retendehri.cf Open in urlscan Pro
2606:4700:30::681f:41dc Public Scan

URL:
http://retendehri.cf/
Submission: On May 08 via manual (May 8th 2019, 7:39:19 am UTC) from NO

Summary HTTP 128 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 30 domains to perform 128 HTTP transactions. The main IP is 2606:4700:30::681f:41dc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is retendehri.cf.

This is the only time retendehri.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:30:... 2606:4700:30::681f:41dc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2606:4700:30:... 2606:4700:30::681f:40dc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.38.39.9 23.38.39.9	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
8	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 10	2.16.187.67 2.16.187.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	23.92.74.18 23.92.74.18	54540 (INCERO-HVVC) (INCERO-HVVC - HIVELOCITY)
1	2600:9000:20b... 2600:9000:20bb:5e00:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2606:4700::68... 2606:4700::6810:cda5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
19	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	82.199.68.73 82.199.68.73	15830 (TELECITY-LON) (TELECITY-LON)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	104.111.234.76 104.111.234.76	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	35.240.50.85 35.240.50.85	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.50.5.144 52.50.5.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
15	2a02:26f0:6c0... 2a02:26f0:6c00:28d::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:10:... 2606:4700:10::6814:5e4d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	37.187.133.232 37.187.133.232	16276 (OVH) (OVH)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	104.111.250.158 104.111.250.158	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2606:4700:10:... 2606:4700:10::6814:5d4d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	88.221.165.178 88.221.165.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:292::2c92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:809::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
128	40

3 2606:4700:30::681f:41dc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

retendehri.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:30::681f:40dc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

retendehri.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.39.9 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-38-39-9.deploy.static.akamaitechnologies.com

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.187.67 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-187-67.deploy.static.akamaitechnologies.com

files.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland) 2 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.92.74.18 (Austin, United States)

ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US)
PTR: srvn1.nemohq.gr

www.vidads.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:5e00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:cda5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81f::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::3b8c (European Union)

ASN20940 (AKAMAI-ASN1, US)

widget.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 82.199.68.73 (Netherlands)

ASN15830 (TELECITY-LON, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.234.76 (Amsterdam, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-234-76.deploy.static.akamaitechnologies.com

logw312.ati-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.240.50.85 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 85.50.240.35.bc.googleusercontent.com

app.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.5.144 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-5-144.eu-west-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com

api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:6c00:28d::3b8c (European Union)

ASN20940 (AKAMAI-ASN1, US)

img9-api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:5e4d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.187.133.232 (France)

ASN16276 (OVH, FR)
PTR: oricon.phaistosnetworks.gr

bold.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.250.158 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-250-158.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:5d4d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

obj.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.165.178 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a88-221-165-178.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.80 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:292::2c92 (European Union)

ASN20940 (AKAMAI-ASN1, US)

cmp.teads.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.7 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

amp-error-reporting.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	107 KB
18	yallarec.com widget.yallarec.com api.yallarec.com img9-api.yallarec.com	230 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	881 KB
9	serving-sys.com bs.serving-sys.com secure-ds.serving-sys.com	93 KB
9	missbloom.gr 1 redirects files.missbloom.gr www.missbloom.gr	76 KB
8	retendehri.cf retendehri.cf	247 KB
6	teads.tv a.teads.tv t.teads.tv sync.teads.tv	183 KB
6	adman.gr static.adman.gr bold.adman.gr obj.adman.gr	106 KB
6	googletagservices.com www.googletagservices.com	151 KB
5	ampproject.org cdn.ampproject.org	231 KB
5	instagram.com 3 redirects platform.instagram.com www.instagram.com	5 KB
3	facebook.net connect.facebook.net	71 KB
3	onesignal.com cdn.onesignal.com onesignal.com	59 KB
2	appspot.com amp-error-reporting.appspot.com	130 B
2	scorecardresearch.com 1 redirects b.scorecardresearch.com	1 KB
2	facebook.com www.facebook.com	247 B
2	exitbee.com app.exitbee.com	10 KB
2	ati-host.net 1 redirects logw312.ati-host.net	791 B
2	agkn.com js.agkn.com d.agkn.com	4 KB
2	vidads.gr www.vidads.gr	76 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
1	consensu.org cmp.teads.mgr.consensu.org
1	criteo.com bidder.criteo.com	210 B
1	criteo.net static.criteo.net	25 KB
1	googleapis.com ajax.googleapis.com	29 KB
1	google.de adservice.google.de	176 B
1	google-analytics.com www.google-analytics.com	17 KB
1	capital.gr www.capital.gr	25 KB
1	aticdn.net tag.aticdn.net	20 KB
0	qds.ninja Failed t.qds.ninja Failed
128	30

	Domain	Requested by
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net retendehri.cf
15	img9-api.yallarec.com	retendehri.cf
8	retendehri.cf	retendehri.cf
7	files.missbloom.gr	retendehri.cf
6	www.googletagservices.com	retendehri.cf securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	bs.serving-sys.com	retendehri.cf securepubads.g.doubleclick.net secure-ds.serving-sys.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net retendehri.cf
5	pagead2.googlesyndication.com	retendehri.cf pagead2.googlesyndication.com
4	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com
3	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
3	bold.adman.gr	static.adman.gr bold.adman.gr
3	connect.facebook.net	retendehri.cf connect.facebook.net
3	www.instagram.com	1 redirects retendehri.cf www.instagram.com
2	amp-error-reporting.appspot.com	cdn.ampproject.org
2	t.teads.tv	retendehri.cf
2	b.scorecardresearch.com	1 redirects retendehri.cf
2	static.adman.gr	retendehri.cf static.adman.gr
2	www.facebook.com	retendehri.cf connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	app.exitbee.com	retendehri.cf app.exitbee.com
2	logw312.ati-host.net	1 redirects retendehri.cf
2	widget.yallarec.com	retendehri.cf widget.yallarec.com
2	www.missbloom.gr	1 redirects retendehri.cf
2	cdn.onesignal.com	retendehri.cf cdn.onesignal.com
2	www.vidads.gr	retendehri.cf www.vidads.gr
2	platform.instagram.com	2 redirects
2	cdnjs.cloudflare.com	retendehri.cf
1	sync.teads.tv	a.teads.tv
1	cmp.teads.mgr.consensu.org	a.teads.tv
1	obj.adman.gr	retendehri.cf
1	bidder.criteo.com	static.criteo.net
1	static.criteo.net	widget.yallarec.com
1	api.yallarec.com	widget.yallarec.com
1	onesignal.com	cdn.onesignal.com
1	ajax.googleapis.com	widget.yallarec.com
1	d.agkn.com	js.agkn.com
1	adservice.google.de	www.googletagservices.com
1	www.google-analytics.com	retendehri.cf
1	js.agkn.com	retendehri.cf
1	www.capital.gr	retendehri.cf
1	tag.aticdn.net	retendehri.cf
0	t.qds.ninja Failed	retendehri.cf
128	43

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.missbloom.gr
www.yupiii.gr
www.shape.gr
www.madamefigaro.gr
www.capital.gr
gr.askmen.com
atticamediagroup.gr

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
tag.aticdn.net GeoTrust RSA CA 2018	`2019-01-25` - `2020-03-25`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
capital.gr Let's Encrypt Authority X3	`2019-03-20` - `2019-06-18`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-04-12` - `2019-07-11`	3 months	crt.sh
ssl.nemohq.gr Let's Encrypt Authority X3	`2019-04-24` - `2019-07-23`	3 months	crt.sh
ssl473492.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-22` - `2019-07-31`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2018-03-08` - `2020-03-08`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
app.exitbee.com SSL.com DV CA	`2018-07-06` - `2019-07-07`	a year	crt.sh
misc-sni.google.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.adman.gr COMODO RSA Domain Validation Secure Server CA	`2018-10-15` - `2020-11-04`	2 years	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh
*.appspot.com Google Internet Authority G3	`2019-04-16` - `2019-07-09`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://retendehri.cf/
Frame ID: FDBA86B2DBD57DF459922F991443C855
Requests: 86 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpKyDZ2C2UjlQJyPV-mnVxW6g7D6Cff7fARCx_fQSOjyHbeJBe-u_NZzcpwMdpMxE4tFvKyySU-NU2CvGzLmlQ_DG0SUIXT5feKM7s8xx06VLbfvY0IGNloo2IeVl4L3yM_FLjL25pKHK5K4KmN0-8mAKbs3SwwJhtCKufu8KAuV-60-8P7UMrXIucV9rAG67-YZIKw6Qt2qRE5miK3VopIPAFbTTVdeB4aAy50e7lqljyK_RmY5AVaIdCVyy1Cbetyj18DuuURqulq9leD3wr&sai=AMfl-YT9clO3WZn4RH5YQd1VEY8Mbi3wQUEk6DXGAEA-d0PBonw2Q6umkmsnm5FpKT3xqR2j2HuXVrOQ_aRJrNK3_2JsQPjLyRpukWaNaN69IA&sig=Cg0ArKJSzOL0rZBX25eYEAE&urlfix=1&adurl=
Frame ID: 4E3D8502C7100B96AB6556D96D6F536F
Requests: 4 HTTP requests in this frame

Frame: https://bs.serving-sys.com/serving/adServer.bs?cn=display&c=19&mc=imp&pli=28128390&PluID=0&ord=1302843042&rtu=-1
Frame ID: D32B02C42623BFA1077896E936B77708
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fretendehri.cf&rp=%2F
Frame ID: BE737AC6E86A81BBC691A1B80E9EE9B5
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=286434458&gdpr=&gdpr_consent=&url=http%3A%2F%2Fretendehri.cf%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fretendehri.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: B347DC62D295392AD9F159ED747ADCDE
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/show_ads_impl.js
Frame ID: AA969E63227877AA5A2AF86171639D17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190501/r20190131/zrt_lookup.html
Frame ID: CA7A9BCB097F886A72D4717F766E9EEB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js
Frame ID: 5FD760007D1FFD5FFBB755FC6A29F3A9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fretendehri.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1557301125429&bpp=19&bdt=991&fdt=140&idt=139&shv=r20190501&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4243450282328&frm=20&pv=2&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&ga_fc=0&iag=0&icsg=2339728261155&dssz=59&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040080%2C21060853%2C368226501%2C618018085%2C21062175&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=7&ifi=11&uci=b.77cs1qr40bx&fsb=1&dtd=153
Frame ID: 29DBEF8E18C777835BA0DB3DE7D142BC
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js
Frame ID: 046BC79A62AC154560A2915BF35C4E6D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv62kshydugfcm0bzenwpFzY06zLrJxsOVgrs98jo-kelrI9zUrXaXZR_u6hIpvvlMNEOKFwTJE4g-0F3i6AiRaoSLcXjnSRwkiwPRoRzQ0iT78S__kDSg210zPQsOJMfFRt8IcEuBatHNK70f1urq0A3NzBTmgbzhiGHUI3kwMEdFJYUzaKmtFcljsLItKc7uPa8baw3BMLbx31ApC0W6pVGscvZbNyBHnju6etPN20MzCfxahFlVuXS-M-8nCPqiJCLW6GjKwQJw&sai=AMfl-YST7Fvt1_m8Ia3gNEDAhAUd3g7CGXVjpuZVILxqPrOtOtdPk1Kz6ufDI0YSAaWUaogOmenegrJFPeJ_V2TK-IX2gWD6eu9iDizeh5yr8Q&sig=Cg0ArKJSzLRdtT9OXk7aEAE&urlfix=1&adurl=
Frame ID: FEB1F897E4F58F09083E6ABFD3D29CBF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO9k8JLef6dcoSc1bNZ1PU0_D8b8oYPLr1m_s6EqSkw3Cw7qN95la5rZSchVMAQ72GpT5sOlDC5y-m8z1PJvAQzGMxyLtWv5e6o3KNJ73uu2CB_KXnsk4Vi1qEndgNtgqoNu5G4IN--ZFboG00EBrrfyNlPGF7ZOeUTcc8x2Ivun9pPGNv3lvi8cEqAZV-vaFtzwuz4bIvfZpGPuGL87pfczs02N5ntVSgFasuJvqu8QKWvP7MUw3wTfA0XbQtk0eRic0&sai=AMfl-YSRrmYycQ0H1UM5c28ZnVYFBdf3G3PLYqU-Z2nncGpYDowjFmPhUuP62j55uI5SHf3aPkOu64VTsuc6RdspW2zsYXuKTouhwcfBzIDV5kPQHXg0Cf2KnJRXa1U&sig=Cg0ArKJSzI2tW-TIH09zEAE&urlfix=1&adurl=
Frame ID: 67DBB52F62823202AC285611FA5B80D4
Requests: 10 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/BurstingRes/Site-138695/WSFolders/14196047//index.html?v=_2_104_1_0&n=1
Frame ID: 7FC81E5C22497FDE9DC4A087017A74F4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 38F0B9ED2D8FE4433A16C351DB42BC3C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskIl83Nf5Tftw3-kI334IPwbpC5HXphF9FLQoztQU0eLfYdEo91o1UnpGARgkgFpf9xkEbYmxZMOvOOzsQuJgGroZhV3E3FtlAJnWI6kWqmK0HesBky1DLHxxVjHzjW8OoDdOU3gCI3fl63TtCeDYf0agvhc5rRG4-8ETnb8EBasD6Lr1DiMSFOlSyGqeAs9mkUp8bGKSMTEla3zzqHFIwDFVqWYAPY_xmRwi557Au_0LFUS-mRdNdUMxCRydTjA&sai=AMfl-YTA86A2ldhiK3Ev2pDqS7QPrvpo-zzjLUap46sjGRYwPuNQFYrQt4upPkIPnPDzO-1ZbdR_AexMRuJXDDfnQtEIz6XI5Erms47-gREl5rtGpXxPRQtrCAzCW6iL&sig=Cg0ArKJSzFVgH3xmsqocEAE&urlfix=1&adurl=
Frame ID: C6E66851660EDAF2BEFCDA28F75D64B6
Requests: 4 HTTP requests in this frame

