tivalenthrowdown.cf Open in urlscan Pro
2606:4700:30::6812:2ddc Public Scan

URL:
http://tivalenthrowdown.cf/
Submission: On October 06 via api (October 6th 2019, 12:24:03 am UTC) from DE

Summary HTTP 54 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 54 HTTP transactions. The main IP is 2606:4700:30::6812:2ddc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is tivalenthrowdown.cf.

This is the only time tivalenthrowdown.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2606:4700:30:... 2606:4700:30::6812:2ddc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6810:d620	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:21f... 2600:9000:21f3:d000:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	13.224.196.48 13.224.196.48	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2606:4700::68... 2606:4700::6810:aa52	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	18.195.227.0 18.195.227.0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.115 13.225.78.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.94.234.174 52.94.234.174	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.182.205.31 54.182.205.31	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
9	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
54	21

17 2606:4700:30::6812:2ddc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tivalenthrowdown.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d620 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d000:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.48 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-48.fra2.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:aa52 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.lifo.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.227.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-227-0.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.115 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-115.fra2.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.234.174 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

cloudfront-labs.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.182.205.31 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-182-205-31.atl51.r.cloudfront.net

a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	tivalenthrowdown.cf tivalenthrowdown.cf	644 KB
9	doubleclick.net securepubads.g.doubleclick.net	87 KB
9	google.com cse.google.com www.google.com clients1.google.com	154 KB
3	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	85 KB
2	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	70 KB
2	twitter.com platform.twitter.com	29 KB
2	facebook.net connect.facebook.net	60 KB
2	lifo.gr 1 redirects www.lifo.gr	2 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	agkn.com js.agkn.com d.agkn.com	4 KB
1	facebook.com staticxx.facebook.com
1	cloudfront.net a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net	58 B
1	amazonaws.com 1 redirects cloudfront-labs.amazonaws.com	216 B
1	google-analytics.com www.google-analytics.com	17 KB
1	onesignal.com cdn.onesignal.com	3 KB
0	Failed function sub() { [native code] }. Failed
54	17

	Domain	Requested by
17	tivalenthrowdown.cf	tivalenthrowdown.cf
9	securepubads.g.doubleclick.net	www.lifo.gr securepubads.g.doubleclick.net
6	www.google.com	cse.google.com www.google.com tivalenthrowdown.cf
2	platform.twitter.com	tivalenthrowdown.cf platform.twitter.com
2	connect.facebook.net	tivalenthrowdown.cf connect.facebook.net
2	cse.google.com	tivalenthrowdown.cf www.google.com
2	www.lifo.gr	1 redirects tivalenthrowdown.cf
2	www.instagram.com	1 redirects tivalenthrowdown.cf
2	ajax.googleapis.com	tivalenthrowdown.cf
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	clients1.google.com	tivalenthrowdown.cf
1	staticxx.facebook.com	connect.facebook.net
1	a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net	tivalenthrowdown.cf
1	cloudfront-labs.amazonaws.com	1 redirects
1	certify.alexametrics.com	tivalenthrowdown.cf
1	d.agkn.com	js.agkn.com
1	www.google-analytics.com	tivalenthrowdown.cf
1	certify-js.alexametrics.com	tivalenthrowdown.cf
1	platform.instagram.com	1 redirects
1	js.agkn.com	tivalenthrowdown.cf
1	cdn.onesignal.com	tivalenthrowdown.cf
1	fonts.googleapis.com	tivalenthrowdown.cf
0	truncated Failed	tivalenthrowdown.cf
54	24

This site contains links to these domains. Also see Links.

