Poses You Can Do in Your Desk Chair

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/how-to-choose-the-best-car-insurance-company/
Title: How to choose the best car insurance company?

Search URL Search Domain Scan URL

URL: https://loan2host.com/blog/what-influences-auto-insurance-costs-and-how/
Title: What Influences Auto Insurance Costs and How?

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://shrinkearn.com/pages/dmca
Title: DMCA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 36

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/108/8/2.gif?puid=8eadfa6f-9281-4a1e-befe-69add8aba5b3&gdpr=1&gdpr_consent=

Request Chain 41

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?adnxs_uid=8092866000119839384&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEBvxKqGR0P4Pkwfi55C-sY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

Request Chain 43

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=3ffc3b6a-f652-44c4-89d0-7f18757946ad&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

Request Chain 44

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=07213599663766406530517251503682230148&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

Request Chain 45

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258 HTTP 302
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=vmclNxe6OiZWMB0WkZfMCVBIl9c59cTV%2BS41iYitP1U%3D

Request Chain 46

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a63b8e87%26uc%3D2%26zdid%3D1258 HTTP 302
https://mwzeom.zeotap.com/mw?cid=0c0c6091-11c1-4d00-84e2-609ca0bf6cd0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

Request Chain 110

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 111

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 113

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

117 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request QDRz8F Show response
tii.ai/ 46 KB
14 KB 315ms
275ms Document
text/html 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/QDRz8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4a0d15434de3c28f4331678f7a2213f607733655c9012465fe0a1a10b0c0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tii.ai
:scheme: https
:path: /QDRz8F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; expires=Thu, 03-Jun-21 09:19:58 GMT; path=/; domain=.tii.ai; HttpOnly; SameSite=Lax; Secure AppSession=3da78ddcd3703159d97f7dff433d019d; path=/; HttpOnly; secure csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; path=/; HttpOnly; secure app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8; expires=Wed, 05-May-2021 09:19:57 GMT; Max-Age=86400; path=/; HttpOnly; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 09d846694a000097c01b183000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTZnmol5ek9WAJe2%2F4fwdZnc5EO7reFWZXRLJ5QqG%2FoKbnmAvpcB0p0OolEFHQ40CrHaCPw5HqGZuyC1WvcHZwE8KwunD5THCOyyOABHfhGVx%2FE%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 64a0a6887f9497c0-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 style.css
tii.ai/main/wp-content/themes/Newspaper/ 1 MB
108 KB 587ms
572ms Stylesheet
text/css 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/main/wp-content/themes/Newspaper/style.css

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb3aeddbd5909efdbfd92d5c5ce9e0f7824df3ecee57ed3a63af3dfe454b54e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /main/wp-content/themes/Newspaper/style.css
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8466a7900004dd09f3cf000000001
last-modified: Thu, 12 Nov 2020 06:39:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Cyh%2BlyyY7P%2FTYtyuJPPrc%2BmtZmD7DlrrCC9%2F6AjvEYlqHFGQaqd5jk0uRGdFVHtRywSAok%2BdYBDWn0sZB5gd%2BiBuDJ1gN3870iMM15ez3FxaRWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 64a0a68a5ff34dd0-FRA
expires: Thu, 03 Jun 2021 09:19:57 GMT

GET
H3-29 200 styles.min.css
tii.ai/cloud_theme/build/css/ 189 KB
31 KB 375ms
360ms Stylesheet
text/css 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cloud_theme/build/css/styles.min.css?ver=6.4.0
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8466a7900004dd0b2332000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mAI%2FA1yt07Bt9qMJz%2BevgsFH2AL%2FvQ%2Bj22CVe84Hn%2FyN5cS5WUoypoItWx79jDkxahSM1houiBQKT83zgSDaLey21IZf8X%2FMTDOpkMICvtcbnmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 64a0a68a5ff64dd0-FRA
expires: Thu, 03 Jun 2021 09:19:57 GMT

GET
H3-29 200 logo.png
tii.ai/main/ 10 KB
10 KB 241ms
238ms Image
image/png 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tii.ai/main/logo.png

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b565424f97756150afd0cb043870e580409df4b758a3a6fca74b88fb2c167bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /main/logo.png
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9760
cf-request-id: 09d8466d0e00004dd0cdb01000000001
last-modified: Thu, 12 Nov 2020 07:01:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=drqmH3dDC2KEeYUhrXKnxs7lh5kX4ckyB%2FE86d3iS%2BoGIiWeE8XVtOuCNIWO2tBmAMxwBM2h7l8Ki87dkPZGLAlJAUvT51wU1IDbacVjf7XXoRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 64a0a68e78734dd0-FRA
expires: Wed, 04 May 2022 09:19:58 GMT

GET
H/1.1 200
OK 14504 Show response
voltskegscurate.com/trVUCXBUCLLp/ 0
0 139ms
37ms Script
text/html 172.255.6.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://voltskegscurate.com/trVUCXBUCLLp/14504
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.44 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *

GET
H/1.1 200
OK 15063 Show response
voltskegscurate.com/tSKMtzRRAyQauGzo/ 0
0 770ms
716ms Script
text/html 172.255.6.44
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://voltskegscurate.com/tSKMtzRRAyQauGzo/15063
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 172.255.6.44 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: *

GET
H2 200 async.js Show response
cdn.adtrue.com/rtb/ 7 KB
3 KB 59ms
24ms Script
application/x-javascript 2606:4700:10::6816:3081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/async.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Nov 2020 01:20:45 GMT
server: cloudflare
age: 3673113
etag: W/"5fb1d3ed-1c9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a68ebafe4dfa-FRA
cf-request-id: 09d8466d2e00004dfa042e5000000001
expires: Thu, 17 Mar 2022 21:01:26 GMT

GET
H2 200 / Show response
d38itq6vdv6gr9.cloudfront.net/ 47 KB
17 KB 182ms
151ms Script
text/plain 2600:9000:206f:8400:1a:c7f7:5540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38itq6vdv6gr9.cloudfront.net/?vqtid=805884
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8400:1a:c7f7:5540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f6c42dc669611333599d4f5c9e5609dea235c947aa10224244a85106b2050b87

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 17492
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-id: AQZ_b6trDkkYaDJCymgNQCdOnIvx9TTOYi040X-HqpYvtVbEu8ffmQ==

GET
H3-29 200 sw.js Show response
tii.ai/ 102 KB
38 KB 473ms
473ms Script
application/javascript 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/sw.js

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b995fc827b99b0c5712febabda126812a7064d95c6471e9b785ee20e2fce044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /sw.js
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8466d0e00004dd09d073000000001
last-modified: Tue, 18 Aug 2020 15:48:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VXS3KD4NDoWJLY4emD6KGntIqXa72J5FV6b6qWXoGZBFfajha6hzegyMVBeEZCFny0xZA4jA49H0Fm8ajLKVrx8tUUsUkQBxbjZhM60rpigFaw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 64a0a68e78704dd0-FRA
expires: Thu, 03 Jun 2021 09:19:58 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 850 B
576 B 18ms
16ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f26e4ff4ee18bf6300053a746e3557f8c07827b96c787f9927463cd6ae13e339

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 04 May 2021 09:19:59 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 4 KB
2 KB 98ms
43ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=19
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2127
expires: Wed, 05 May 2021 09:19:32 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 104 KB
14 KB 97ms
44ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 28e2fdfed6b824ef4abde2a6f3f50f1df6b8cb0c116ac835536e8ec488de79d7