Frame: http://cmp.teads.mgr.consensu.org/index.html
Frame ID: 43230B412A39EB1F8A9FDEBAA73411D6
Requests: 1 HTTP requests in this frame

Frame: http://sync.teads.tv/iframe?pid=95778&userId=1a7bae36-83eb-4f18-b263-46972d342b98&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&1557301127093
Frame ID: 7952864FEC3FD9E47DFD8885680E6991
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i

AT Internet Analyzer (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^xtsite$/i
env /^ATInternet$/i

AT Internet XiTi (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^Xt_/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

128
Requests

61 %
HTTPS

60 %
IPv6

30
Domains

43
Subdomains

40
IPs

6
Countries

2655 kB
Transfer

6255 kB
Size

0
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MissBloom.gr
Title: γιατί μυρίζει το στόμα μου

Search URL Search Domain Scan URL

URL: https://twitter.com/missbloomgr
Title: τρια πεντε πηγαδια live cam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/missbloomgr/
Title: ποτε θα παντρευτουμε μανωλιο μου

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCotisottYVdSch2d0Vy-bxg
Title: γερμανικα β γυμν βιβλιο μαθητη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/stamatina-tsimtsili-themis-sofos-des-tin-teleia-tourta-gia-ta-genethlia-tis-6chronis-koris-tous-nagias/?.gr
Title: Σταματίνα Τσιμτσιλή - Θέμης Σοφός | Δες την τέλεια τούρτα

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/celebs-now/pos-itan-kai-pos-egine-oi-arketes-allages-tis-vasos-laskaraki-ta-teleftaia-chronia/?gallery-photo=3
Title: Βάσω Λασκαράκη: Πώς ήταν και πώς έγινε! Δες φωτογραφίες

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/gossip/c125900/Arhs_Sphliwtopoylos-Stis_Spetses_me_enty.html?fbclid=IwAR1KjUvYtDJGUY472c3QOQim8yQK9JJG6haPRaoM8w8L8NIBgUf2gqUYrX8
Title: Άρης Σπηλιωτόπουλος - Στις Σπέτσες με εντυπωσιακή συνοδό! Όλες οι φωτογραφίες

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/when-a-man-loves-a-woman-kapoies-atrantachtes-apodeikseis-pos-o-marantinis-latrevei-kai-tha-latrevei-ti-christidou
Title: When a man loves a woman | Κάποιες ατράνταχτες αποδείξεις πως ο Μαραντίνης λατρεύει (και θα...

Search URL Search Domain Scan URL

URL: https://www.shape.gr/diatrofi-adynatisma/sosti-diatrofi/simadia-oti-tros-polla-frouta
Title: 4 σημάδια ότι τρως πολλά φρούτα

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/to-ena-pio-teleio-apo-to-allo-des-fotografies-apo-to-palio-kai-to-neo-spiti-tis-amalias-kostopoulou-stin-ameriki/?.gr
Title: Αμαλία Κωστοπούλου | Δες το σπίτι της στην Αμερική

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/giorgos-tsalikis-dora-dimitropoulou-to-spiti-tous-pou-thymizei-anaktoro-kai-oi-fendi-kanapedes
Title: Γιώργος Τσαλίκης - Δώρα Δημητροπούλου | Το σπίτι τους που θυμίζει ανάκτορο και οι Fendi καναπέδες...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/dimitris-starovas-fotografizei-ti-mitera-tou-kai-tin-koukla-kori-tou
Title: Δημήτρης Σταρόβας | Φωτογραφίζει τη μητέρα του και την κόρη του!

Search URL Search Domain Scan URL

URL: https://www.madamefigaro.gr/moda/taseis/102421/kalesmeni-se-gamo-7-sumboules-gia-na-epilexeis-ti-tha-foreseis
Title: Είσαι καλεσμένη σε γάμο; Μάθε τις συμβουλές για να ξεχωρίσεις!

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/amalia-aleksandra-kostopoulou-oi-tryferes-anartiseis-gia-ton-gamo-tis-tzenis-mpalatsinou
Title: Αμαλία & Αλεξάνδρα Κωστοπούλου | Οι τρυφερές αναρτήσεις για τον γάμο της Τζένης Μπαλατσινού...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/charis-christopoulos-anita-brand-des-fotografies-apo-to-idiaitero-spiti-tou-zevgariou
Title: Χάρης Χριστόπουλος - Anita Brand | Δες φωτογραφίες από το σπίτι τους

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/?p=559933
Title: Ελένη Μενεγάκη | «Γιατί με πληγώνεις; Είναι και τα παιδιά μου σπίτι!»

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/eleni-menegaki-i-proti-fotografia-me-magio-gia-to-2019-me-aformi-tis-diakopes-tou-pascha/?.gr
Title: Ελένη Μενεγάκη | Η πρώτη φωτογραφία με μαγιό για το 2019

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/i-nona-eleni-menegaki-des-tin-koukla-26chroni-vaftisimia-tis-pics/?.gr
Title: Η νονά Ελένη Μενεγάκη | Δες την κούκλα 26χρονη βαφτισιμιά της (pics)

Search URL Search Domain Scan URL

URL: https://www.shape.gr/diatrofi-adynatisma/sosti-diatrofi/xeiroteres-trofes-prin-ton-ipno
Title: Οι 8 χειρότερες τροφές για να φας πριν τον ύπνο

Search URL Search Domain Scan URL

URL: http://www.capital.gr/
Title:

Search URL Search Domain Scan URL

URL: http://gr.askmen.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.madamefigaro.gr/
Title:

Search URL Search Domain Scan URL

URL: https://www.shape.gr/
Title:

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/
Title:

Search URL Search Domain Scan URL

URL: http://atticamediagroup.gr/pres/
Title: ανώτερος κινητικός νευρώνας

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://platform.instagram.com/en_US/embeds.js HTTP 301
https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

Request Chain 27

http://www.missbloom.gr/xtcore.js HTTP 301
https://www.missbloom.gr/xtcore.js

Request Chain 49

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref= HTTP 302
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref=&Rdt=On

Request Chain 125

http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=64789406&cs_ucfr=1 HTTP 302
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=64789406&cs_ucfr=1

128 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
retendehri.cf/ 49 KB
15 KB 164ms
157ms Document
text/html 2606:4700:30::681f:41dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:41dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

Host: retendehri.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dea8dff8603d01f3a76ff39d9c3345df01557301124; expires=Thu, 07-May-20 07:38:44 GMT; path=/; domain=.retendehri.cf; HttpOnly
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
CF-RAY: 4d39c69abcbb9784-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK 579d0.single.include.4e2fc8.css
retendehri.cf/wp-content/cache/minify/ 164 KB
39 KB 687ms
679ms Stylesheet
text/html 2606:4700:30::681f:40dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:40dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07715c23ab35c3a5f6a1678c436e1bf69dcc290deb2fa437968e9137bddbfa6f

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69bcfd7272a-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H/1.1 200
OK 579d0.default.include.3de91f.js Show response
retendehri.cf/wp-content/cache/minify/ 43 KB
12 KB 238ms
230ms Script
text/html 2606:4700:30::681f:40dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:40dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eaeea07e07812c65df097e49d14b63960fe06dc2ad4e9b5108d1c5fa4654ad

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69bcafb6371-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 15ms
13ms Stylesheet
text/css 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:44 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Mon, 27 Apr 2020 07:38:44 GMT
cache-control: public, max-age=30672000
cf-ray: 4d39c69bcd6d6359-FRA
served-in-seconds: 0.000

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 15ms
14ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:44 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 27 Apr 2020 07:38:44 GMT
cache-control: public, max-age=30672000
cf-ray: 4d39c69bcd6e6359-FRA
served-in-seconds: 0.001

GET
H/1.1 200
OK style.css
retendehri.cf/wp-content/themes/mb17s/css/ 107 KB
27 KB 218ms
211ms Stylesheet
text/html 2606:4700:30::681f:40dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:40dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 936204d1014ee5866288c333ed750601d7d169c9cd4c68cf9b64dd5f3da99708

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69bdde2c2ef-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H/1.1 200
OK smarttag.js Show response
tag.aticdn.net/ 68 KB
20 KB 72ms
15ms Script
application/javascript 23.38.39.9
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/smarttag.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.38.39.9 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-38-39-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 615988825a97e1b8d3e2d702258c83ad954c6a684bc54b2dd99aa216b67bc0df

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: om_zhK87rfwN44gAkMTtPMwhG17R_kID
Content-Encoding: gzip
Last-Modified: Wed, 20 Mar 2019 09:49:49 GMT
Server: AmazonS3
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=600
Date: Wed, 08 May 2019 07:38:44 GMT
Connection: keep-alive
Content-Length: 19833
X-Amz-Cf-Id: DkYjG4cE7E2XxlMJAhC1QY4X-u7Bx1yT-G4jvgrcssZRkAuItuuIAQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 31 KB
10 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0f32bc0f87405c0482b8f6cc0bbf0fb16fb83d9dc96e3b630d2d12020048be8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "159 / 411 of 1000 / last-modified: 1557254211"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10575
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:44 GMT

GET
H/1.1 200
OK main.js Show response
retendehri.cf/wp-content/themes/mb17s/js/ 127 KB
28 KB 220ms
213ms Script
text/html 2606:4700:30::681f:40dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:40dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4cc2c4badd23dbb7b6aa73b5f47a046a4650db1bcee968dbd442b9dd5ca34d6

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69bdfaac2db-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H/1.1 200
OK missbloom-logo-p.svg
retendehri.cf/wp-content/themes/mb17s/images/logo/ 47 KB
47 KB 293ms
280ms Image
text/html 2606:4700:30::681f:41dc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://retendehri.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:41dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69c2de6c286-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H2 200 Screenshot_1-6.jpg
files.missbloom.gr/2016/09/ 68 KB
68 KB 60ms
8ms Image
image/jpeg 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-187-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400
last-modified: Mon, 05 Sep 2016 10:31:56 GMT
server: nginx
etag: "57cd499c-10f17"
content-type: image/jpeg
status: 200
cache-control: max-age=8640000
date: Wed, 08 May 2019 07:38:44 GMT
accept-ranges: bytes
content-length: 69399
expires: Fri, 16 Aug 2019 07:38:44 GMT