Domain
adblockplus.org
m.lifo.gr
mikropragmata.lifo.gr
ampa.lifo.gr
greka.lifo.gr
www.facebook.com
twitter.com
www.69magazine.gr
instagram.com
www.verve.gr

Subject Issuer	Validity	Valid
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
ssl888318.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-02` - `2020-04-09`	6 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-08-25` - `2019-11-23`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
ssl766410.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
certify.alexametrics.com Amazon	`2019-07-26` - `2020-08-26`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://tivalenthrowdown.cf/
Frame ID: 516D2A0F18DB7C1FC09F7F0524DC7F76
Requests: 64 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=103316429&gdpr=&gdpr_consent=&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&bpid=lifogreece&c=%7B%22bpid%22%3A%22lifogreece%22%2C%22loc%22%3A%22http%3A%2F%2Ftivalenthrowdown.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: F5ABCCFA1BA46372DBD84859A6FF9F7A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 942BF27980825E4DBDED049A2A42CD83
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Ftivalenthrowdown.cf
Frame ID: D96426E87000E52DD5020C14C4E01C0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

54
Requests

54 %
HTTPS

73 %
IPv6

17
Domains

24
Subdomains

21
IPs

3
Countries

1161 kB
Transfer

4284 kB
Size

3
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://adblockplus.org/en/faq_basics#disable
Title: νοτης σφακιανακης παιδια

Search URL Search Domain Scan URL

URL: https://m.lifo.gr/team/lola/37735
Title: χαμηλού βαθμού αλλοιώσεις του πλακώδους επιθηλίου

Search URL Search Domain Scan URL

URL: https://mikropragmata.lifo.gr/
Title: σταυροί βάπτισης για κορίτσι

Search URL Search Domain Scan URL

URL: https://ampa.lifo.gr/
Title: ανανεωση βιβλιαριο υγειας για ανεργους

Search URL Search Domain Scan URL

URL: https://greka.lifo.gr/
Title: τινκερμπελ νεραιδες ονοματα

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=/team/lola/37735

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=/team/lola/37735&text=Jayne%20Mansfield%20-%20Sophia%20Loren:%20%CE%88%CE%BD%CE%B1%20%20%CE%B1%CE%B2%CF%85%CF%83%CF%83%CE%B1%CE%BB%CE%AD%CE%BF%20%CE%BD%CF%84%CE%B5%CE%BA%CE%BF%CE%BB%CF%84%CE%AD,%20%CE%BA%CE%B9%20%CE%AD%CE%BD%CE%B1%20%CE%BC%CE%AC%CE%BB%CE%BB%CE%BF%CE%BD%20%CE%B1%CF%80%CE%BF%CE%B4%CE%BF%CE%BA%CE%B9%CE%BC%CE%B1%CF%83%CF%84%CE%B9%CE%BA%CF%8C%20%CE%B2%CE%BB%CE%AD%CE%BC%CE%BC%CE%B1.%20(1957)
Title: étienne de la boetie

Search URL Search Domain Scan URL

URL: http://www.69magazine.gr/02,25,3494,00.aspx
Title: ερπης στα γεννητικα οργανα

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lifo.mag
Title: αστεροσκονη ταινια imdb

Search URL Search Domain Scan URL

URL: https://twitter.com/lifomag
Title: και πίνω ούζα

Search URL Search Domain Scan URL

URL: https://instagram.com/lifomag
Title: γιωργος λιανης ηλικια

Search URL Search Domain Scan URL

URL: http://www.verve.gr/
Title: Website by

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://platform.instagram.com/en_US/embeds.js HTTP 307
https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

Request Chain 23

http://www.lifo.gr/files/ads/adcode.js?v=4 HTTP 301
https://www.lifo.gr/files/ads/adcode.js?v=4

Request Chain 43

http://cloudfront-labs.amazonaws.com/x.png HTTP 302
http://a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net/test.png

54 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
tivalenthrowdown.cf/ 221 KB
44 KB 197ms
139ms Document
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98230fa1a47181b2cee5b6e6395e6d3365a7e1b434b4b23115d4811199a441e

Request headers

Host: tivalenthrowdown.cf
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d3465e2e4aa83e2dd47720d116bf169001570321426; expires=Mon, 05-Oct-20 00:23:46 GMT; path=/; domain=.tivalenthrowdown.cf; HttpOnly
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 52137d12ccbecb98-VIE
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 10 KB
815 B 21ms
11ms Stylesheet
text/css 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Slab:100,300,400,700&subset=greek-ext