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
accept-ranges: bytes
content-length: 14385
expires: Wed, 05 May 2021 09:19:46 GMT

GET
H3-29 200 tagdiv_theme.min.js Show response
tii.ai/main/wp-content/themes/Newspaper/js/ 204 KB
46 KB 469ms
466ms Script
application/javascript 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /main/wp-content/themes/Newspaper/js/tagdiv_theme.min.js
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8466d0e00004dd0f40e9000000001
last-modified: Thu, 12 Nov 2020 06:39:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t87Eg881uMfS0Ft79JMCswc%2FToKi4UHH0w9tw0By37W98d%2FBPpmYYbXFjvwxr9n5OJFd%2Bw6ti2JSACzOf%2BRXQEfHQQa3WS7tRQMnxz1RmwcNiu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 64a0a68e78714dd0-FRA
expires: Thu, 03 Jun 2021 09:19:58 GMT

GET
H3-29 200 script.min.js Show response
tii.ai/cloud_theme/build/js/ 202 KB
57 KB 473ms
470ms Script
application/javascript 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /cloud_theme/build/js/script.min.js?ver=6.4.0
pragma: no-cache
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://tii.ai/QDRz8F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8466d0e00004dd091a18000000001
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vQr1zZVVfX0rVIC%2FeRYZpM7pOLW0MSDzxVavB7YX1n4diQV%2BT27MIvU%2FfTbk8h2oIm1d%2BiE4XooDwSt6h8m6gLorS%2F4DeMi2MyKEkAu2VZlnncU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding,User-Agent
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 64a0a68e78724dd0-FRA
expires: Thu, 03 Jun 2021 09:19:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a4a069662c570e7efd5b110d3c501f7157a8ae03001f161f6c78df5d789bfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35863
x-xss-protection: 0
last-modified: Tue, 04 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 09:19:59 GMT

GET
H3-29 200 newspaper9bf3.woff
tii.ai/main/wp-content/themes/Newspaper/images/icons/ 22 KB
22 KB 358ms
356ms Font
font/woff 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/main/wp-content/themes/Newspaper/images/icons/newspaper9bf3.woff?15

Requested by

Host: tii.ai
URL: https://tii.ai/main/wp-content/themes/Newspaper/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tii.ai
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: __cfduid=dae51163c8ad2f0c2fb046234adcaf36a1620119998; AppSession=3da78ddcd3703159d97f7dff433d019d; csrfToken=d4a797298006987f122cd0908b7f39edf03e5e7d58617ebb8062889d56ea0fc0a23087bc73ee2525a7840092cb565ad6cad74d6d7875353c0e592282708d8c28; app_visitor=Q2FrZQ%3D%3D.ZmQ3NDRlMzUwYjg0ZmYyNjA2ZjVkNjBmOWRmNzcyYmNiOGM1NzFhMjhmN2FkODEyMTFhNmQ0MzM5ODg4MGNjNjPprJnuW0taoTzgPq%2BXlLDOUhL8xzJXu3zgKKlPJCIuLLkDVA%2FL1vWusm0yDpK7e%2Bh7FlNKhJ%2FZBKXIzcbpiOdSHg6UMdQk3hNgucaNNZs8
:path: /main/wp-content/themes/Newspaper/images/icons/newspaper9bf3.woff?15
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: tii.ai
referer: https://tii.ai/main/wp-content/themes/Newspaper/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://tii.ai
Referer: https://tii.ai/main/wp-content/themes/Newspaper/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22064
cf-request-id: 09d8466d1700004dd0c28e1000000001
last-modified: Thu, 12 Nov 2020 06:39:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=URgV9Mhx2Q95aHuq3l6LBsis7cXkLPUmXIUdlv0pFCnKX8cZJFO8XEwcacs2NTEwzShFb9sI9mu17%2FvrhaeCQ8mhmFzwGM37LwB1RaF7bIlgCuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 64a0a68e88964dd0-FRA
expires: Tue, 11 May 2021 09:19:58 GMT

GET
H2 200 RjJCN3k9EDFAJjNALhVDZFo2Qwk1CG0YDS9bbFYQaUE1GRM1EG4VCitUYA1IahAxWg9kCGAFV3AQbhUNJ1UdXh1kCGAPSXMKegNbahAxQhsZWyYFW3wQcgEdJAZzBBhrAiFVQWsGdgdBa1N7B0BrAiEOTiMCI1QbIABxFQQ Show response
dejourned.club/ 49 KB
19 KB 481ms
208ms Script
application/javascript 54.144.3.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dejourned.club/RjJCN3k9EDFAJjNALhVDZFo2Qwk1CG0YDS9bbFYQaUE1GRM1EG4VCitUYA1IahAxWg9kCGAFV3AQbhUNJ1UdXh1kCGAPSXMKegNbahAxQhsZWyYFW3wQcgEdJAZzBBhrAiFVQWsGdgdBa1N7B0BrAiEOTiMCI1QbIABxFQQ
Requested by: Host: tii.ai
URL: https://tii.ai/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.144.3.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 04ef2a66c5c27947b81f0ab2e697d8c7d996e609b9904d976cc8cbcca3c04744

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"c255-LVoW6ouDiuSG4QFx6CMZA6Uu57s"
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 3487732 Show response
inpagepush.com/400/ 82 KB
29 KB 195ms
72ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3487732

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

92b2d724912ac952ca1b0372040f125d7eff325090d3b80abbd3d738fdc8af7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: aef738971175bdccc1482b100d5558a2
pragma: no-cache
date: Tue, 04 May 2021 09:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 56 KB
19 KB 47ms
25ms Script
application/javascript 2606:4700:20::681a:d76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 42871
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 09d8466fcc0000dfbf118fb000000001
x-trace-id: 6c93f08ca0029a37da0c229435211004
pragma: no-cache
last-modified: Fri, 30 Apr 2021 13:06:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aewrvcscCqDxIslrQliGpbSUSGPE7wvTNNGLjkmdgRxnG%2FPeCdiMH3ATAlNyy6L%2Bt2%2BrUWDIDM32TrkA1c17KI4zYfb%2F8wPveHSybCYSR3SZ6WnpvhofjGNw"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 64a0a692df6ddfbf-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 04 May 2021 21:25:29 GMT

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame B77B 4 KB
4 KB 603ms
212ms Script
application/javascript 54.148.164.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.164.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-164-15.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b5ef92540f0ca9b3adf3cfe36182ea3106bf15b84ec424c9f101a25776cdf299

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
server: nginx
x-adtrue-instance: java2
content-length: 3694
content-type: application/javascript

GET
H2 400 impress
exchange.adtrue.com/delivery/ Frame D49A 0
0 551ms
178ms Script
text/plain 54.148.164.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=28899&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=320&adHeight=100&loc=https://tii.ai/QDRz8F
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.164.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-164-15.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
server: nginx
x-adtrue-instance: java2
content-length: 0

GET
H2 200 impress Show response
exchange.adtrue.com/delivery/ Frame BBFA 4 KB
4 KB 578ms
209ms Script
application/javascript 54.148.164.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.164.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-164-15.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b5ef92540f0ca9b3adf3cfe36182ea3106bf15b84ec424c9f101a25776cdf299