GET
H2

200

47c7ec92d91e.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

http://platform.instagram.com/en_US/embeds.js
https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

15 KB
5 KB

9ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 06 May 2019 20:11:30 GMT
content-encoding: br
access-control-allow-origin: *
etag: "47c7ec92d91e"
vary: Accept-Encoding
content-type: text/javascript
status: 200
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-length: 4822

Redirect headers

status: 302
date: Wed, 08 May 2019 07:38:45 GMT
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type: text/html; charset=utf-8

GET
H2 404 4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 59ms
58ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 404 gb-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 57ms
57ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 va_content.vast.js Show response
www.vidads.gr/scripts/ 290 KB
76 KB 518ms
258ms Script
application/javascript 23.92.74.18
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/scripts/va_content.vast.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.92.74.18 Austin, United States, ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US),
Reverse DNS: srvn1.nemohq.gr
Software: nginx/1.12.2 /
Resource Hash: 34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2019 04:12:52 GMT
server: nginx/1.12.2
etag: "4863f-5864d84319900-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-route: http4a
accept-ranges: bytes
expires: Wed, 08 May 2019 08:38:45 GMT

GET
H2 404 64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/ 0
0 57ms
54ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 404 67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/ 0
0 75ms
72ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 404 25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/ 0
0 57ms
54ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 404 IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/ 0
0 59ms
56ms Image
text/html 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 preloadBar.gif
www.capital.gr/Content2017/images/ 25 KB
25 KB 40ms
7ms Image
image/gif 2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-187-67.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
last-modified: Mon, 01 Oct 2018 13:43:27 GMT
server: Microsoft-IIS/8.5
etag: "6ae124bb8c59d41:0"
content-type: image/gif
status: 200
cache-control: max-age=14854660
accept-ranges: bytes
content-length: 25323

GET
H/1.1 200
OK tag.js Show response
js.agkn.com/prod/v0/ 3 KB
4 KB 48ms
6ms Script
application/javascript 2600:9000:20bb:5e00:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://js.agkn.com/prod/v0/tag.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2600:9000:20bb:5e00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 00:45:04 GMT
Via: 1.1 e77255787d333d7481d3de3a89fb3ee2.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Dec 2018 22:35:38 GMT
Server: AmazonS3
Age: 105182
ETag: "a5442c681a576408c25edbf365995343"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3167
X-Amz-Cf-Id: L4FqukxMe5a0rh_4VEYeuwRWOGdhFPsBjWMHnyVRcyoflrIwJBapeg==

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 87 KB
33 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a567ddd4e738224cdf4e7ff28836b6bc543ba8e2fc2ea713bd3a5fe104e1a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 17476080328259079677
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 32932
X-XSS-Protection: 0
Expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 17 KB
6 KB 42ms
12ms Script
application/javascript 2606:4700::6810:cda5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
etag: W/"a5067802576549b3e0627521f03ee508"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 4d39c6a0ca9b9ab0-FRA
expires: Wed, 08 May 2019 19:38:45 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
retendehri.cf/wp-includes/js/ 79 KB
16 KB 212ms
210ms Script
text/html 2606:4700:30::681f:41dc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://retendehri.cf/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:41dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1e17d4724f7a63c190a0c96b1ddd6cb33d85e7cab5ddf14b930aea5872a19d

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:44 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c69c9f5e9784-FRA
Expires: Wed, 08 May 2019 11:38:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 376
date: Wed, 08 May 2019 07:32:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 08 May 2019 09:32:29 GMT

GET
H2 200 pubads_impl_2019043001.js Show response
securepubads.g.doubleclick.net/gpt/ 150 KB
55 KB 16ms
15ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 10:44:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 55804
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
176 B 16ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=retendehri.cf

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 108
x-xss-protection: 0

GET 482
t.qds.ninja/t/ 0
0

GET
H2

200

xtcore.js Show response
www.missbloom.gr/
Redirect Chain

http://www.missbloom.gr/xtcore.js
https://www.missbloom.gr/xtcore.js

19 KB
8 KB

9ms
8ms

Script
application/javascript

2.16.187.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.missbloom.gr/xtcore.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.187.67 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-187-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
last-modified: Thu, 26 Nov 2015 09:49:24 GMT
server: nginx
etag: W/"5656d5a4-4ae0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=23360389
date: Wed, 08 May 2019 07:38:45 GMT
content-length: 7522
expires: Sun, 02 Feb 2020 16:38:34 GMT

Redirect headers

Location: https://www.missbloom.gr/xtcore.js
Date: Wed, 08 May 2019 07:38:45 GMT
Cache-Control: max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 473 B
489 B 65ms
64ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125223&dlt=1557301124438&idt=751&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

73ab8fae0f7f3e4c6ebb7479083ed4213399e58dea7d2572bb02c8488c3c634f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 316
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019043001.js Show response
securepubads.g.doubleclick.net/gpt/ 71 KB
27 KB 15ms
15ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 10:44:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27457
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0 12ms
6ms Other
text/html 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
5 KB 45ms
44ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125240&dlt=1557301124438&idt=751&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8eeaf9486e02d957e757137bee112cb5d2109e8af7337e35cac85f36b9681dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4438
x-xss-protection: 0
google-lineitem-id: 5044623726
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138268457626
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
5 KB 215ms
215ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125244&dlt=1557301124438&idt=751&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

37db24f430572a0fa5d86ba668c536394d6a03570c6eac7c17b4b1a34bb27362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5157
x-xss-protection: 0
google-lineitem-id: 5046819781
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138268663909
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 478 B
482 B 228ms
228ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125253&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0ecd184b17438ec92e1000190114ba5a57b43f1fecb8a0c5d64898a10d18191b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 317
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
5 KB 395ms
395ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125256&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

041b67c0b17de57d464f655c7f9f7786097eb8bbe6da6f4903a90dc1c4c3a989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5150
x-xss-protection: 0
google-lineitem-id: 5058651350
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269776072
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 500ms
500ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125271&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c48a5ccfd51378913f00b6fddf80fe09a25f30c35c411c062856d79bc220417b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2413
x-xss-protection: 0
google-lineitem-id: 5054504610
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269203820
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _yalla_loader.js Show response
widget.yallarec.com/ 78 KB
20 KB 53ms
8ms Script
application/javascript 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/_yalla_loader.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 14a9665ed298bd096a757a0967708c9bb8991cd92ccd61aab3535b8cd370045c

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 May 2019 06:49:18 GMT
Server: nginx
ETag: W/"5cd27bee-137d0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 20121
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 688ms
687ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125304&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3120&adk=3543098062&uci=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ac356a74bf81ea9fffc8b8ad5083b55b7e97f35cfa8839ec71d9eef31489f1d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2318
x-xss-protection: 0
google-lineitem-id: 5045305164
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138268545778
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 481 B
603 B 894ms
893ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125311&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3370&adk=1034747580&uci=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

119272d8b7043768e7169146e655a9f960b969ac41ef9215eb98c0cb201ae25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 324
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 503 B
604 B 926ms
925ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy9&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125320&dlt=1557301124438&idt=751&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3620&adk=926066986&uci=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&blev=1&bisch=1&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b610bf4be57a26bf7effa8abb6ea03bc796b5e5e12a88c0dff3e164fede2aca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 326
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4E3D 0
255 B 29ms
29ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpKyDZ2C2UjlQJyPV-mnVxW6g7D6Cff7fARCx_fQSOjyHbeJBe-u_NZzcpwMdpMxE4tFvKyySU-NU2CvGzLmlQ_DG0SUIXT5feKM7s8xx06VLbfvY0IGNloo2IeVl4L3yM_FLjL25pKHK5K4KmN0-8mAKbs3SwwJhtCKufu8KAuV-60-8P7UMrXIucV9rAG67-YZIKw6Qt2qRE5miK3VopIPAFbTTVdeB4aAy50e7lqljyK_RmY5AVaIdCVyy1Cbetyj18DuuURqulq9leD3wr&sai=AMfl-YT9clO3WZn4RH5YQd1VEY8Mbi3wQUEk6DXGAEA-d0PBonw2Q6umkmsnm5FpKT3xqR2j2HuXVrOQ_aRJrNK3_2JsQPjLyRpukWaNaN69IA&sig=Cg0ArKJSzOL0rZBX25eYEAE&urlfix=1&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 May 2019 07:38:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H/1.1 200 Cookie set adServer.bs
bs.serving-sys.com/serving/ Frame D32B 0
0 122ms
21ms Document
image/gif 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/serving/adServer.bs?cn=display&c=19&mc=imp&pli=28128390&PluID=0&ord=1302843042&rtu=-1
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: bs.serving-sys.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://retendehri.cf/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: image/gif
Expires: Sun, 05-Jun-2005 22:00:00 GMT
Server: Microsoft-IIS/8.5
Set-Cookie: S_28128390=5690748103246928019; expires=Thu, 09-May-2019 19:38:00 GMT A6=03v7mbqNWW000LKQ000000000; expires=Tue, 06-Aug-2019 03:38:00 GMT; domain=.serving-sys.com; path=/ eyeblaster=; expires=Mon, 01-Jan-2000 00:00:00 GMT; domain=.serving-sys.com; path=/ u2=eb553958-8f5f-4ce3-a69e-af2d610f51b24pE080; expires=Tue, 06-Aug-2019 03:38:00 GMT; domain=.serving-sys.com; path=/
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
Date: Wed, 08 May 2019 07:38:45 GMT
Content-Length: 42

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E3D 75 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de7795af3ec08bbb5ce4d096859d1bf65b52e05c21d48c5cab09c2864d712ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1557141328265877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28651
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHvMaPOBABGAEyCCeLNdX8Aie9

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a5f0149099cabef49bda827fc6c2ce4db24464676e07891037a7a9da6404ff68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 May 2019 12:23:32 GMT
x-content-type-options: nosniff
server: cafe
age: 328513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3408
x-xss-protection: 0
expires: Sat, 11 May 2019 12:23:32 GMT

GET
H/1.1 200
OK osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 67ms
41ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e902701968783b117427d57f6276822d742e924ca903e5b6e7d77b861318d29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1557141328265877"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 28679
X-XSS-Protection: 0
Expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ 488 KB
489 KB 9ms
8ms Image
image/png 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCHvMbDMxABGAEyCOc25l_Ajxcd

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

46facabeb9c8bc33340eab53857b77a35928c36594f6347bea2622d638cceef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 May 2019 21:01:31 GMT
x-content-type-options: nosniff
server: cafe
age: 470234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-disposition: attachment; filename="image.png"
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 500174
x-xss-protection: 0
expires: Thu, 09 May 2019 21:01:31 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 325 B
482 B 1062ms
1061ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy10&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie=ID%3Ddbf617fbb70cbf1e%3AT%3D1557301125%3AS%3DALNI_MZLv7RUPuQEVzVgCrv8Qh2TE9NgBQ&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125371&dlt=1557301124438&idt=751&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=4873&adk=1019512580&uci=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=40&icsg=571222720&std=0&csl=77&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&blev=1&bisch=1&psts=CioI7rK75RLoAZr1xIuDBIACvZuPAYACl5yPAYAC5-zVKdECH9MC9u-RnGg&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

14b51a8bf7fe924f4cb58978f0cba77c85999ac497116d807da726176f889ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 205
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK missbloom-logo-p.svg
retendehri.cf/wp-content/themes/mb17s/images/logo/ 64 KB
64 KB 11ms
10ms Image
text/html 2606:4700:30::681f:40dc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://retendehri.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:40dc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c6a1acd0272a-FRA
Expires: Wed, 08 May 2019 11:38:45 GMT

GET
H/1.1

200
OK

hit.xiti
logw312.ati-host.net/
Redirect Chain

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref=
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref=&Rdt=On