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

086a80ab28cd4eb68e973c95ea7730b13e3129f5a9b19e90c5e50690abc7db41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 06 Oct 2019 00:23:46 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sun, 06 Oct 2019 00:23:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Sun, 06 Oct 2019 00:23:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
33 KB 16ms
6ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 12:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3500052
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Aug 2020 12:09:34 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.8.21/ 198 KB
51 KB 19ms
9ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.21/jquery-ui.min.js

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca12fe083d6e9ac3432b0e05680d5c8fbfa0d0814f861bcf90dee5b9bad3853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 18:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 453545
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52004
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Sep 2020 18:24:41 GMT

GET
H/1.1 200
OK main.css
tivalenthrowdown.cf/css/ 225 KB
47 KB 180ms
168ms Stylesheet
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/css/main.css?v=h7b822g12g28
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71bc645c0ef027553895571ae650f8975eb98a95229de17853287348b8d03c43

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d13cecfcbc8-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK jquery-ui.css
tivalenthrowdown.cf/css/custom-theme/ 221 KB
43 KB 193ms
180ms Stylesheet
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/css/custom-theme/jquery-ui.css?v=4
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98230fa1a47181b2cee5b6e6395e6d3365a7e1b434b4b23115d4811199a441e

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d13ce795a0c-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK lightgallery.min.css
tivalenthrowdown.cf/css/ 193 KB
31 KB 180ms
168ms Stylesheet
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/css/lightgallery.min.css?v=3
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1774776862071d2068d5a365dba67548f391530a10459f4022ff7da3a1bc21eb

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d13cfcacbc0-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK plyr_new_full.css
tivalenthrowdown.cf/css/ 167 KB
41 KB 199ms
181ms Stylesheet
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/css/plyr_new_full.css?v=50a
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05345acb1b18181a99ca41d5bc7bead916e2ec942183eefbea27b1637592a1cc

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d13dc1159e2-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK toolbox.js Show response
tivalenthrowdown.cf/js/ 110 KB
19 KB 196ms
177ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/toolbox.js?v=12
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcabb2dbace8b72f8b43eb0f642e678c123f1fd849c8a74b8a789398f9692e08

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d13dd0fcbb8-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK plyr_new.js Show response
tivalenthrowdown.cf/js/ 186 KB
30 KB 329ms
162ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/plyr_new.js?v=50
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b44f3cb496e87c6edadaa25f388849400b1ce20911eede7a74cccf1e969d04

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d14cfc8cb98-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK hls.light.min.js Show response
tivalenthrowdown.cf/js/ 205 KB
28 KB 442ms
175ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/hls.light.min.js?v=2
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6e3a50a3ce90a165582fc8c32eea269f7728c4cc51092958ed2ef90644013a7

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:46 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d1569e8cbc0-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK ga_social_tracking.js Show response
tivalenthrowdown.cf/js/ 146 KB
34 KB 497ms
211ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/ga_social_tracking.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1195491f5e382b9e6fbe12d9b03a2140953872e24214c10dbe8a32d2d599e3

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d158f1acbb8-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK jquery.easing.min.js Show response
tivalenthrowdown.cf/js/ 170 KB
37 KB 512ms
221ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/jquery.easing.min.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aefda2db952fb29fbebeb808241e8eceece6dfaef9c4b70a521ff9207656019

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d159c9b59e2-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK jquery.cycle2.min.js Show response
tivalenthrowdown.cf/js/ 330 KB
64 KB 506ms
205ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/jquery.cycle2.min.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f48ad06a36754c908e80b3d72432de613392e12466d91718c4afdf6091f89c

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d15a949cbc8-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK jquery.cycle2.carousel.min.js Show response
tivalenthrowdown.cf/js/ 167 KB
41 KB 559ms
213ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/jquery.cycle2.carousel.min.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da6b9e3c6458eaaa2b3c343265cb51fb0ec2de7bf2eb4ed9f9a7696656c0b9a

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d15ef295a0c-VIE
Expires: Sun, 06 Oct 2019 04:23:46 GMT