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
server: nginx
x-adtrue-instance: java1
content-length: 3694
content-type: application/javascript

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ 335 KB
335 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tii.ai
Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 08:57:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 1355
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342680
x-xss-protection: 0
expires: Wed, 04 May 2022 08:57:25 GMT

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
271 B 423ms
81ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 744c9b05195dbc3a28690491f4bbad00c501ace7e2321f0b97036323e90cf6bc

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:00 GMT
Server: nginx
X-IPLB-Request-ID: 5928B713:6114_91EFC191:01BB_609111C0_6AC4D08:2FE8F
X-IPLB-Instance: 29821
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 38 KB
16 KB 141ms
137ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
server: nginx
etag: "604b9fc7-981e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16267
expires: Wed, 05 May 2021 09:19:32 GMT

GET
H2

200

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

32 KB
10 KB

119ms
17ms

Script
application/x-javascript

68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FB5) /
Resource Hash: b0f62a19b3816ea7dc2f9990b599ab78f203bb6006af805e5315d003e5fafc3b

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 13:06:40 GMT
server: ECS (pab/6FB5)
age: 43378
etag: "dd5367de39ecf8e8013426a9e92e0f2a:1619615202.334496"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10033

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Tue, 04 May 2021 09:20:00 GMT
content-length: 0

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
271 B 456ms
268ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=58811&f=19&fi=99
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 May 2021 09:20:00 GMT
Server: nginx
X-IPLB-Request-ID: 5928B713:50C8_36264064:01BB_609111C0_280B80A:2F520
X-IPLB-Instance: 38432
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
371 B 84ms
23ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 04 May 2021 09:20:00 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 2227
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 4 KB
4 KB 863ms
36ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:01 GMT
Last-Modified: Fri, 19 Mar 2021 09:51:06 GMT
Server: nginx/1.14.2
X-IPLB-Request-ID: 5928B713:3962_91EFC0A6:01BB_609111C0_62997212:209EF
ETag: "6054740a-e7c"
X-IPLB-Instance: 30196
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 3708

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 4575 2 KB
818 B 638ms
65ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1620120000511

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1620120000511
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
spl.zeotap.com/ Frame D3F0 2 KB
1 KB 49ms
31ms Document
text/html 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fddb94a560bd9cca95278aec29d61100ee371b6155252a11c481d7d23c5c1bb

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-type: text/html
set-cookie: __cfduid=dfb8ab1dd4b0d71ec2e35806dcdfc185f1620120000; expires=Thu, 03-Jun-21 09:20:00 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=0a7143b7-b704-4009-46e6-d44cbc2b6f1c; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=W%F4%EBW%3F%B1%60%DFw%23%F7%E5%EAQ%07%5EG%8C%7B%D7%9FT%1F7%2A%5E%02%E9G%CA%1A%95p%CD%D7%2C%F48%AB%02d%A7z-J%EC%F3%B7%C8%CE%B7%0D~%C30%FE%3E%25K_%D7l%AE%D5%5D%DC%8F%BE%C6%7D%989%15.-%91%F8%B1%7F%AEA%5B%8B%0EPO%23%29%E9%B5%3D%7D%BE%ADD%1F%91%EAC~%93X%29%A7%C9; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://tii.ai
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09d846703600004ee65803d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64a0a6938aff4ee6-FRA
content-encoding: br

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 54ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 11 May 2021 09:20:00 GMT

GET
H/1.1 404
Not Found px.js
p.cpx.to/p// 0
0 619ms
259ms Script
text/plain 63.34.247.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p//px.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.247.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:00 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 251ms
108ms Script
text/javascript 54.230.182.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.182.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 23:44:43 GMT
Via: 1.1 d0a9a72e5bf584d7f4cd7045997db51e.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 34517
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
X-Amz-Cf-Pop: HAM50-C3
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: vdDgnkcerGif9GP7lnPUQoGVeeLA57GB8AHEYLyB1HJGt-gxeAJGtQ==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 637ms
292ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 May 2021 08:51:38 GMT
Server: Apache
ETag: "da48de-930b-5c17d2fadbf2f"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1929
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12788
Expires: Tue, 04 May 2021 09:52:09 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid4_35/build/dist/ 528 KB
165 KB 107ms
106ms Script
application/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid4_35/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=58811&formatId=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: d8a382bb17386d2d82cc7bff0b08cbc40466c977c277e039adfa7de9b9511957

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Tue, 04 May 2021 09:20:00 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 09:25:31 GMT
server: nginx
etag: "607fef8b-84176"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 168757
expires: Wed, 05 May 2021 09:19:55 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 16 KB
6 KB 72ms
8ms Script
application/javascript 2600:9000:2104:5400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:5400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:09:30 GMT
content-encoding: br
etag: W/"51870ee6d5cb32ca5311356b296af21f"
last-modified: Tue, 09 Mar 2021 20:17:06 GMT
server: AmazonS3
age: 1414
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e13e8f228afcbd0862f27c6ebd714879.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: EPLePDRW6eQ1qpeCOePIWFM-TX75efYyo6AvX6Sb3Zs8q0gF5u9X8w==

GET
H/1.1

200

2.gif
id5-sync.com/c/12/108/8/
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif?gdpr=1&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_cons...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F8%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdp...
https://id5-sync.com/c/12/108/8/2.gif?puid=8eadfa6f-9281-4a1e-befe-69add8aba5b3&gdpr=1&gdpr_consent=

43 B
1 KB

910ms
910ms

Image
image/gif

51.195.5.232
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/12/108/8/2.gif?puid=8eadfa6f-9281-4a1e-befe-69add8aba5b3&gdpr=1&gdpr_consent=

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.232 , France, ASN16276 (OVH, FR),

Reverse DNS

p15.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:00 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

date: Tue, 04 May 2021 09:20:02 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://id5-sync.com/c/12/108/8/2.gif?puid=8eadfa6f-9281-4a1e-befe-69add8aba5b3&gdpr=1&gdpr_consent=
alt-svc: clear
content-length: 0

GET
H2 200 / Show response
bedrapiona.com/5/3491150/ 3 KB
2 KB 366ms
291ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3491150/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: aa673d1b8b927accfd7a39f83d3bdc8dfb8744848767dabe4be8502ff3eb2d2d

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 9b9dd46d0c5ad566a6ef44c65ad5be47
pragma: no-cache, no-cache
date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://tii.ai
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A5E5 20 KB
11 KB 43ms
35ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

322d398795444f8ee9245045851d74653dd8488d6b1daf283ad0017b499f7103

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ksq69ViWMMRdlQfpw59Azg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 May 2021 09:20:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-Ksq69ViWMMRdlQfpw59Azg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10870
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113561579-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5966
date: Tue, 04 May 2021 07:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 09:40:35 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
1 KB 80ms
20ms Script
application/javascript 2600:9000:2104:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:18:49 GMT
content-encoding: gzip
age: 72
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
etag: W/"9a93052877e57b42aeefaab6e7ec5f90"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 6WPvlNIBRVW9HRVxZjPsMj8HbF6DdK1f3v6U5BZer8ZrCkBBlgZDDQ==

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fadnxs_uid%3D%24UID%26zpartnerid%3D2%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%2...
https://mwzeom.zeotap.com/mw?adnxs_uid=8092866000119839384&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258

95 B
179 B

33ms
28ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?adnxs_uid=8092866000119839384&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a69b9b7a4ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d846754200004ee6969e2000000001

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:01 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid: 5fd971a5-70cc-48d2-a54e-19ffa2353042
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://mwzeom.zeotap.com/mw?adnxs_uid=8092866000119839384&zpartnerid=2&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2...
https://mwzeom.zeotap.com/mw?google_gid=CAESEBvxKqGR0P4Pkwfi55C-sY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c...