43 B
290 B

8ms
7ms

Image
image/gif

104.111.234.76
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref=&Rdt=On
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 104.111.234.76 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-234-76.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Tue, 19 Oct 2004 10:41:07 GMT
Server: Microsoft-IIS/8.5
ETag: "ba362424c8b5c41:0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Location: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0738459208397&jv=0&re=1600x1200&vtag=4.5.7&hl=7x38x45&r=1600x1200x24x24&ref=&Rdt=On
Date: Wed, 08 May 2019 07:38:45 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
15 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15397
x-xss-protection: 0
pragma: public
x-fb-debug: K2ckmN2Z+4oMHPMd3K+p8jT8F8aluf9TH0q3Bi02b1Ard+fvcjMjGwZUZTAAfcBWG4n1OUIZAcEUIh8s6B0uqw==
date: Wed, 08 May 2019 07:38:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 1066ms
1064ms XHR
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1182106219382677&correlator=3607826235982327&output=json_html&callback=googletag.impl.pubads.callbackProxy11&impl=fif&adsid=NT&eid=21063235%2C21062414%2C53887177&vrg=2019043001&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992%2C8%3A32776&sc=0&sfv=1-0-33&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie=ID%3Ddbf617fbb70cbf1e%3AT%3D1557301125%3AS%3DALNI_MZLv7RUPuQEVzVgCrv8Qh2TE9NgBQ&cookie_enabled=1&bc=7&abxe=1&lmt=1549814525&dt=1557301125398&dlt=1557301124438&idt=751&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=5930&adk=343001862&uci=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fretendehri.cf%2F&dssz=49&icsg=9139563522&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x5922&msz=1x-1&blev=1&bisch=1&psts=CioI7rK75RLoAZr1xIuDBIACvZuPAYACl5yPAYAC5-zVKdECH9MC9u-RnGg&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&fws=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

bfa3530a94ab19a3eb9183f07a97e2db7a1102191a146d0e6de1abd10d685bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2035
x-xss-protection: 0
google-lineitem-id: 4513156319
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138219435056
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 exitbee.js Show response
app.exitbee.com/c/366/ 10 KB
1 KB 232ms
159ms Script
application/javascript 35.240.50.85
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.exitbee.com/c/366/exitbee.js

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.240.50.85 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

nginx/1.15.3 / PHP/7.2.13

Resource Hash

e9da35cd7bace27dd1882ac9a3cdaf1336f5c700597c50318c17a120ad291e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
server: nginx/1.15.3
x-powered-by: PHP/7.2.13
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: no-cache, private, s-maxage=10
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 1200

GET
H2 200 /
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame BE73 0
0 143ms
141ms Document
text/html 2a03:2880:f22d:e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fretendehri.cf&rp=%2F

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fretendehri.cf&rp=%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://retendehri.cf/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-accel-buffering: no
vary: Accept-Language, Cookie, Accept-Encoding
content-language: en
content-encoding: gzip
date: Wed, 08 May 2019 07:38:45 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-aed: 1

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame B347 0
0 83ms
31ms Document
text/html 52.50.5.144
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=286434458&gdpr=&gdpr_consent=&url=http%3A%2F%2Fretendehri.cf%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fretendehri.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 52.50.5.144 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-50-5-144.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://retendehri.cf/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Wed, 08 May 2019 07:38:45 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3Apr66t5RpDDnDbs2zqebvIjhgsiYw26Vz;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAkZUQFJGVEBQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 479
Connection: keep-alive

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 212 KB
52 KB 11ms
11ms Script
application/javascript 2606:4700::6810:cda5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
etag: W/"c855e8eb5fbdafddfa15bc848b662c44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=259200
cf-ray: 4d39c6a1ebd89ab0-FRA
expires: Sat, 11 May 2019 07:38:45 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/ 203 KB
76 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe28aadc739e3b43f6fefa8b71c4b50882336a414ba215bb3e250a8493db123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 8224566955418957642
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 77449
X-XSS-Protection: 0
Expires: Wed, 08 May 2019 07:38:45 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/ Frame AA96 203 KB
76 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8fe28aadc739e3b43f6fefa8b71c4b50882336a414ba215bb3e250a8493db123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 8224566955418957642
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 77449
X-XSS-Protection: 0
Expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190501/r20190131/ Frame CA7A 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190501/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190501/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://retendehri.cf/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmnji46aB7hrC0NPor205XA5DAt4lm1Tfkum8VgDgB4OyptKv-G1fGCbdwq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 02 May 2019 05:39:58 GMT
expires: Thu, 16 May 2019 05:39:58 GMT
content-type: text/html; charset=UTF-8
etag: 1357556803790654411
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6990
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 525527
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Mar 2019 20:44:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 5223260
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29671
X-XSS-Protection: 1; mode=block
Expires: Sat, 07 Mar 2020 20:44:25 GMT

GET
H2 200 1047335965285668 Show response
connect.facebook.net/signals/config/ 207 KB
55 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1047335965285668?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

99fe7527ada5bde08f5064266614fd01bc1a580121534ce6b3a3e1a0f2cf1b73

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 56216
x-xss-protection: 0
pragma: public
x-fb-debug: I2ptM7iglOdzAv6UareNg7OjcYnFPiQIHSuOv2AxLCpqZcVuTTzDGd2TTIpVEx818ctwgvHxO57NFybFHA75Ug==
date: Wed, 08 May 2019 07:38:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4E3D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f55949c294ba0bc9733e66f8bcdb3eb200140bf28afec6504bfd4d004e7f3489

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011905021827420/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905021827420/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

60fdaaa13a8028c6c7dc72dfe400f36726e68fe3c02e3de1a290c5ef1c99121a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 462570
status: 200
date: Thu, 02 May 2019 23:09:15 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 7333
x-xss-protection: 0
server: sffe
etag: "b64fbe1dcc9274fe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 01 May 2020 23:09:15 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011905021827420/ Frame 5FD7 278 KB
74 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

be82764cff895e81791445f2c92f0e347bbffb50609f67d90a838508faff27d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 138552
status: 200
date: Mon, 06 May 2019 17:09:33 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76077
x-xss-protection: 0
server: sffe
etag: "3ae84638ba84b067"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Tue, 05 May 2020 17:09:33 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011905021827420/v0/ Frame 5FD7 138 KB
38 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905021827420/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

55f2ae54ff41fc02644552f0813a64dc939998f5f1f9fd9dfb09bc7773c0cd10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 462918
status: 200
date: Thu, 02 May 2019 23:03:27 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38365
x-xss-protection: 0
server: sffe
etag: "0692c181943fac39"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 01 May 2020 23:03:27 GMT

GET
DATA 200
OK truncated
/ Frame 5FD7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9c1e0a38b9311b40622369a4e10de902b928a5007893c5c7917c5e7d6029658

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14230704597139873039
tpc.googlesyndication.com/simgad/ Frame 5FD7 37 KB
38 KB 10ms
7ms Image
image/gif 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14230704597139873039

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a54c8ccf2e97d4520532cdaa44695e9199604b12dd676cef1709e08728e11936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 25 Apr 2019 09:53:35 GMT
x-content-type-options: nosniff
age: 1115110
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38348
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 09:46:30 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Apr 2020 09:53:35 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FD7 0
130 B 30ms
29ms Image
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssabxLs_bLrt_rF2wj4_hccSsM3ExWUmb4rja3Dya6tKGSRCgrIwO1QFDF5XGXOFyqSB2tr31T9pxRPAy1zobLx7lf08b9r16QBxXHXvWBhiUKMWy2exXVr6-WojqdnDNuz8GftYxjOnbuiTQi9aFdJs2SjnVK8e3lqf0WjnqGrf6rShVvp4mPfk1LmoJKIsU1Q2u2tnwKnlGmaW78m9B0gqD5M9Frf17f0_GI-wvMQfh7Lud68QgHLWkzIfY4&sai=AMfl-YRiOxZG5sY2gfNT4rg3ziq4GqrInIHcJZhThXBDu9LMt6KFsSypl5qlLgI1v7T-dYOZJn3dqxiIl6KGY7CR7MoKvWEZ2dGeQWJ2R6iZ7Q&sig=Cg0ArKJSzCA7OlPol06yEAE&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/a0fa4e13-4582-43b8-b298-6d4cc7d6e9ed/ 3 KB
2 KB 28ms
17ms Script
text/javascript 2606:4700::6810:cda5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/a0fa4e13-4582-43b8-b298-6d4cc7d6e9ed/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=150703

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cda5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / Phusion Passenger 5.3.2

Resource Hash

2aee16817eb473a3c934220e8791abe3c7fd2dc7a0d47ded8801043b91c42df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-powered-by: Phusion Passenger 5.3.2
status: 200, 200 OK
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0a8ed8db-f3c7-4193-8375-fe5815643a52
x-runtime: 0.065766
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-polished: origSize=2869
cf-ray: 4d39c6a2dd049ab0-FRA
access-control-allow-headers: SDK-Version
expires: Wed, 08 May 2019 07:43:45 GMT

GET
H2 400 ads
googleads.g.doubleclick.net/pagead/ Frame 29DB 0
0 20ms
19ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fretendehri.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1557301125429&bpp=19&bdt=991&fdt=140&idt=139&shv=r20190501&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4243450282328&frm=20&pv=2&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&ga_fc=0&iag=0&icsg=2339728261155&dssz=59&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040080%2C21060853%2C368226501%2C618018085%2C21062175&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=7&ifi=11&uci=b.77cs1qr40bx&fsb=1&dtd=153

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190501/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fretendehri.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1557301125429&bpp=19&bdt=991&fdt=140&idt=139&shv=r20190501&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=4243450282328&frm=20&pv=2&ga_vid=102074218.1557301125&ga_sid=1557301125&ga_hid=437909081&ga_fc=0&iag=0&icsg=2339728261155&dssz=59&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040080%2C21060853%2C368226501%2C618018085%2C21062175&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=7&ifi=11&uci=b.77cs1qr40bx&fsb=1&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://retendehri.cf/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmnji46aB7hrC0NPor205XA5DAt4lm1Tfkum8VgDgB4OyptKv-G1fGCbdwq; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

status: 400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 May 2019 07:38:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H/1.1 200
OK getrecs.json Show response
api.yallarec.com/rec-api/ 23 KB
8 KB 95ms
60ms Script
application/javascript 95.142.20.17
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_82594175597823260&pubid=185585&webid=175457&wid=117200&recsnum=15&url=http%3A%2F%2Fretendehri.cf%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=290dbb97-76be-b64b-e7ce-442c8cb00f6b&rndid=82594175597823260
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-20-17.purepeak.com
Software: nginx /
Resource Hash: dc0a8b480bc38a870dda4baffbd89e157d87e8a20e25963f8c61f9daf9463efa

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Language: en-US
Cache-Control: no-cache, no-store, max-age=0
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
896 B 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: 9+0y9xAXrr9K2kWiJZZGuO7053mmD4StuTZYJKJpwuAMx8VdseK/YXv41D/k9u0qG1BbkM659BVlk/u8l4gvSA==
date: Wed, 08 May 2019 07:38:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 exitbee.js Show response
app.exitbee.com/assets/js/campaign-scripts/common/ 33 KB
9 KB 23ms
21ms Script
application/javascript 35.240.50.85
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.exitbee.com/assets/js/campaign-scripts/common/exitbee.js

Requested by

Host: app.exitbee.com
URL: https://app.exitbee.com/c/366/exitbee.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.240.50.85 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

nginx/1.15.3 /

Resource Hash

443929031cd05ba84b410c81427580e0f8b19468a2b92c8009fca236ecaabbff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-original-content-length: 52576
server: nginx/1.15.3
etag: W/"PSA-aj-qIJqU8yPHh-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=192
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 8870
expires: Wed, 08 May 2019 07:41:58 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=http%3A%2F%2Fretendehri.cf%2F&rl=&if=false&ts=1557301125660&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1557301125659.1564821588&it=1557301125460&coo=false&rqm=GET