GET
H/1.1 200
OK jquery.cycle2.caption2.min.js Show response
tivalenthrowdown.cf/js/ 167 KB
41 KB 630ms
212ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/jquery.cycle2.caption2.min.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda2c2e8498bd0f699bd4a0d0bf25e0e182e8ae3f66ef7b8bdd1f9342d886cee

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d165a11cb98-VIE
Expires: Sun, 06 Oct 2019 04:23:47 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 56ms
18ms Script
application/javascript 2606:4700::6810:d620
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:d620 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:46 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1662
etag: W/"41d0df615391610e30ff0de59eb02d17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 52137d13f93d8c74-VIE
expires: Sun, 06 Oct 2019 12:23:46 GMT

GET
H/1.1 200
OK tag.js Show response
js.agkn.com/prod/v0/ 3 KB
4 KB 39ms
6ms Script
application/javascript 2600:9000:21f3:d000:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://js.agkn.com/prod/v0/tag.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2600:9000:21f3:d000:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 05 Oct 2019 15:16:37 GMT
Via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
Last-Modified: Thu, 11 Jul 2019 15:46:11 GMT
Server: AmazonS3
Age: 39808
ETag: "a5442c681a576408c25edbf365995343"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 3167
X-Amz-Cf-Id: QppOXFZs-LnLL9LMKS8-cDXXsO8X_ijpIPNr5E4VGNeexZGuN6pvBg==

GET
H/1.1 200
OK 486929_loren_mansfield_13.jpg
tivalenthrowdown.cf/icache/860/700/2/ 39 KB
39 KB 215ms
214ms Image
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tivalenthrowdown.cf/icache/860/700/2/486929_loren_mansfield_13.jpg
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d172c2bcbc0-VIE
Expires: Sun, 06 Oct 2019 04:23:47 GMT

GET
H/1.1 200
OK anonymous.png
tivalenthrowdown.cf/img/ 39 KB
39 KB 228ms
227ms Image
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tivalenthrowdown.cf/img/anonymous.png
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d17397bcbb8-VIE
Expires: Sun, 06 Oct 2019 04:23:47 GMT

GET
H2

200

47c7ec92d91e.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

http://platform.instagram.com/en_US/embeds.js
https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 04 Oct 2019 19:49:22 GMT
x-fb-trip-id: 1679558926
status: 200
etag: "47c7ec92d91e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4822

Redirect headers

status: 302
date: Sun, 06 Oct 2019 00:23:47 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK verve-logo-bw.png
tivalenthrowdown.cf/img/ 46 KB
46 KB 218ms
217ms Image
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tivalenthrowdown.cf/img/verve-logo-bw.png
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d180fd65a0c-VIE
Expires: Sun, 06 Oct 2019 04:23:47 GMT

GET
H/1.1 200
OK scripts.js Show response
tivalenthrowdown.cf/js/ 90 KB
20 KB 173ms
173ms Script
text/html 2606:4700:30::6812:2ddc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://tivalenthrowdown.cf/js/scripts.js?v=p2d10
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2606:4700:30::6812:2ddc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4430a40963aebf64baaad3ac8e744f44e9037459a9edf8c0d6640c3384d127

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d180c79cb98-VIE
Expires: Sun, 06 Oct 2019 04:23:47 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 19ms
6ms Script
text/javascript 13.224.196.48
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.48 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-48.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 27 Jun 2019 19:57:25 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 8655983
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: ryZXHWe85MrSV5BomjWTZFCF3aK_2l8VR0WC3WskRIAgCFbQDN49FA==

GET
H2

200

adcode.js Show response
www.lifo.gr/files/ads/
Redirect Chain

http://www.lifo.gr/files/ads/adcode.js?v=4
https://www.lifo.gr/files/ads/adcode.js?v=4

3 KB
2 KB

116ms
86ms

Script
application/x-javascript

2606:4700::6810:aa52
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lifo.gr/files/ads/adcode.js?v=4
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:aa52 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e6fb8c2d85717c457d814054100e92d10a3bf5e8c7e2a6f30030ab69a406af