95 B
306 B

430ms
428ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEBvxKqGR0P4Pkwfi55C-sY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a6a3be314ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d8467a4e00004ee677bde000000001

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEBvxKqGR0P4Pkwfi55C-sY8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 450
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a6...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b7-b704-4009-46e6-d44cbc2b6f1c%26reqId%3D88f631a4-703d-48c7-68c9-03c0a6...
https://mwzeom.zeotap.com/mw?cid=3ffc3b6a-f652-44c4-89d0-7f18757946ad&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc...

95 B
387 B

23ms
23ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=3ffc3b6a-f652-44c4-89d0-7f18757946ad&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a69e7a624ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d846770700004ee660080000000001

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:02 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://mwzeom.zeotap.com/mw?cid=3ffc3b6a-f652-44c4-89d0-7f18757946ad&zpartnerid=6&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 449

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://dpm.demdex.net/ibs:dpid=199624&dpuuid=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
https://mwzeom.zeotap.com/mw?cid=07213599663766406530517251503682230148&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e8...

95 B
229 B

24ms
24ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=07213599663766406530517251503682230148&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a6a178cb4ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d84678ec00004ee6a93e7000000001

Redirect headers

DCS: dcs-prod-irl1-1-v005-07b9c02ff.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5iusGO3UR+Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://mwzeom.zeotap.com/mw?cid=07213599663766406530517251503682230148&zpartnerid=314&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=vmclNxe6OiZWMB0WkZfMCVBIl9c59cTV%2BS41iYitP1U%3D

95 B
179 B

26ms
25ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=vmclNxe6OiZWMB0WkZfMCVBIl9c59cTV%2BS41iYitP1U%3D
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a69b8b544ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d846753600004ee660a45000000001

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:01 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1258&cid=vmclNxe6OiZWMB0WkZfMCVBIl9c59cTV%2BS41iYitP1U%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D3F0
Redirect Chain

https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26id_mid_4%3D0a7143b...
https://mwzeom.zeotap.com/mw?cid=0c0c6091-11c1-4d00-84e2-609ca0bf6cd0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0...

95 B
294 B

34ms
31ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=0c0c6091-11c1-4d00-84e2-609ca0bf6cd0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://spl.zeotap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
cf-ray: 64a0a69b6b1a4ee6-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09d846752600004ee67c81f000000001

Redirect headers

Date: Tue, 04 May 2021 09:20:01 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x6
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://mwzeom.zeotap.com/mw?cid=0c0c6091-11c1-4d00-84e2-609ca0bf6cd0&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 04 May 2021 09:21:14 GMT

GET
H2 200 cmp.min.js Show response
spl.zeotap.com/ Frame D3F0 541 B
611 B 39ms
29ms Script
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b007777e0db9cd8224fa110017117131a15db7eda2be78d8cb69def25a16586

Request headers

Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 64a0a6993e1f4ee6-FRA
date: Tue, 04 May 2021 09:20:01 GMT
via: 1.1 google
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://spl.zeotap.com
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *
cf-request-id: 09d84673c200004ee6a3075000000001

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 15E1 203 B
810 B 134ms
28ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=071f98b9f8a54028a1a9fdbe87070255&oaidts=1620120001

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c8bdba7b6fa2940d30a89e435ccd92191889337824169b55a97bd18dca6704ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=071f98b9f8a54028a1a9fdbe87070255&oaidts=1620120001
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

server: nginx
date: Tue, 04 May 2021 09:20:01 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: b70f93e745cce363283e22292a58d466
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=071f98b9f8a54028a1a9fdbe87070255; expires=Wed, 04 May 2022 09:20:01 GMT; path=/; secure; SameSite=None oaidts=1620120001; expires=Wed, 04 May 2022 09:20:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame BBFA 257 KB
82 KB 28ms
27ms Script
application/x-javascript 2606:4700:10::6816:3081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 3673105
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69a6c384dfa-FRA
cf-request-id: 09d846747f00004dfae0b8f000000001
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame BBFA 751 B
579 B 59ms
30ms Script
application/x-javascript 2606:4700:3038::6815:eb99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2870810
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d846749c0000d6b54f254000000001
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6vwi0S2P8iXvB2hPfaWvmZkuPXMnpgedDAgSv2QQ11heP4ZgrkVSbiSCDni5Vri27HAJ2OcOcRZ6bO5qrLMw6YpfVCCwUgxOboE5IXu9HJolt9l6hprkY7Xo%2Bg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69a9a57d6b5-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H2 200 prebid.js Show response
cdn.adtrue.com/pb/ Frame B77B 257 KB
82 KB 32ms
32ms Script
application/x-javascript 2606:4700:10::6816:3081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/pb/prebid.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 05:31:13 GMT
server: cloudflare
age: 3673105
etag: W/"5f3f5c21-405dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69a6c3c4dfa-FRA
cf-request-id: 09d846748200004dfaeab6b000000001
expires: Thu, 17 Mar 2022 21:01:36 GMT

GET
H2 200 ga.js Show response
cdn-adtrue.com/track/ Frame B77B 751 B
1 KB 49ms
29ms Script
application/x-javascript 2606:4700:3038::6815:eb99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-adtrue.com/track/ga.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=18694&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cb=2955433936&timeZone=2&adWidth=300&adHeight=250&loc=https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2870810
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d846749c0000d6b568ad0000000001
last-modified: Thu, 01 Apr 2021 03:35:26 GMT
server: cloudflare
etag: W/"60653f7e-2ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pE84WBjiHK5M0UbCoBr89DRZJo1bgQO8FiqYaQJKu9i9j6bxwbUnVreO0%2F7pC%2BwddXtPh3yga4onjrJd7aFd8ePKszs2rv8PieyoJz7z%2FCDh7RvS8Q0OTX%2FYrQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69a9a59d6b5-FRA
expires: Sun, 27 Mar 2022 03:53:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 09:39:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344452
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:39:09 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
537 B 345ms
27ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d3cf8800f2cacb846111308f024e3eb480b70cabd3f14b226236d5f3d0e20618

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tii.ai
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=830763566&t=pageview&_s=1&dl=https%3A%2F%2Ftii.ai%2FQDRz8F&ul=en-us&de=UTF-8&dt=Loan2Host&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=704498682&gjid=1167739067&cid=1236721473.1620120002&tid=UA-113561579-1&_gid=1868683411.1620120002&_r=1&gtm=2ou4l3&z=542105195

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tii.ai
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
536 B 407ms
36ms XHR
application/json 34.250.26.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186329
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.26.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f4cb2739da6fa4b7de380dfccad60e61d8af9e78d5974a431d11d821e496899

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tii.ai
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 03 Jun 2021 09:20:02 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
321 B 362ms
38ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://tii.ai
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

POST error
quantcount.com/log/ 0
0

GET
H2 200 pixel;r=1027535834;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftii.ai%2FQDRz8F;uht=2;fpan=1;fpa=P0-1814804255-1620120001811;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-2...
pixel.quantserve.com/ 35 B
370 B 24ms
12ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1027535834;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Ftii.ai%2FQDRz8F;uht=2;fpan=1;fpa=P0-1814804255-1620120001811;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=tii.ai;je=0;sr=1600x1200x24;dst=1;et=1620120001811;tzo=-120;ogl=image.