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011905021827420/ Frame 046B 278 KB
74 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

be82764cff895e81791445f2c92f0e347bbffb50609f67d90a838508faff27d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 138552
status: 200
date: Mon, 06 May 2019 17:09:33 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76077
x-xss-protection: 0
server: sffe
etag: "3ae84638ba84b067"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Tue, 05 May 2020 17:09:33 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011905021827420/v0/ Frame 046B 138 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905021827420/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

55f2ae54ff41fc02644552f0813a64dc939998f5f1f9fd9dfb09bc7773c0cd10

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 462918
status: 200
date: Thu, 02 May 2019 23:03:27 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38365
x-xss-protection: 0
server: sffe
etag: "0692c181943fac39"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 01 May 2020 23:03:27 GMT

GET
DATA 200
OK truncated
/ Frame 046B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1baaa269c4f148b996410ead8f826257fb47692acd263d6cd5b125c57990fb0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9617619636590556414
tpc.googlesyndication.com/simgad/ Frame 046B 165 KB
166 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:81f::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9617619636590556414

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8de61d40005c1f430ec100e9cd81eb36875fc5a3d41e624189b86d3ea408bd06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 May 2019 11:41:25 GMT
x-content-type-options: nosniff
age: 71840
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 169394
x-xss-protection: 0
last-modified: Tue, 07 May 2019 11:34:08 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 May 2020 11:41:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 046B 0
58 B 32ms
31ms Image
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIEPzaHuo486Y5A9cPP6HYLZ2Pj9SKAzyBgZc7Na0bVeaPxCCjk-sWz8MR2ejxxfIFdRW9QVNh_ze7U45NwxEgeaA1xs7pVa-pFEOdWmqgCpDGnb91L4HIKzGepzyShi_9JymCm7T6vE-NEvdiGcPd8BgucNjjgiQ1aUC-Yx7bxoKvcVYRCCBBclVqrO3pdgLhECJUS0VuSezPpUKRPILISWzW8V0UHtJJmaiB0zlAjRKxOxg575BEF8mMMCIKNdLmyTc&sai=AMfl-YQjJl5ttxB2m0KGIPlGckYOfAFiOqOimAKgFPkDrGZtlJkuT9CeLQLoblTL6Q3jFCz7r2xTm5ZmbWRZ7ktM8EIPzkYCDh8kVQ5ZhzDX&sig=Cg0ArKJSzICkgqNdPrCDEAE&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 97 B
584 B 166ms
166ms XHR
text/xml 23.92.74.18
HIVELOCITY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fretendehri.cf%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.92.74.18 Austin, United States, ASN54540 (INCERO-HVVC - HIVELOCITY, Inc., US),

Reverse DNS

srvn1.nemohq.gr

Software

nginx/1.12.2 / PHP/5.6.39

Resource Hash

abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/
Origin: http://retendehri.cf

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PHP/5.6.39
status: 200
content-length: 101
pragma: no-cache
x-route: http4a
last-modified: Wed, 08 May 2019 07:38:45 GMT
server: nginx/1.12.2
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://retendehri.cf
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK yalla_crt_loader.js Show response
widget.yallarec.com/ 13 KB
3 KB 9ms
8ms Script
application/javascript 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/yalla_crt_loader.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 May 2019 06:49:18 GMT
Server: nginx
ETag: W/"5cd27bee-342f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 3239
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.sofos_5Fcopy_5F1_2_131649_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/ef/ea/2f/ 13 KB
13 KB 112ms
75ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/ef/ea/2f/files.missbloom.gr.sofos_5Fcopy_5F1_2_131649_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6033f14b3442c0f29fa3307980b175bad5e555f15c7378ed36b9af9d8541ca8

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Wed, 08 May 2019 07:17:06 GMT
Server: AmazonS3
x-amz-request-id: E03329EE8FAC5B95
ETag: "3c293549ff1a98d18ec43267a6692273"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13163
x-amz-id-2: AY6oetyUnqlqJ9Z/ZUCLOgriOSmt07vMVl35v6cS7YWgyWo1brigH/6spDqJBPmHlWE/WbnPvoY=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.def_2_155481_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/f6/78/e0/ 15 KB
15 KB 45ms
8ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/f6/78/e0/files.missbloom.gr.def_2_155481_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4f72b64093a8d78eed26a6730a74be6e1bbe34beb372985bba96d2dc5328f3b

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Sun, 05 May 2019 08:56:02 GMT
Server: AmazonS3
x-amz-request-id: 5F2D2D1221F62420
ETag: "b43c28a696ba6ad86adbcf1a44b5fd9f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15169
x-amz-id-2: V+OITN4xOR1KyA4MSGGE5W55s1FijHMJI4tTRx0FUUQW0XF7VG0AMfGdA7EJq9BK4rZ+8O8W5E4=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK yupiii.gr.e6db01acb1ef54902e7b724c69e7b7d9_2_192821_2.jpg
img9-api.yallarec.com/98/c6/website_175458/1b/16/37/ 12 KB
12 KB 47ms
10ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/98/c6/website_175458/1b/16/37/yupiii.gr.e6db01acb1ef54902e7b724c69e7b7d9_2_192821_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6cbde027bc0f598a1809d465c69ba78605c763912cbe2b571dd24098bf1539b3

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Tue, 07 May 2019 19:01:35 GMT
Server: AmazonS3
x-amz-request-id: 8470F88E431C5C21
ETag: "623be804288fdfb59f47cbb033dbe2aa"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12199
x-amz-id-2: 4mQupGFXpuKczAIRgW6xNO4s27qo1hhm9027tojtMNGxdj01ixmGRDm5bNrw7J142t+XdDBHHRs=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.marantinis_2Dxristidou2_2_101908_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/c5/bd/ca/ 14 KB
14 KB 46ms
9ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/c5/bd/ca/files.missbloom.gr.marantinis_2Dxristidou2_2_101908_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b57838b3b66b81e12acc5180bd130aac326577d29e814366d1a5f4935fd846a3

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Wed, 24 Apr 2019 09:33:03 GMT
Server: AmazonS3
x-amz-request-id: 2125A9F6E442033E
ETag: "1b88392b3c73adaab09ce0d12f999b26"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14140
x-amz-id-2: hn8q1JBfhMugRssRP/lHH0hl2008keAntqRv1A1rNJk1HlWXaxKKd/4byzvUHsE1t9Fmcdt6bGo=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK i2.wp.com.woman_2Dwith_2Dfruit_2Dsalad_2Dpicture_2Did1041446288_2Ejpg_3Ffit_3D700_252C700_26ssl_154325_2.jpg
img9-api.yallarec.com/dc/64/website_175460/99/77/05/ 10 KB
11 KB 45ms
8ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/99/77/05/i2.wp.com.woman_2Dwith_2Dfruit_2Dsalad_2Dpicture_2Did1041446288_2Ejpg_3Ffit_3D700_252C700_26ssl_154325_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba56015595a96bdc5338ddb5d9ffb09ef8441ec6ef718970848a92ef86a00494

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Sun, 05 May 2019 08:33:32 GMT
Server: AmazonS3
x-amz-request-id: 10D465BFD79AD6B2
ETag: "00db9ba7ee454bb9ae0999829d7b6f49"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10729
x-amz-id-2: m3chnnzhAbyg0wDWoqeRz0p77WuKl3yFshdfdahTtXlVxwtRGLaLxD9ZwuKsfS7Bbvi9mvZ0VOA=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.52964911_5F638209003283867_5F8270134654684061246_5Fn_2_157097_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/0d/2e/5f/ 11 KB
11 KB 43ms
6ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/0d/2e/5f/files.missbloom.gr.52964911_5F638209003283867_5F8270134654684061246_5Fn_2_157097_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f818cd47d07d6203bac0f05bbb5cca48ae471d19d390e702725514e4f8b2914a

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Mon, 15 Apr 2019 20:30:17 GMT
Server: AmazonS3
x-amz-request-id: A1CD9D186617C6CD
ETag: "fe8da477c5b2d5c6c5ccdc95a6e42c83"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10987
x-amz-id-2: U3UrEWwQcgmG/+UKcN11rZTG1NKHUZBZH8Vv8u0xNWqBlveOEyTRCRkpuDrJnlEaAa+V7H1kup8=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.Untitled_2D81_2_124710_2.png
img9-api.yallarec.com/e4/6d/website_175457/4a/d5/31/ 13 KB
14 KB 11ms
8ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/4a/d5/31/files.missbloom.gr.Untitled_2D81_2_124710_2.png
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58fbdc0560cb667209bf3bf5cc2b3abe718066d756dfedc5becffbd6649ed4af

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Thu, 25 Apr 2019 09:59:32 GMT
Server: AmazonS3
x-amz-request-id: 7D250D83638AC815
ETag: "03ccf0f8eb216b99926e817f52486f7d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13787
x-amz-id-2: FaF1za2yIYLdtm4/wQuA9aT6wR3XouK6uF9z9s1G2J5S8k1JoxpxPJDViI7FtF4u5ZdYeV8x6C8=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.Untitled_2D45_2_177759_2.png
img9-api.yallarec.com/e4/6d/website_175457/f3/21/db/ 11 KB
12 KB 8ms
6ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/f3/21/db/files.missbloom.gr.Untitled_2D45_2_177759_2.png
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26e7dff17eb14f4eee7f80699e08d135d1dfe2ba89eb2b224a2583688bccb47a

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Thu, 11 Apr 2019 07:40:45 GMT
Server: AmazonS3
x-amz-request-id: 11361EDDB02DDF73
ETag: "552bed2d2e3d9935acf551301b2b0a51"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11385
x-amz-id-2: hV2ZCcSXgHl120c0lxCBq1j6ybZ/Nx8QlTnQ/mBJo6GilXsfvtXHUzMcp4f0SEC4ro/63pHKcSc=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK madamefigaro.gr.e9a54a6e0bb84136bf18d54a12f0f703_2_135948_2.jpg
img9-api.yallarec.com/c3/28/website_175461/dd/8a/b5/ 17 KB
17 KB 25ms
23ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/c3/28/website_175461/dd/8a/b5/madamefigaro.gr.e9a54a6e0bb84136bf18d54a12f0f703_2_135948_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4a4449df7bf07f59cc3c1fbf6e2c3d88748bc2b048ce5b77fe2197c614cd060

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Fri, 26 Apr 2019 05:50:31 GMT
Server: AmazonS3
x-amz-request-id: 9C2739B80CE8E1C2
ETag: "4e17b8b6988387bf8ee76709c011c5d8"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17402
x-amz-id-2: EcaS7RC2beOgAJ17w6umcRmapfCbaKRtYOqzFaaXLHKFTZtVWn/+UkYv1LoVcn2UXSBogkc7+VM=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.icemax_5F700_5F3ee6510ed6a9f20108bdd0aedc11b0bb_2_137963_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/20/08/a4/ 18 KB
18 KB 34ms
32ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/20/08/a4/files.missbloom.gr.icemax_5F700_5F3ee6510ed6a9f20108bdd0aedc11b0bb_2_137963_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20798a9165534c95506a9cac1ca2c3a5b49d3234cd7efe2e108e6915b792cba

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Thu, 11 Apr 2019 07:41:33 GMT
Server: AmazonS3
x-amz-request-id: 51AA68193A41FACD
ETag: "b287270b636ff26ccb9b02c53ed4b306"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18291
x-amz-id-2: TMpn4q/DvtCJDU9w12o+2okA2LsbEvSZOZnMXUXs7kR/O/NKHTfQmC00EKA1+VUHy570C80rU/Y=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.dc0b76_5F_2_108558_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/d6/35/ab/ 12 KB
12 KB 13ms
11ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/d6/35/ab/files.missbloom.gr.dc0b76_5F_2_108558_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d86d2ed46da49fa4b46340750f7c33e9952a9ea617dc063e9ff345f268ed2b8c