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Jul 2017 13:07:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
status: 200
cache-control: max-age=7776000, public
cf-ray: 52137d18880459c4-VIE
expires: Sat, 04 Jan 2020 00:23:47 GMT

Redirect headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
CF-Cache-Status: EXPIRED
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Location: https://www.lifo.gr/files/ads/adcode.js?v=4
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 52137d181d3e597c-VIE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 821
date: Sun, 06 Oct 2019 00:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 06 Oct 2019 02:10:06 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 11 KB
4 KB 55ms
34ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=014540938798484309336:zef-kmtr6cc

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

b90c26f7ad4024a4bca779380a4c4f376adfe43ed564273326fc24d942cc11c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3577
x-xss-protection: 0
expires: Sun, 06 Oct 2019 00:23:47 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d6477de05c28f56b7610141f92e2865ed2ae8bc9e0db1ddea8e4caab4dda0713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Pj3qq1ted4MeK2TYkE0wZw==
status: 200
content-length: 1779
etag: "215c4a806094fb241f91362b8864bda0"
x-fb-debug: m2qxUjZyGAn2hN/aXMnu3UqDXLsaKD+d3Nbie8bkkfRHbbwjCnrssi/GP8OLF4noy1cz0P2N6DO8aMk1ql15Zg==
x-fb-trip-id: 420120009
x-fb-content-md5: bcf53df6aa4a32d1bce8e5ff85097029
x-frame-options: DENY
date: Sun, 06 Oct 2019 00:23:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Oct 2019 00:28:55 GMT

GET truncated
/ 0
0

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame F5AB 0
0 28ms
8ms Document
text/html 18.195.227.0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=103316429&gdpr=&gdpr_consent=&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&bpid=lifogreece&c=%7B%22bpid%22%3A%22lifogreece%22%2C%22loc%22%3A%22http%3A%2F%2Ftivalenthrowdown.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 18.195.227.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-227-0.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://tivalenthrowdown.cf/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://tivalenthrowdown.cf/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sun, 06 Oct 2019 00:23:47 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AH9zDZylGaiRMDKc6lxhbEVjFqNoOzJyG;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlK_CTJSvwkwAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 479
Connection: keep-alive

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
58 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6a60bc5e59a244a4246d5921aeb87c45&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

288d5e57db9cb6c2f83946455845b7bdeeff8bc9d2759e3a1323787adfdc3bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: http://tivalenthrowdown.cf/
Origin: http://tivalenthrowdown.cf
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: AOiUMXsrE8maGSzdqcsdqA==
status: 200
content-length: 59062
etag: "be81c9054b85e83795affdf03a4b74e1"
x-fb-debug: QBsnjQLXz71pYfqQtHEllvRmfmlr/4gTtQYYsJlTVNtOJSDAH//d+v1bdzmqWsGFrhHRAeGwwVayxCNAqaDOBQ==
x-fb-trip-id: 420120009
x-fb-content-md5: bc28e7fe45b6c3beb983e8db34c134d5
x-frame-options: DENY
date: Sun, 06 Oct 2019 00:23:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Mon, 05 Oct 2020 00:08:56 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 6ms
6ms Image
image/gif 13.225.78.115
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%CE%A0%CF%81%CE%BF%CE%B2%CE%BB%CE%B5%CF%88%CE%B7%20%CF%83%CE%B5%CE%B9%CF%83%CE%BC%CE%BF%CF%85%20%CE%B5%CE%BB%CE%BB%CE%B1%CE%B4%CE%B1&time=1570321427253&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Ftivalenthrowdown.cf%2F&random_number=21054631544&sess_cookie=7bddbbed16d9e736b34bb2919e6&sess_cookie_flag=1&user_cookie=7bddbbed16d9e736b34bb2919e6&user_cookie_flag=1&dynamic=true&domain=lifo.gr&account=hu/wr1hNdI20fn&jsv=20130128&user_lang=en-US
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.115 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 05 Oct 2019 20:30:17 GMT
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 14011
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA2-C2
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 4wdzeSUP0tU6tf7kNH17LfHgDXNzVv_2UrM88d48amWhwCd19Yd49g==