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK wckr.php Show response
tag.leadplace.fr/ Frame 43B9 0
247 B 35ms
35ms Document
text/html 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Ftii.ai%2FQDRz8F&id=MTIZ
Requested by: Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

Server: nginx/1.14.2
Date: Tue, 04 May 2021 09:20:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5928B713:3962_91EFC0A6:01BB_609111C1_629972B4:209EF
X-IPLB-Instance: 30196

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame A5E5 51 KB
25 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 1134
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Wed, 04 May 2022 09:01:07 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame A5E5 335 KB
131 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5636
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 May 2022 07:46:05 GMT

GET
H2 204 cmp
spl.zeotap.com/ Frame D3F0 0
0 33ms
21ms Document
text/plain 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258&cmp=0
Requested by: Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /cmp?env=mWeb&eventType=map&id_mid_4=0a7143b7-b704-4009-46e6-d44cbc2b6f1c&reqId=88f631a4-703d-48c7-68c9-03c0a63b8e87&uc=2&zdid=1258&cmp=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: zc=0a7143b7-b704-4009-46e6-d44cbc2b6f1c; zsc=W%F4%EBW%3F%B1%60%DFw%23%F7%E5%EAQ%07%5EG%8C%7B%D7%9FT%1F7%2A%5E%02%E9G%CA%1A%95p%CD%D7%2C%F48%AB%02d%A7z-J%EC%F3%B7%C8%CE%B7%0D~%C30%FE%3E%25K_%D7l%AE%D5%5D%DC%8F%BE%C6%7D%989%15.-%91%F8%B1%7F%AEA%5B%8B%0EPO%23%29%E9%B5%3D%7D%BE%ADD%1F%91%EAC~%93X%29%A7%C9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map

Response headers

date: Tue, 04 May 2021 09:20:01 GMT
set-cookie: __cfduid=d7fdc1d098ba07b3c39fded67cf4402871620120001; expires=Thu, 03-Jun-21 09:20:01 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://spl.zeotap.com
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 09d846755800004ee6969e3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64a0a69bcbd54ee6-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BBFA 141 B
1 KB 300ms
299ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

9db3a6925193355978fb310276f029c78400c56b457cc9b54f8b069da1c89047

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:01 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: ddaa5b61-bb99-490e-94d2-83456bba981c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 141
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BBFA 0
136 B 344ms
265ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=3211510252
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tii.ai
date: Tue, 04 May 2021 09:20:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame B77B 0
136 B 327ms
265ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=11567214322
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://tii.ai
date: Tue, 04 May 2021 09:20:01 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B77B 143 B
1 KB 321ms
272ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d78ddd24e9ff18479bf3593d93e42d8e37b1bb10336c09d10c1ea5eeb605f5c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:02 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid: 2fdeef79-a3cb-4b24-8ae7-9b2103fc8a63
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 15E1 43 B
490 B 151ms
92ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=071f98b9f8a54028a1a9fdbe87070255

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=071f98b9f8a54028a1a9fdbe87070255&oaidts=1620120001

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
517 B 391ms
34ms XHR
application/x-javascript 54.246.113.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.113.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 May 2021 09:20:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A5E5 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A5E5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A5E5 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 409473
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 06 May 2021 15:35:29 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A5E5 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 560042
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:46:00 GMT

GET
H3-29 200 W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js Show response
www.google.com/js/bg/ Frame A5E5 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/W2xNIJZa3rU__xOhJSE22-BlHC3zQORVvVWr7ErpxMA.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:08 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 1134
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5734
x-xss-protection: 0
expires: Wed, 04 May 2022 09:01:08 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame A5E5 102 B
132 B 18ms
17ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&co=aHR0cHM6Ly90aWkuYWk6NDQz&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=normal&cb=6bm2vk61lj2c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 04 May 2021 09:20:02 GMT

GET
H2 200 3487732 Show response
inpagepush.com/500/ 4 KB
2 KB 59ms
59ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=&oaid=bfc2554fc857498e9aff096a5d6fda5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&pl=https%3A%2F%2Ftii.ai%2FQDRz8F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1ab53a107d79e88010800c30b752b99ff2c4e0eeefd286bcf0dff66839efe0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 1c957a8b30d7440e1c5e4bbc74ab4a70
pragma: no-cache
date: Tue, 04 May 2021 09:20:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://tii.ai
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3487732
inpagepush.com/500/ Frame 0
0 359ms
274ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://tii.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 04 May 2021 09:20:01 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://tii.ai
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

OPTIONS
H2 204 options
onmarshtompor.com/ Frame 0
0 139ms
55ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/options?option_args=CM6K1QESIDA3MWY5OGI5ZjhhNTQwMjhhMWE5ZmRiZTg3MDcwMjU1GjFodHRwOi8vYmVkcmFwaW9uYS5jb20vYXB1LnBocD96b25laWQ9MzQ5MTE1MCZvbz0xIg9odHRwczovL3RpaS5haS8yJDE1OTYyZjFhLTEyOTYtNGMyZi1iM2Q0LTRhOWRlMmFkMzg5Yg==

Protocol

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://tii.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 04 May 2021 09:20:00 GMT
access-control-allow-origin: https://tii.ai
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H2 200 options Show response
onmarshtompor.com/ 0
442 B 27ms
27ms XHR
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: a39533fb883db9f0e5c4f5bc1f2a8c3f
pragma: no-cache
date: Tue, 04 May 2021 09:20:02 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://tii.ai
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame CF79 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=7yqtji2hlws7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2449976e82c38da426678b2624493553c23090dbd6a8675dc4a4a4523739947d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QSIy8+Qttb7F1FgyBGP4Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=7yqtji2hlws7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 May 2021 09:20:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-QSIy8+Qttb7F1FgyBGP4Tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1118
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
304 B 362ms
297ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=415712&u=https%3A%2F%2Ftii.ai%2FQDRz8F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:02 GMT
Server: Apache
Access-Control-Allow-Origin: https://tii.ai
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 04 May 2021 09:20:02 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 6B69 753 B
705 B 11ms
11ms Script
application/x-javascript 2606:4700:10::6816:3081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 3672784
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69e5bc24dfa-FRA
cf-request-id: 09d84676f700004dfa18817000000001
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 passback.js Show response
cdn.adtrue.com/rtb/ Frame 8A91 753 B
511 B 14ms
14ms Script
application/x-javascript 2606:4700:10::6816:3081
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adtrue.com/rtb/passback.js
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3081 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Oct 2020 03:26:52 GMT
server: cloudflare
age: 3672784
etag: W/"5f98e4fc-2f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31104000
cf-ray: 64a0a69e6bd74dfa-FRA
cf-request-id: 09d84676ff00004dfa3005c000000001
expires: Thu, 17 Mar 2022 21:06:57 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 6B69 295 B
485 B 202ms
202ms Script
application/javascript 54.148.164.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1583838518&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.164.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-164-15.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4da6042117ced1e0591336b5c7c23572ee21ca47ed7d23fa3b981d74a0c3ba76