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Thu, 11 Apr 2019 08:03:33 GMT
Server: AmazonS3
x-amz-request-id: 91630F36FE741587
ETag: "5845bfa3a44867ecf40450660fb4cc2a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12030
x-amz-id-2: FQWyoll3u9dPxqTK2fzSvYR2AaGa6jX+yJ6n8sGpw3DRNNQG6VbmZXG8DJYbhdzp22hUtSvBVoY=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.icemax_5F700_5F60060a79435dbaeb93b81776c11440d3_2_163981_2.png
img9-api.yallarec.com/e4/6d/website_175457/f5/31/91/ 15 KB
15 KB 18ms
17ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/f5/31/91/files.missbloom.gr.icemax_5F700_5F60060a79435dbaeb93b81776c11440d3_2_163981_2.png
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aabb4cf069fa843df4a2b854ee3b45d0ae2a132d02061453b4d85c7ba9970da8

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Tue, 23 Apr 2019 14:12:04 GMT
Server: AmazonS3
x-amz-request-id: 97C3E52CD05EEBF7
ETag: "13d0f1781194badd98bb9878dee9941d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15089
x-amz-id-2: OxMVXKpi7q71vnOsvopJO5I2xSmcBxjKY9dbxRDXQakh/ZQABAf5bdKgtx2JwS8F8sQa6lIAa7E=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.Untitled_2D76_2_159856_2.png
img9-api.yallarec.com/e4/6d/website_175457/83/1d/59/ 12 KB
12 KB 17ms
15ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/83/1d/59/files.missbloom.gr.Untitled_2D76_2_159856_2.png
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecc052791594b2b678cd75628827ef3923ec4e9aa8d51f8df5f0fa1416bbb912

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Wed, 24 Apr 2019 08:12:23 GMT
Server: AmazonS3
x-amz-request-id: 15EEF505EB4ABA3A
ETag: "618d44cec2e222e74c89f8b3f7eaee5c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12254
x-amz-id-2: oMAh3mKhjkPoeHVHBgu2wjoYiFz/GIspSy7URt2r5MPSCBDzgarxiY3C2y6prTPjQeSqfUew4pM=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.missbloom.gr.menegaki_2D768x431_2_141959_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/d1/ef/fb/ 9 KB
10 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/d1/ef/fb/files.missbloom.gr.menegaki_2D768x431_2_141959_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d20fb02d6a48438ab8516b57d8e410ff7679c35df37cd1b6bd245d78e6b31e8b

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Thu, 25 Apr 2019 13:28:45 GMT
Server: AmazonS3
x-amz-request-id: B4D96D718192CC0C
ETag: "e231f252c3442b1656acb36c1626b410"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9450
x-amz-id-2: 9fNnlD3C/ZJj2m2zpeKsZr4iSib5gk40a8GWy2xtBGaM5OM67yVVV1bG2fQmoJxi/SxZzJFCEDk=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H/1.1 200
OK files.shape.gr.take_2Da_2Drest_2Dpicture_2Did482882167_2_118689_2.jpg
img9-api.yallarec.com/dc/64/website_175460/ba/d0/bc/ 10 KB
10 KB 33ms
30ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/ba/d0/bc/files.shape.gr.take_2Da_2Drest_2Dpicture_2Did482882167_2_118689_2.jpg
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 521f3ebd8a54d46dd1368eec805eba1cd367689c20f45d119d1e9711e03a7b4e

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Last-Modified: Fri, 12 Apr 2019 07:37:40 GMT
Server: AmazonS3
x-amz-request-id: 1DD29A584EA27C89
ETag: "8a2d8500f915bbeb417c72b0e8c52420"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9857
x-amz-id-2: itg5Y7mm6taTLE6QSwaemGAl2WfMvZo2lOI626ni/E6Z7NqoPd/Wbl8omJjTR+gz0Qq01jrwBx0=
Expires: Wed, 15 May 2019 07:38:45 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame FEB1 0
58 B 30ms
30ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv62kshydugfcm0bzenwpFzY06zLrJxsOVgrs98jo-kelrI9zUrXaXZR_u6hIpvvlMNEOKFwTJE4g-0F3i6AiRaoSLcXjnSRwkiwPRoRzQ0iT78S__kDSg210zPQsOJMfFRt8IcEuBatHNK70f1urq0A3NzBTmgbzhiGHUI3kwMEdFJYUzaKmtFcljsLItKc7uPa8baw3BMLbx31ApC0W6pVGscvZbNyBHnju6etPN20MzCfxahFlVuXS-M-8nCPqiJCLW6GjKwQJw&sai=AMfl-YST7Fvt1_m8Ia3gNEDAhAUd3g7CGXVjpuZVILxqPrOtOtdPk1Kz6ufDI0YSAaWUaogOmenegrJFPeJ_V2TK-IX2gWD6eu9iDizeh5yr8Q&sig=Cg0ArKJSzLRdtT9OXk7aEAE&urlfix=1&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 May 2019 07:38:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adman.js Show response
static.adman.gr/ Frame FEB1 108 KB
34 KB 43ms
16ms Script
application/javascript 2606:4700:10::6814:5e4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adman.gr/adman.js
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5e4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1c58200e0a93b15cdfab894402a0a2ca0f4f6a6eee3abed89dafebef648fcb

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 07 May 2019 11:20:03 GMT
Server: cloudflare
ETag: W/"5cd169e3-1b0e9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c6a4a943c2d6-FRA
Expires: Wed, 08 May 2019 09:38:45 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEB1 75 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de7795af3ec08bbb5ce4d096859d1bf65b52e05c21d48c5cab09c2864d712ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1557141328265877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28651
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:45 GMT

GET
H/1.1 200
OK publishertag.js Show response
static.criteo.net/js/ld/ 83 KB
25 KB 71ms
31ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/yalla_crt_loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 13:26:35 GMT
Server: nginx
ETag: W/"5c811c0b-14ca7"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Timing-Allow-Origin: *
Expires: Thu, 09 May 2019 07:38:45 GMT

GET
H/1.1 200
OK adman.js Show response
static.adman.gr/ 108 KB
33 KB 20ms
20ms Script
application/javascript 2606:4700:10::6814:5e4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adman.gr/adman.js
Requested by: Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5e4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1c58200e0a93b15cdfab894402a0a2ca0f4f6a6eee3abed89dafebef648fcb

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 07 May 2019 11:20:03 GMT
Server: cloudflare
ETag: W/"5cd169e3-1b0e9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4d39c6a51a59c2d6-FRA
Expires: Wed, 08 May 2019 09:38:45 GMT

GET
H/1.1 200
OK / Show response
bold.adman.gr/gbanner/ Frame FEB1 176 B
617 B 50ms
18ms Script
application/x-javascript 37.187.133.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://bold.adman.gr/gbanner/?1557301125923|25854/300x250?28917:=1557301125923@300x250x24?/&cab=_&v=6

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Server

37.187.133.232 , France, ASN16276 (OVH, FR),

Reverse DNS

oricon.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

febcedd9105b97d554cc04ae11065c6c9de88139dc3967aa916cda74754cc5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ADMAN
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Content-Type: application/x-javascript; charset=iso-8859-7

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
210 B 48ms
18ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://bidder.criteo.com/cdb?ptv=65&profileId=184&cb=88671446861
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: HTTP/1.1
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: http://retendehri.cf
Date: Wed, 08 May 2019 07:38:45 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H/1.1 200
OK / Show response
bold.adman.gr/gbanner/ Frame FEB1 543 B
1 KB 100ms
18ms Script
application/x-javascript 37.187.133.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://bold.adman.gr/gbanner/?1557301125|25854/300x250?28917:=1557301125923@300x250x24?/&cab=_&v=6/testcookie1

Requested by

Host: bold.adman.gr
URL: http://bold.adman.gr/gbanner/?1557301125923|25854/300x250?28917:=1557301125923@300x250x24?/&cab=_&v=6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.187.133.232 , France, ASN16276 (OVH, FR),

Reverse DNS

oricon.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

f2090c05c07908085faddbb176ee7dffa6ba718597aa7ad136bfa67811e59455

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ADMAN
ETag: W/"hKlQjvKT3Zx"
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Content-Type: application/x-javascript; charset=iso-8859-7

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 67DB 0
58 B 31ms
30ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuO9k8JLef6dcoSc1bNZ1PU0_D8b8oYPLr1m_s6EqSkw3Cw7qN95la5rZSchVMAQ72GpT5sOlDC5y-m8z1PJvAQzGMxyLtWv5e6o3KNJ73uu2CB_KXnsk4Vi1qEndgNtgqoNu5G4IN--ZFboG00EBrrfyNlPGF7ZOeUTcc8x2Ivun9pPGNv3lvi8cEqAZV-vaFtzwuz4bIvfZpGPuGL87pfczs02N5ntVSgFasuJvqu8QKWvP7MUw3wTfA0XbQtk0eRic0&sai=AMfl-YSRrmYycQ0H1UM5c28ZnVYFBdf3G3PLYqU-Z2nncGpYDowjFmPhUuP62j55uI5SHf3aPkOu64VTsuc6RdspW2zsYXuKTouhwcfBzIDV5kPQHXg0Cf2KnJRXa1U&sig=Cg0ArKJSzI2tW-TIH09zEAE&urlfix=1&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 May 2019 07:38:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame 67DB 2 KB
2 KB 18ms
16ms Script
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=28128391&PluID=0&w=300&h=600&ord=[timestamp]&ucm=true
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 21d24f3fd8b1f68cf10c371de6e4fe7e33af4a5b2701afeee65b5cfcb1c0b72b

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Length: 1208
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67DB 75 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de7795af3ec08bbb5ce4d096859d1bf65b52e05c21d48c5cab09c2864d712ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1557141328265877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28651
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:46 GMT

GET
H2 200 ebPreServing.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame 67DB 37 KB
11 KB 72ms
8ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=28128391&PluID=0&w=300&h=600&ord=[timestamp]&ucm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 4206c58521d344fa1af14766418b184399244c449927cb59c4218f2ee7775c01

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: gzip
etag: "06691ccee3d41:0"
last-modified: Tue, 26 Mar 2019 12:19:08 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/2.5, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 10643
expires: Wed, 08 May 2019 07:38:46 GMT

GET
DATA 200
OK truncated
/ Frame 67DB 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a0b459cdecf9011648af2c1c7458255707761ad38afb76b84d757f3f961e34

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 300x250.gif
obj.adman.gr/bold/2019/mindshare/6629/ Frame FEB1 36 KB
37 KB 16ms
10ms Image
image/gif 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://obj.adman.gr/bold/2019/mindshare/6629/300x250.gif
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2706e9c107bf87b8bb9ba8ede7b93bb167be798613726ba497a59e89b1b68bb7

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:46 GMT
CF-Cache-Status: HIT
Last-Modified: Fri, 03 May 2019 07:32:39 GMT
Server: cloudflare
ETag: "5ccbee97-920e"
Vary: Accept-Encoding
Content-Type: image/gif
Expires: Wed, 08 May 2019 08:08:46 GMT
Cache-Control: public, max-age=1800
Cf-Polished: origSize=37390
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4d39c6a61ee597b4-FRA
Content-Length: 37204
Cf-Bgj: imgq:100

GET
DATA 200
OK truncated
/ Frame FEB1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bdbcab79840a3bbe64ed847b6de1acd446fcecf39d91a87c82bff38e7982b6a

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame 67DB 10 KB
5 KB 17ms
16ms Script
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?secCall=1&sessionid=2593566678940565152&usercookie=u2=eb553958-8f5f-4ce3-a69e-af2d610f51b2&cn=rsb&c=28&pli=28128391&PluID=0&w=300&h=600&ord=27086277068&ucm=true&rand=783324490679808&secCall=1&vurl=$$http%3A%2F%2Fretendehri.cf%2F$$&vurlem=2
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e307a5f168924295027bc0e0d0c2e9014e06dd1ad8e2c4bb804f094d63bcd967

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Length: 4301
Expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H/1.1 200
OK phaistos
bold.adman.gr/rm/39173/25854/1721242106/ Frame FEB1 43 B
418 B 49ms
18ms Other
image/gif 37.187.133.232
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://bold.adman.gr/rm/39173/25854/1721242106/phaistos?rnd=1557301126128

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Server

37.187.133.232 , France, ASN16276 (OVH, FR),

Reverse DNS

oricon.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: http://retendehri.cf
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43

GET
H2 200 ebHtml5Banner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ Frame 67DB 276 KB
74 KB 7ms
7ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ebHtml5Banner.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 9957dcb9ea0cc895ed0137d5abf9420d5982a1f7460e5e42b26f316dbf8e07c8

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: gzip
etag: "1c51dceecfe3d41:0"
last-modified: Tue, 26 Mar 2019 12:32:10 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/2.5, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 74870
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 DelayedImpression.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_55_0_0/ Frame 67DB 2 KB
1 KB 13ms
12ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_55_0_0/DelayedImpression.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0, ASP.NET
Resource Hash: aa67ef92b6b6e70da4be78ca05bf65a9a43e59f6bf80f412a4b1a74e8d3768c0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: gzip
etag: "a5131b91cf92d41:0"
last-modified: Thu, 13 Dec 2018 10:35:29 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/3.0, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 878
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 index.html
secure-ds.serving-sys.com/BurstingRes/Site-138695/WSFolders/14196047// Frame 7FC8 0
0 13ms
12ms Document
text/html 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingRes/Site-138695/WSFolders/14196047//index.html?v=_2_104_1_0&n=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ebHtml5Banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0 ASP.NET
Resource Hash

Request headers

:method: GET
:authority: secure-ds.serving-sys.com
:scheme: https
:path: /BurstingRes/Site-138695/WSFolders/14196047//index.html?v=_2_104_1_0&n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://retendehri.cf/
accept-encoding: gzip, deflate, br
cookie: A6=03v7mbqNWW000LKQ000000000; u2=eb553958-8f5f-4ce3-a69e-af2d610f51b24pE08g; D3=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

status: 200
content-type: text/html
content-encoding: gzip
last-modified: Tue, 23 Apr 2019 13:26:52 GMT
etag: "7987b136d8f9d41:0"
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0 ASP.NET
content-length: 1690
vary: Accept-Encoding
expires: Mon, 31 Dec 2035 00:00:00 GMT
date: Wed, 08 May 2019 07:38:46 GMT
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK adServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame 67DB 62 B
793 B 19ms
18ms XHR
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=display&code=10&PluID=0&EyeblasterID=58488263&Page=&WebPageSource=0&ForceDisplay=0&Resolution=32&sessionid=2593566678940565152&Optout=0&usercookie=u2=eb553958-8f5f-4ce3-a69e-af2d610f51b2&implog=$$eb553958-8f5f-4ce3-a69e-af2d610f51b2%7f%5bMM_LOGTIME%5d%7f0%7f58488263%7f%07DIR%3d12544%07DiOrigin%3d98304%07CKDATE%3d4pE%07MB%3d0%07TA%3d-1%07DG%3d11693674%07SDG%3d17773982%07SID%3d2593566678940565152%07DCID%3d4%07Privacy%3d9%07IsNewUser%3d%5bIS_NEW_USER%5d%07IsCrossDevice%3d0%7f0%7fretendehri.cf%7c%7cn%2fa%7c%7c%7f13%7f7%7fUserIP%3d100553284%07DBID%3d143718060%07UserAgent%3dMozilla%2f5.0%20(Macintosh%3b%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2f537.36%20(KHTML%2c%20like%20Gecko)%20Chrome%2f67.0.3396.87%20Safari%2f537.36%07ShouldAddUserAgent%3d1%07Referrer%3dhttp%3a%2f%2fretendehri.cf%2f%07VUrl%3dhttp%253A%252F%252Fretendehri.cf%252F%07VUrlEM%3d2%07SiteID%3d42578%07CampaingID%3d967825%07AdvertiserID%3d195508%07FlightID%3d28128391%07AgencyID%3d138695%07BrandID%3d352082%07MasterAdID%3d58487904%07Country%3d276%07State%3d10478%07City%3d1712%07DMA%3d276003%07ZIP%3d60313%07Latitude%3d50.1102%07Longitude%3d8.6822%7f%7f0$$&dg=11693674&sdg=17773982&ord=0.47141903063025015
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 94cd7c73cb373352a7bdfa7662c28df9806b13ad252274c148e681d4af62abeb

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:45 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: http://retendehri.cf
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Length: 86
Expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 38F0 0
0 7ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3608
pragma: no-cache
cache-control: no-cache
origin: http://retendehri.cf
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://retendehri.cf/
accept-encoding: gzip, deflate, br
cookie: fr=0J8aN0ypAH0d6yMEH..Bc0oeF...1.0.Bc0oeF.
Origin: http://retendehri.cf
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: http://retendehri.cf
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Wed, 08 May 2019 07:38:46 GMT

POST
H/1.1 200
OK adServer.bs
bs.serving-sys.com/BurstingPipe/ Frame 67DB 0
465 B 16ms
15ms Other
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=int&iv=2&int=58488263~~0~~17773982~~2593566678940565152^VsR~0~0~01020^AdStart~0~0~01020&usercookie=u2=eb553958-8f5f-4ce3-a69e-af2d610f51b2&rnd=0.6120906044092365&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_151_3_0/ebHtml5Banner.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: http://retendehri.cf
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Length: 0
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame C6E6 0
58 B 29ms
28ms Fetch
image/gif 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskIl83Nf5Tftw3-kI334IPwbpC5HXphF9FLQoztQU0eLfYdEo91o1UnpGARgkgFpf9xkEbYmxZMOvOOzsQuJgGroZhV3E3FtlAJnWI6kWqmK0HesBky1DLHxxVjHzjW8OoDdOU3gCI3fl63TtCeDYf0agvhc5rRG4-8ETnb8EBasD6Lr1DiMSFOlSyGqeAs9mkUp8bGKSMTEla3zzqHFIwDFVqWYAPY_xmRwi557Au_0LFUS-mRdNdUMxCRydTjA&sai=AMfl-YTA86A2ldhiK3Ev2pDqS7QPrvpo-zzjLUap46sjGRYwPuNQFYrQt4upPkIPnPDzO-1ZbdR_AexMRuJXDDfnQtEIz6XI5Erms47-gREl5rtGpXxPRQtrCAzCW6iL&sig=Cg0ArKJSzFVgH3xmsqocEAE&urlfix=1&adurl=

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 May 2019 07:38:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK tag Show response
a.teads.tv/page/77691/ Frame C6E6 679 B
902 B 115ms
83ms Script
application/javascript 88.221.165.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/page/77691/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js
Protocol: HTTP/1.1
Server: 88.221.165.178 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-165-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 433
Expires: Wed, 08 May 2019 08:38:46 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6E6 75 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de7795af3ec08bbb5ce4d096859d1bf65b52e05c21d48c5cab09c2864d712ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1557141328265877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28651
x-xss-protection: 0
expires: Wed, 08 May 2019 07:38:46 GMT

GET
DATA 200
OK truncated
/ Frame C6E6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ee84de0116cf7633f239b0a3daa8cb156c4de8d5495745c4a2c7f38d2dfd798

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK teads-format.min.js Show response
a.teads.tv/media/format/v3/ 693 KB
181 KB 16ms
15ms Script
text/javascript 88.221.165.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/page/77691/tag
Protocol: HTTP/1.1
Server: 88.221.165.178 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-165-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46a8ed6ed60ac399e32ff4fbef1194d7de8d10447f762a0ca5b3ed8ce726fbfd

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 08 May 2019 07:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 12:44:45 GMT
x-amz-request-id: E357CD43CF1DBC9F
ETag: "c04e19a8312c953fd8298d59c9f7ae00"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: private, must-revalidate, max-age=600
X-BUCKET: 6
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185069
x-amz-id-2: IOWTpjQOaJsmFueqeMvL0XDDqjUl/bkVWCEXxCpCzMy1JNg3EQgjctt67MLd1Pbc8qU8jTG2V9M=
Expires: Wed, 08 May 2019 07:48:46 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4E3D 42 B
111 B 26ms
25ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdBiFPFsR5GQkTgOihvE-MAGbzWB4O-GRFWZ4YrDUf-Ts9UqFVVMRx-iR2eSmLKzzgjh7g6c2QMxnNhFK2NJkB9DfbxNI99_C5NNOoRs4&sig=Cg0ArKJSzPQbaMKp3P-yEAE&adk=1273862343&tt=-1&bs=1600%2C1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&p=487,8,488,9&mkm=1&mcvt=1011&rs=3&ht=0&tfs=136&tls=1147&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1557301125360&rpt=161&isd=0&msd=0&lm=2&mce=1&oseid=3&xdi=0&ps=1600%2C8393&ss=1600%2C1200&pt=-1&deb=1-1-5-10-11-17-44-10&tvt=1135&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190506

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 May 2019 07:38:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

p2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_...
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st...

43 B
309 B

8ms
7ms

Image
image/gif

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=64789406&cs_ucfr=1
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 2.16.186.80 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1557301126720&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=64789406&cs_ucfr=1
Pragma: no-cache
Date: Wed, 08 May 2019 07:38:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
252 B 59ms
32ms Image
image/gif 88.221.165.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://t.teads.tv/track?action=placementCall&ts=1557301126718&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&fv=2.21.83
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 88.221.165.178 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-165-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 23
Expires: Wed, 08 May 2019 07:38:46 GMT

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
252 B 67ms
39ms Image
image/gif 88.221.165.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://t.teads.tv/track?action=slotAvailable&ts=1557301126718&pageId=77691&pid=95778&gid=[insertionId]&env=js-web&pfid=[pfid]&f=1&slot=native&fv=2.21.83
Requested by: Host: retendehri.cf
URL: http://retendehri.cf/
Protocol: HTTP/1.1
Server: 88.221.165.178 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a88-221-165-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 23
Expires: Wed, 08 May 2019 07:38:46 GMT

GET
H/1.1 200
OK index.html
cmp.teads.mgr.consensu.org/ Frame 4323 0
0 56ms
6ms Document
text/html 2a02:26f0:6c00:292::2c92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cmp.teads.mgr.consensu.org/index.html
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:292::2c92 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cmp.teads.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://retendehri.cf/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

x-amz-id-2: juzNirOC+xzA3NGSn1wzWEM9N2bdwXxleoVHW7avm3TtjagOFasm6z+DqP18FXYozufTFP+//OQ=
x-amz-request-id: 34AD9352E448FBF7
Last-Modified: Fri, 14 Sep 2018 07:42:32 GMT
ETag: "e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 354
Cache-Control: max-age=300
Expires: Wed, 08 May 2019 07:43:46 GMT
Date: Wed, 08 May 2019 07:38:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ad Show response
a.teads.tv/page/77691/ 86 B
473 B 287ms
245ms XHR
application/json 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/page/77691/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=http%3A%2F%2Fretendehri.cf%2F&page=%7B%22id%22%3A77691%2C%22placements%22%3A%5B%7B%22id%22%3A95778%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1584%2C%22height%22%3A891%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22reason%22%3A220%7D%7D&userId=1a7bae36-83eb-4f18-b263-46972d342b98&formatVersion=2.21.83&env=js-web&netBw=9.5&ttfb=157
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2140372ece2cfab238453f838c69a30459f8f61958e106ae01b88e770f6e51f8

Request headers

Accept: application/json; charset=UTF-8
Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 May 2019 07:38:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://retendehri.cf
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 99
Expires: Wed, 08 May 2019 07:38:47 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FD7 42 B
111 B 26ms
25ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstbaacmMsHs7TQMiWcxkOiFSs3IfjhVAYVA3jVW9RszwFh8aFv5xdQa-165jAZ16E4muYn-o92Qi9QXNyjNyfX3VdUwg0WS8fi7TcEeSxE&sig=Cg0ArKJSzAM78RGujGalEAE&id=ampim&o=8,471&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=136&tls=1136&g=100&h=100&pt=373&tt=1136&rpt=373&rst=1557301125479&r=v&adk=248121373&avms=ampa

Requested by

Host: retendehri.cf
URL: http://retendehri.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://retendehri.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 May 2019 07:38:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 5FD7 2 B
65 B 120ms
119ms XHR
text/plain 2a00:1450:4001:809::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 May 2019 07:38:46 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2