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
server: nginx
content-length: 295
content-type: application/javascript

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame CF79 51 KB
25 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=7yqtji2hlws7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 1135
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Wed, 04 May 2022 09:01:07 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame CF79 335 KB
131 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&k=6Ld1zJ0UAAAAAJDrVGyQztRmkcdR_klU_ZFrnzPb&cb=7yqtji2hlws7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 07:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5637
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 May 2022 07:46:05 GMT

GET
H2 200 passback Show response
exchange.adtrue.com/tag/ Frame 8A91 2 KB
2 KB 206ms
204ms Script
application/javascript 54.148.164.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=125716522&ref=undefined
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.164.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-164-15.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a4531878fe0d9d526fc780f1568e0a7d1210e296238512cfb5b855cb6a7f404d

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
server: nginx
content-length: 1675
content-type: application/javascript

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ 3 KB
4 KB 158ms
42ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:02 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 200 adtrue.tii.ai.990810.js Show response
jsc.adskeeper.co.uk/a/d/ Frame 6B69 266 KB
66 KB 989ms
47ms Script
text/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=1583838518&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ff86225d8b1e89e7c29827027b3e447887cc899a6dc5f223dada22afde2157

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:03 GMT
content-encoding: br
cf-cache-status: HIT
age: 1081
cf-polished: origSize=272695
last-modified: Sat, 24 Apr 2021 05:56:36 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HQSZYPB4BKWA6F0N
x-amz-id-2: clydqy0YaxfOirjSNoUhNFzAEyDCwLTk3MjakNjVnToS8lfLonlWg7DG+fnB31keDmI6WKokPLc=
cf-bgj: minify
server: cloudflare
etag: W/"0d2566081d3137351654cb359d7e7c30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
cf-request-id: 09d8467bb70000ee7dbe0f6000000001
cf-ray: 64a0a6a5fa14ee7d-CDG
expires: Tue, 04 May 2021 13:20:03 GMT

GET
H2 200 n.js Show response
cdn.run-syndicate.com/sdk/v1/ Frame 8A91 17 KB
9 KB 2807ms
2685ms Script
application/javascript 67.27.233.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Requested by: Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=18694&divid=125716522&ref=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:03 GMT
content-encoding: gzip
last-modified: Wed, 17 Feb 2021 13:10:31 GMT
server: nginx
age: 6548943
etag: W/"602d15c7-44f3"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8713

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BBFA 80 KB
26 KB 99ms
52ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 09:20:02 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B77B 80 KB
26 KB 71ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:02 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 09:20:02 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame B77B 80 KB
26 KB 67ms
24ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:03 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 09:20:03 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BBFA 80 KB
26 KB 83ms
53ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:03 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 05 May 2021 09:20:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DFC4 0
193 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=tii.ai

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=tii.ai
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tii.ai/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1518
date: Tue, 04 May 2021 09:20:02 GMT
content-length: 0

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B69 2 KB
546 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: tii.ai
URL: https://tii.ai/QDRz8F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 08:14:31 GMT
server: ESF
date: Tue, 04 May 2021 09:20:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 09:20:03 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ Frame 6B69 0
312 B 122ms
113ms Script
text/plain 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?pv=5&cbuster=1620120003982602538157&uniqId=0c9eb&niet=4g&nisd=false&iframe=1&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cxurl=https%3A%2F%2Ftii.ai%2FQDRz8F&lu=https%3A%2F%2Ftii.ai%2FQDRz8F&pageView=1&site=623742&pvid=17936ad658f8ffc59f7&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64a0a6a90864ee7d-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8467da20000ee7da1191000000001

GET
DATA 200
OK truncated
/ Frame 6B69 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ Frame 6B69 4 KB
1 KB 31ms
29ms Image
image/svg+xml 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:04 GMT
content-encoding: br
cf-cache-status: HIT
age: 1373
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YWK1YGX3F74XX1MZ
x-amz-id-2: bCGrd3yfN7QOZTiegeGiCByEb2F94lwZExFqYGdV4mT1E/ioLcKPulmDsSrsaUBgbm6kpS7RSsk=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-request-id: 09d8467da90000ee7da0be1000000001
cf-ray: 64a0a6a90884ee7d-CDG
expires: Tue, 04 May 2021 13:20:04 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 6B69 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://tii.ai
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 26967
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 04 May 2022 01:50:37 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/990810/ Frame 6B69 1007 B
877 B 130ms
117ms Script
application/x-javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/990810/1?pv=5&cbuster=1620120004080763786807&uniqId=0c9eb&niet=4g&nisd=false&w=300&h=250&cols=1&iframe=1&ref=https%3A%2F%2Ftii.ai%2FQDRz8F&cxurl=https%3A%2F%2Ftii.ai%2FQDRz8F&lu=https%3A%2F%2Ftii.ai%2FQDRz8F&pageView=1&pvid=17936ad65f1ab2e4c20&implVersion=11&dpr=1
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19c8ba1fc526caffaba753572d1f24058ca03653bbd2769807883ba22b27f45f

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64a0a6a9a9d5ee7d-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8467e090000ee7d94065000000001

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ Frame 6B69 113 B
223 B 173ms
166ms Script
application/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=1620120004254434213053
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c159c475ff1bc7fdab5a2dc04e736b6d48b3cda2a50b97179869fe8d39713e51

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:04 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: 42fc3220-e5f9-4d94-bd07-99ebb7418d52
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64a0a6aabbe7ee7d-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8467eb10000ee7d46a14000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame A76A 19 B
238 B 198ms
193ms Script
application/javascript 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1620120004260871601348
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:04 GMT
content-encoding: br
cf-cache-status: MISS
x-mg-request-uuid: 200eac10-b30a-4848-a98a-4fe77751b0ce
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64a0a6aabbeaee7d-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d8467eb20000ee7d7d92f000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzY0NmEwYTE2MGNjNTI5YzE1ZGM1YTE3YjZkYThhZDU4LnBuZw.webp
s-img.adskeeper.co.uk/g/8164850/492x277/0x316x716x477/ Frame 6B69 17 KB
18 KB 46ms
42ms Image
image/webp 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/8164850/492x277/0x316x716x477/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzY0NmEwYTE2MGNjNTI5YzE1ZGM1YTE3YjZkYThhZDU4LnBuZw.webp?v=1620120004-w3wtgNwhEXvG46U55pDSOUzBJAbuu9IHm8KN-4sd8UM
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40233b3a432a2bd741c1eebcbb7ec9173fe0f28b0ef47d4cab592234758687d4

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:04 GMT
cf-cache-status: HIT
x-mg-request-uuid: 048a732b-0892-45e9-872d-c10a9cf4c927
age: 965990
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17910
cf-request-id: 09d8467eb30000ee7d9717a000000001
last-modified: Mon, 08 Feb 2021 10:20:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 64a0a6aabbf2ee7d-CDG

GET
H2 200 /
cm.steepto.com/setmuidn/ Frame 6B69 0
313 B 527ms
259ms Image
image/gif 104.19.136.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.steepto.com/setmuidn/?muidf=l444dIG0N5k2
Requested by: Host: tii.ai
URL: https://tii.ai/QDRz8F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 64a0a6ad9d32cde3-CDG
content-length: 0
cf-request-id: 09d846807b0000cde37782f000000001

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FADE 52 KB
17 KB 361ms
289ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 05 May 2021 09:20:07 GMT
Date: Tue, 04 May 2021 09:20:05 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7D28 52 KB
17 KB 1919ms
1633ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tii.ai/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tii.ai/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 05 May 2021 09:20:07 GMT
Date: Tue, 04 May 2021 09:20:05 GMT
Connection: keep-alive

GET
H2 200 c
c.adskeeper.co.uk/ Frame 6B69 43 B
520 B 156ms
146ms Image
image/gif 104.19.133.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=294|247|12|Jqmb8I96yYs9-al0C3OxWIZTTUkqk2rQISn_3m2zhPdICc0erLGcL-1TG1vSXf2o&fw=1&extjs=66044&cid=990810&h2=osGc9IG8QbaWdv591HpRpcB5_07rwZ0vLxcYTalSpKk*&rid=e8ec406c-acb9-11eb-90c5-d094662c24f7&tt=Direct&iv=11&pageImp=1&cbuster=1620120005344599601408&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 09:20:05 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 386b2d81-59ec-47e9-9b0a-05107027a728
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 64a0a6b19abbee7d-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d84683010000ee7d7d98d000000001
server: cloudflare

GET
H2 200 n.css
cdn.run-syndicate.com/sdk/v1/ Frame 8A91 8 KB
8 KB 1013ms
1011ms Stylesheet
text/css 67.27.233.249
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.run-syndicate.com/sdk/v1/n.css
Requested by: Host: cdn.run-syndicate.com
URL: https://cdn.run-syndicate.com/sdk/v1/n.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.249 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:20:05 GMT
last-modified: Wed, 17 Feb 2021 15:07:12 GMT
server: nginx
age: 6544571
etag: "602d3120-2055"
content-type: text/css
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8277

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame FADE
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
819 B

267ms
267ms

Script
text/html

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:06 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.47:80
AN-X-Request-Uuid: f82b7e3c-4f74-42fb-8f66-9e07e4d895ba
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:05 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.180:80
AN-X-Request-Uuid: 67d0ea92-673c-44d2-9fc9-80645cff64d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame FADE
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

259ms
258ms

Script
text/html

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:06 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: f06dc2a4-958b-4a36-a282-820e95effda9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:06 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.112:80
AN-X-Request-Uuid: 5d329aca-843b-45fd-a51a-59f69c5314f1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7D28 0
747 B 26ms
26ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:07 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.79:80
AN-X-Request-Uuid: 808c6068-7e7a-400d-abf1-8cff746bf9bf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 7D28
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

32ms
32ms

Script
text/html

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:08 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid: b40b38cd-04bf-4af9-bf6e-4977a0afa30f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 09:20:08 GMT
X-Proxy-Origin: 89.40.183.19; 89.40.183.19; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.52:80
AN-X-Request-Uuid: 758089e3-d54d-427d-b076-678aaf3fa454
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 403 go Show response
tii.ai/links/ 70 B
511 B 280ms
280ms XHR
application/json 2606:4700:3035::6815:48c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tii.ai/links/go

Requested by

Host: tii.ai
URL: https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:48c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d217cfdc85d90d891855409ff443256eddcc3584ff345731ccb53a4f7936513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://tii.ai
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
content-length: 825
:path: /links/go
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: tii.ai
referer: https://tii.ai/QDRz8F
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tii.ai/QDRz8F
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d84691c7000097c058ba7000000001
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YaFPUFNbiZEcV2fAi1WbU6CNcQxZONP%2F7jpEvwLBQVAvkCRLj5ta2TrtkNhdo%2Bb9l5h8tvWRaY83tuv6s0DEBlaRx5rxt%2F2Nok3JyKNQxJaC7OQ%3D"}]}
content-type: application/json
x-xss-protection: 1; mode=block
x-turbo-charged-by: LiteSpeed
set-cookie: __cfduid=dbd71ddce51fe0e66e1a355a5699e9aa51620120009; expires=Thu, 03-Jun-21 09:20:09 GMT; path=/; domain=.tii.ai; HttpOnly; SameSite=Lax; Secure
cf-ray: 64a0a6c93bac97c0-FRA

GET
H2 200 o-W-AgeYPhg3ozy_h45pW770gqduZDv6GF5h9tOAntGw5KStSHsVqv2NOvrhvsBh08v3XF26kl6rO1DzE5o0Y4pKkvHGZdb7h08dUjrwuak_XFtcqRk9pDD3981xOSKw0OJN0shwanENsfPlPIhWWYbzhRFNg6vCTKidy-WNIcCYP91Hrbi9cMjPSnBQkXIVX_OSk...
dutorterraom.com/impression/ 43 B
326 B 140ms
36ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/o-W-AgeYPhg3ozy_h45pW770gqduZDv6GF5h9tOAntGw5KStSHsVqv2NOvrhvsBh08v3XF26kl6rO1DzE5o0Y4pKkvHGZdb7h08dUjrwuak_XFtcqRk9pDD3981xOSKw0OJN0shwanENsfPlPIhWWYbzhRFNg6vCTKidy-WNIcCYP91Hrbi9cMjPSnBQkXIVX_OSkX8Igrc-IqCpoGKeubGyjJ2RhgxK1taELGfVWCaeoNETDAZNSHKqqDuaxnk2naAQei-HQRDOIkAQKDweoQ_ISpuaX7HZpFjI0YVrsOY=?z=3487732&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Ftii.ai%2FQDRz8F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 1fc9cb4806a7de8b828aab4c29c90ddb
pragma: no-cache
date: Tue, 04 May 2021 09:20:11 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame D659 3 KB
4 KB 297ms
296ms Image
image/png 139.45.197.188
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3487732
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 09:20:11 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 204 3487732 Show response
inpagepush.com/500/ 0
437 B 30ms
30ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3487732?excludes=8093040&oaid=bfc2554fc857498e9aff096a5d6fda5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=https%3A%2F%2Ftii.ai%2FQDRz8F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3487732

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://tii.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f60aeffd41499afd9fee691412b20eca
pragma: no-cache
date: Tue, 04 May 2021 09:20:11 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://tii.ai
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3487732
inpagepush.com/500/ Frame 0
0 29ms
29ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://tii.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 04 May 2021 09:20:11 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://tii.ai
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: quantcount.com
URL: https://quantcount.com/log/error?msg=%5Bobject%20Object%5D

Verdicts & Comments Add Verdict or Comment

313 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zeotap.com/	1970-01-20 02:47:36	Name: zc Value: 43963858-5299-4978-5265-5056fc887370
			tii.ai/	1969-12-31 23:59:59	Name: ab Value: 2

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1) Message: Choice CMP v1 is deprecated, please upgrade to Choice CMP v2. https://help.quantcast.com/hc/en-us/articles/360057828994-Quantcast-Choice-Deprecates-TCF-v1-1-version-with-holistic-move-to-TCF-v2-0
console-api	log	URL: https://secure.quantserve.com/quant.js(Line 2) Message: ERROR Tue May 04 2021 11:20:01 GMT+0200 (Central European Summer Time) [object Object]
console-api	debug	URL: https://jsc.adskeeper.co.uk/a/d/adtrue.tii.ai.990810.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://tii.ai/cloud_theme/build/js/script.min.js?ver=6.4.0(Line 1) Message: An error occured: 403 error