GET
H/1.1 200
OK Cookie set iframe
sync.teads.tv/ Frame 7952 0
0 71ms
44ms Document
text/html 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://sync.teads.tv/iframe?pid=95778&userId=1a7bae36-83eb-4f18-b263-46972d342b98&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&1557301127093
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2.18.232.7 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

Host: sync.teads.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://retendehri.cf/
Accept-Encoding: gzip, deflate
Cookie: tt_viewer=6e4fd525-4dda-4a64-8317-1559a8cd6246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://retendehri.cf/

Response headers

Content-Type: text/html; charset=UTF-8
Server: akka-http/10.1.5
Content-Length: 1368
Expires: Wed, 08 May 2019 07:38:47 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 May 2019 07:38:47 GMT
Connection: keep-alive
Set-Cookie: tt_exelate=; Expires=Thu, 09 May 2019 07:38:47 GMT; Domain=.teads.tv tt_bluekai=; Expires=Thu, 09 May 2019 07:38:47 GMT; Domain=.teads.tv tt_emetriq=; Expires=Thu, 09 May 2019 07:38:47 GMT; Domain=.teads.tv tt_liveramp=; Expires=Thu, 09 May 2019 07:38:47 GMT; Domain=.teads.tv tt_neustar=; Expires=Thu, 09 May 2019 07:38:47 GMT; Domain=.teads.tv

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 046B 2 B
65 B 125ms
124ms XHR
text/plain 2a00:1450:4001:809::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://retendehri.cf/
Origin: http://retendehri.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 08 May 2019 07:38:47 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.qds.ninja
URL: https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

213 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 42) Message: rgba(255,255,255, 0.5)
console-api	log	(Line 111) Message: image
console-api	log	(Line 112) Message: 1
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds
console-api	info	URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js(Line 588) Message: Powered by AMP ⚡ HTML – Version 1905021827420
console-api	error	URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js(Line 171) Message: localStorage not supported.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js(Line 588) Message: Powered by AMP ⚡ HTML – Version 1905021827420
console-api	error	URL: https://cdn.ampproject.org/rtv/011905021827420/amp4ads-v0.js(Line 171) Message: localStorage not supported.
console-api	log	URL: http://static.adman.gr/adman.js(Line 1) Message: Deploying adman.js to parent frame.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://retendehri.cf/(Line 78) Message: [object Object]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019043001.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
adservice.google.de
ajax.googleapis.com
amp-error-reporting.appspot.com
api.yallarec.com
app.exitbee.com
b.scorecardresearch.com
bidder.criteo.com
bold.adman.gr
bs.serving-sys.com
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
cmp.teads.mgr.consensu.org
connect.facebook.net
d.agkn.com
files.missbloom.gr
googleads.g.doubleclick.net
img9-api.yallarec.com
js.agkn.com
logw312.ati-host.net
obj.adman.gr
onesignal.com
pagead2.googlesyndication.com
platform.instagram.com
retendehri.cf
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
static.adman.gr
static.criteo.net
sync.teads.tv
t.qds.ninja
t.teads.tv
tag.aticdn.net
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
t.qds.ninja
104.111.234.76
104.111.250.158
178.250.0.130
178.250.0.165
2.16.186.80
2.16.187.67
2.18.232.7
216.58.210.2
23.38.39.9
23.92.74.18
2600:9000:20bb:5e00:15:efbc:e300:93a1
2606:4700:10::6814:5d4d
2606:4700:10::6814:5e4d
2606:4700:30::681f:40dc
2606:4700:30::681f:41dc
2606:4700::6810:cda5
2606:4700::6813:c397
2a00:1450:4001:809::2014
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a02:26f0:6c00:287::3b8c
2a02:26f0:6c00:28d::3b8c
2a02:26f0:6c00:292::2c92
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
35.240.50.85
37.187.133.232
52.50.5.144
82.199.68.73
88.221.165.178
95.142.20.17
02eaeea07e07812c65df097e49d14b63960fe06dc2ad4e9b5108d1c5fa4654ad
041b67c0b17de57d464f655c7f9f7786097eb8bbe6da6f4903a90dc1c4c3a989
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
07715c23ab35c3a5f6a1678c436e1bf69dcc290deb2fa437968e9137bddbfa6f
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
0ecd184b17438ec92e1000190114ba5a57b43f1fecb8a0c5d64898a10d18191b
0f32bc0f87405c0482b8f6cc0bbf0fb16fb83d9dc96e3b630d2d12020048be8f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119272d8b7043768e7169146e655a9f960b969ac41ef9215eb98c0cb201ae25c
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
12a0b01fda65dafdfecf773d1e3882c97a31562463aef37b93ece475f3412033
14a9665ed298bd096a757a0967708c9bb8991cd92ccd61aab3535b8cd370045c
14b51a8bf7fe924f4cb58978f0cba77c85999ac497116d807da726176f889ca2
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
1ee84de0116cf7633f239b0a3daa8cb156c4de8d5495745c4a2c7f38d2dfd798
2140372ece2cfab238453f838c69a30459f8f61958e106ae01b88e770f6e51f8
21d24f3fd8b1f68cf10c371de6e4fe7e33af4a5b2701afeee65b5cfcb1c0b72b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26e7dff17eb14f4eee7f80699e08d135d1dfe2ba89eb2b224a2583688bccb47a
2706e9c107bf87b8bb9ba8ede7b93bb167be798613726ba497a59e89b1b68bb7
2aee16817eb473a3c934220e8791abe3c7fd2dc7a0d47ded8801043b91c42df9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e
37db24f430572a0fa5d86ba668c536394d6a03570c6eac7c17b4b1a34bb27362
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4
4206c58521d344fa1af14766418b184399244c449927cb59c4218f2ee7775c01
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
443929031cd05ba84b410c81427580e0f8b19468a2b92c8009fca236ecaabbff
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
46a8ed6ed60ac399e32ff4fbef1194d7de8d10447f762a0ca5b3ed8ce726fbfd
46facabeb9c8bc33340eab53857b77a35928c36594f6347bea2622d638cceef8
521f3ebd8a54d46dd1368eec805eba1cd367689c20f45d119d1e9711e03a7b4e
55f2ae54ff41fc02644552f0813a64dc939998f5f1f9fd9dfb09bc7773c0cd10
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58a0b459cdecf9011648af2c1c7458255707761ad38afb76b84d757f3f961e34
58fbdc0560cb667209bf3bf5cc2b3abe718066d756dfedc5becffbd6649ed4af
60fdaaa13a8028c6c7dc72dfe400f36726e68fe3c02e3de1a290c5ef1c99121a
615988825a97e1b8d3e2d702258c83ad954c6a684bc54b2dd99aa216b67bc0df
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
6bdbcab79840a3bbe64ed847b6de1acd446fcecf39d91a87c82bff38e7982b6a
6cbde027bc0f598a1809d465c69ba78605c763912cbe2b571dd24098bf1539b3
73ab8fae0f7f3e4c6ebb7479083ed4213399e58dea7d2572bb02c8488c3c634f
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8de61d40005c1f430ec100e9cd81eb36875fc5a3d41e624189b86d3ea408bd06
8eeaf9486e02d957e757137bee112cb5d2109e8af7337e35cac85f36b9681dca
8f1c58200e0a93b15cdfab894402a0a2ca0f4f6a6eee3abed89dafebef648fcb
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
8fe28aadc739e3b43f6fefa8b71c4b50882336a414ba215bb3e250a8493db123
936204d1014ee5866288c333ed750601d7d169c9cd4c68cf9b64dd5f3da99708
94cd7c73cb373352a7bdfa7662c28df9806b13ad252274c148e681d4af62abeb
9957dcb9ea0cc895ed0137d5abf9420d5982a1f7460e5e42b26f316dbf8e07c8
99fe7527ada5bde08f5064266614fd01bc1a580121534ce6b3a3e1a0f2cf1b73
9e1e17d4724f7a63c190a0c96b1ddd6cb33d85e7cab5ddf14b930aea5872a19d
a54c8ccf2e97d4520532cdaa44695e9199604b12dd676cef1709e08728e11936
a5f0149099cabef49bda827fc6c2ce4db24464676e07891037a7a9da6404ff68
a9c1e0a38b9311b40622369a4e10de902b928a5007893c5c7917c5e7d6029658
aa67ef92b6b6e70da4be78ca05bf65a9a43e59f6bf80f412a4b1a74e8d3768c0
aabb4cf069fa843df4a2b854ee3b45d0ae2a132d02061453b4d85c7ba9970da8
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
ac356a74bf81ea9fffc8b8ad5083b55b7e97f35cfa8839ec71d9eef31489f1d1
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9
b57838b3b66b81e12acc5180bd130aac326577d29e814366d1a5f4935fd846a3
b610bf4be57a26bf7effa8abb6ea03bc796b5e5e12a88c0dff3e164fede2aca9
ba56015595a96bdc5338ddb5d9ffb09ef8441ec6ef718970848a92ef86a00494
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
be82764cff895e81791445f2c92f0e347bbffb50609f67d90a838508faff27d0
bfa3530a94ab19a3eb9183f07a97e2db7a1102191a146d0e6de1abd10d685bc1
c48a5ccfd51378913f00b6fddf80fe09a25f30c35c411c062856d79bc220417b
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
d1baaa269c4f148b996410ead8f826257fb47692acd263d6cd5b125c57990fb0
d20fb02d6a48438ab8516b57d8e410ff7679c35df37cd1b6bd245d78e6b31e8b
d86d2ed46da49fa4b46340750f7c33e9952a9ea617dc063e9ff345f268ed2b8c
dc0a8b480bc38a870dda4baffbd89e157d87e8a20e25963f8c61f9daf9463efa
de7795af3ec08bbb5ce4d096859d1bf65b52e05c21d48c5cab09c2864d712ba9
e307a5f168924295027bc0e0d0c2e9014e06dd1ad8e2c4bb804f094d63bcd967
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4449df7bf07f59cc3c1fbf6e2c3d88748bc2b048ce5b77fe2197c614cd060
e4cc2c4badd23dbb7b6aa73b5f47a046a4650db1bcee968dbd442b9dd5ca34d6
e7b43567491c251c9cd052c69fe953de1b1e8a86ad15fafc20692b513bc4e49d
e902701968783b117427d57f6276822d742e924ca903e5b6e7d77b861318d29b
e9da35cd7bace27dd1882ac9a3cdaf1336f5c700597c50318c17a120ad291e14
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ecc052791594b2b678cd75628827ef3923ec4e9aa8d51f8df5f0fa1416bbb912
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a567ddd4e738224cdf4e7ff28836b6bc543ba8e2fc2ea713bd3a5fe104e1a4
f20798a9165534c95506a9cac1ca2c3a5b49d3234cd7efe2e108e6915b792cba
f2090c05c07908085faddbb176ee7dffa6ba718597aa7ad136bfa67811e59455
f4f72b64093a8d78eed26a6730a74be6e1bbe34beb372985bba96d2dc5328f3b
f55949c294ba0bc9733e66f8bcdb3eb200140bf28afec6504bfd4d004e7f3489
f6033f14b3442c0f29fa3307980b175bad5e555f15c7378ed36b9af9d8541ca8
f818cd47d07d6203bac0f05bbb5cca48ae471d19d390e702725514e4f8b2914a
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
febcedd9105b97d554cc04ae11065c6c9de88139dc3967aa916cda74754cc5c1

retendehri.cf Open in urlscan Pro 2606:4700:30::681f:41dc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

128 Requests

61 %HTTPS

60 %IPv6

30 Domains

43 Subdomains

40 IPs

6 Countries

2655 kBTransfer

6255 kBSize

0 Cookies

25 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

retendehri.cf Open in urlscan Pro
2606:4700:30::681f:41dc Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

61 %
HTTPS

60 %
IPv6

30
Domains

43
Subdomains

40
IPs

6
Countries

2655 kB
Transfer

6255 kB
Size

0
Cookies

128 HTTP transactions
7 data transactions