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acdn.adnxs.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
api.rlcdn.com
as-sec.casalemedia.com
bedrapiona.com
bidder.criteo.com
c.adskeeper.co.uk
c.tmyzer.com
cdn-adtrue.com
cdn.adskeeper.co.uk
cdn.adtrue.com
cdn.run-syndicate.com
ced-ns.sascdn.com
cm.adskeeper.co.uk
cm.g.doubleclick.net
cm.steepto.com
d2zur9cc2gf1tx.cloudfront.net
d38itq6vdv6gr9.cloudfront.net
dejourned.club
dpm.demdex.net
dutorterraom.com
exchange.adtrue.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
iclickcdn.com
id5-sync.com
inpagepush.com
js-sec.indexww.com
jsc.adskeeper.co.uk
match.adsrvr.org
mwzeom.zeotap.com
my.rtmark.net
onetag-sys.com
onmarshtompor.com
p.cpx.to
pixel.mathtag.com
pixel.quantserve.com
pixel.tapad.com
quantcast.mgr.consensu.org
quantcount.com
rules.quantcount.com
s-img.adskeeper.co.uk
secure.quantserve.com
servicer.adskeeper.co.uk
spl.zeotap.com
static.cdnativepush.com
static.criteo.net
tag.leadplace.fr
tii.ai
voltskegscurate.com
ww1097.smartadserver.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
quantcount.com
104.19.133.80
104.19.136.80
139.45.195.8
139.45.197.14
139.45.197.188
139.45.197.234
139.45.197.237
139.45.197.243
142.250.185.130
145.239.192.166
145.239.193.145
151.139.241.23
172.255.6.44
178.250.0.165
184.30.20.207
185.33.221.87
185.86.137.114
2.18.232.130
2.18.234.21
2600:9000:206f:8400:1a:c7f7:5540:21
2600:9000:2104:4400:6:44e3:f8c0:93a1
2600:9000:2104:5400:9:46dc:4700:93a1
2606:4700:10::6816:1957
2606:4700:10::6816:3081
2606:4700:20::681a:d76
2606:4700:3035::6815:48c5
2606:4700:3038::6815:eb99
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a02:2638::1c
2a02:2638::3
3.11.29.5
34.120.133.55
34.250.26.236
35.227.248.159
51.195.5.232
51.38.120.206
54.144.3.29
54.148.164.15
54.230.182.143
54.246.113.218
54.38.64.100
63.33.120.132
63.34.247.151
67.27.233.249
68.232.35.16
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
04ef2a66c5c27947b81f0ab2e697d8c7d996e609b9904d976cc8cbcca3c04744
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
19c8ba1fc526caffaba753572d1f24058ca03653bbd2769807883ba22b27f45f
1b995fc827b99b0c5712febabda126812a7064d95c6471e9b785ee20e2fce044
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6
2449976e82c38da426678b2624493553c23090dbd6a8675dc4a4a4523739947d
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
28e2fdfed6b824ef4abde2a6f3f50f1df6b8cb0c116ac835536e8ec488de79d7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d217cfdc85d90d891855409ff443256eddcc3584ff345731ccb53a4f7936513
2f4cb2739da6fa4b7de380dfccad60e61d8af9e78d5974a431d11d821e496899
2fddb94a560bd9cca95278aec29d61100ee371b6155252a11c481d7d23c5c1bb
31019413fee993018ee66cb39c98ebf7b37365b9e7b439fdfccc33eaa81429b5
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
322d398795444f8ee9245045851d74653dd8488d6b1daf283ad0017b499f7103
32adcd20942cc95376c96c686e5f4c65dba39275545f6c9c7b63b72a374d9cc0
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
40233b3a432a2bd741c1eebcbb7ec9173fe0f28b0ef47d4cab592234758687d4
43bda1428a5263bac1077be4600446811177d2517529640d7cf560363d67a629
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4da6042117ced1e0591336b5c7c23572ee21ca47ed7d23fa3b981d74a0c3ba76
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53ff86225d8b1e89e7c29827027b3e447887cc899a6dc5f223dada22afde2157
5b007777e0db9cd8224fa110017117131a15db7eda2be78d8cb69def25a16586
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5b6c4d20965adeb53fff13a1252136dbe0651c2df340e455bd55abec4ae9c4c0
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be018cf63d68429cc6f5c49caa24448469db98e412beba3bc99ac033ced43da
744c9b05195dbc3a28690491f4bbad00c501ace7e2321f0b97036323e90cf6bc
7a4a069662c570e7efd5b110d3c501f7157a8ae03001f161f6c78df5d789bfec
7e176e51c1dff07522d527754e78745b4fe73db4b875ab85be5ec57e2e35346c
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
92b2d724912ac952ca1b0372040f125d7eff325090d3b80abbd3d738fdc8af7d
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9db3a6925193355978fb310276f029c78400c56b457cc9b54f8b069da1c89047
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4531878fe0d9d526fc780f1568e0a7d1210e296238512cfb5b855cb6a7f404d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa673d1b8b927accfd7a39f83d3bdc8dfb8744848767dabe4be8502ff3eb2d2d
b0f62a19b3816ea7dc2f9990b599ab78f203bb6006af805e5315d003e5fafc3b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b4259dbb0191c97a891b857a18b128a117310364e59726cff9eb639dcd22023b
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b565424f97756150afd0cb043870e580409df4b758a3a6fca74b88fb2c167bf3
b5ef92540f0ca9b3adf3cfe36182ea3106bf15b84ec424c9f101a25776cdf299
b780c05b9b8e1f7acff640ef794ca777ffa43e5d4354a84eebf3dd98975f8675
c159c475ff1bc7fdab5a2dc04e736b6d48b3cda2a50b97179869fe8d39713e51
c19c9186e84024b69f2b855f6c24fd9f44f68618dd00839a2da55e1dd614fb42
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0
c8bdba7b6fa2940d30a89e435ccd92191889337824169b55a97bd18dca6704ba
d1ab53a107d79e88010800c30b752b99ff2c4e0eeefd286bcf0dff66839efe0b
d3cf8800f2cacb846111308f024e3eb480b70cabd3f14b226236d5f3d0e20618
d78ddd24e9ff18479bf3593d93e42d8e37b1bb10336c09d10c1ea5eeb605f5c5
d8a382bb17386d2d82cc7bff0b08cbc40466c977c277e039adfa7de9b9511957
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3aeddbd5909efdbfd92d5c5ce9e0f7824df3ecee57ed3a63af3dfe454b54e3
f26e4ff4ee18bf6300053a746e3557f8c07827b96c787f9927463cd6ae13e339
f6c42dc669611333599d4f5c9e5609dea235c947aa10224244a85106b2050b87
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
fe4a0d15434de3c28f4331678f7a2213f607733655c9012465fe0a1a10b0c0ad

tii.ai Open in urlscan Pro 2606:4700:3035::6815:48c5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

117 Requests

99 %HTTPS

36 %IPv6

47 Domains

61 Subdomains

48 IPs

6 Countries

1909 kBTransfer

5662 kBSize

2 Cookies

15 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tii.ai Open in urlscan Pro
2606:4700:3035::6815:48c5 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

99 %
HTTPS

36 %
IPv6

47
Domains

61
Subdomains

48
IPs

6
Countries

1909 kB
Transfer

5662 kB
Size

2
Cookies

117 HTTP transactions
3 data transactions