GET
H/1.1

200
OK

test.png
a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net/test.png

58 B
58 B

232ms
111ms

Image
text/plain

54.182.205.31
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net/test.png
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 54.182.205.31 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-182-205-31.atl51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Via: 1.1 a32368b2ea9e47b9999883c2722b1620.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: -r_35i7b--clk6AZcgX4-CCQwxSxizCg1h0j_ZRBp7WdH188InuX2g==
Expires: Sun, 06 Oct 2019 00:23:47 GMT

Redirect headers

Access-Control-Allow-Origin: *
Date: Sun, 06 Oct 2019 00:23:46 GMT
Server: Server
Content-Length: 0
Location: http://a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net/test.png

GET
H2 200 cse_element__el.js Show response
www.google.com/cse/static/element/c96da2eab22f03d8/ 239 KB
77 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c96da2eab22f03d8/cse_element__el.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014540938798484309336:zef-kmtr6cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4710216faf5a97097c40a56c0d92e0fe29d5beca136bc89c2d9f4f2200e8712a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 16:48:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Jun 2019 15:46:45 GMT
server: sffe
age: 2792129
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78424
x-xss-protection: 0
expires: Wed, 02 Sep 2020 16:48:18 GMT

GET
H2 200 default+el.css
www.google.com/cse/static/element/c96da2eab22f03d8/ 40 KB
9 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/c96da2eab22f03d8/default+el.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014540938798484309336:zef-kmtr6cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 22:11:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 21 Jun 2019 15:46:45 GMT
server: sffe
age: 439942
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9042
x-xss-protection: 0
expires: Tue, 29 Sep 2020 22:11:25 GMT

GET
H2 200 minimalist.css
www.google.com/cse/static/style/look/v3/ 13 KB
3 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v3/minimalist.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=014540938798484309336:zef-kmtr6cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5212bc7e582ed1d4213780eede8d52a3efb25abb444b7e07a5dcf5d3010812b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 05 Oct 2019 23:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 May 2019 14:00:00 GMT
server: sffe
age: 2813
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3101
x-xss-protection: 0
expires: Sun, 06 Oct 2019 00:26:54 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 942B 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=6a60bc5e59a244a4246d5921aeb87c45&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://tivalenthrowdown.cf/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://tivalenthrowdown.cf/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sun, 04 Oct 2020 09:08:53 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: vOOfVXfel2GJvhqeQUOJxN2dswbUez5Dl7Ej1CnLIVn3hZDdR7pctEqsoXaTv1idZQew/37E+lGb+NoCPbfCvw==
content-length: 11763
x-fb-trip-id: 420120009
date: Sun, 06 Oct 2019 00:23:47 GMT

GET
H2 200 pubads_impl_121.js Show response
securepubads.g.doubleclick.net/gpt/ 185 KB
65 KB 43ms
43ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Requested by

Host: www.lifo.gr
URL: https://www.lifo.gr/files/ads/adcode.js?v=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

ac4f9618be0b43e3a85ccb1b5ae9b9c5efbe4d1ac30bcd5db7b624a767024481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2017 14:12:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 65897
x-xss-protection: 0
expires: Sun, 06 Oct 2019 00:23:47 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4184) /
Resource Hash: 90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Oct 2019 20:25:42 GMT
Server: ECS (fcn/4184)
Etag: "1d8d0709ed691e2bc0472dbfc17c8abd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28700

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 165 KB
57 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c96da2eab22f03d8/cse_element__el.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6e939f66c2aa0e79c7e0de4cc5be637111d3feb7adf41647ef36a98ed1d389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "11054448431623809044"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 0
Expires: Sun, 06 Oct 2019 00:23:47 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 6ms
5ms Image
image/png 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c96da2eab22f03d8/cse_element__el.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.google.com/cse/static/style/look/v3/minimalist.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 19:16:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Nov 2017 13:30:00 GMT
server: sffe
age: 3733631
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
expires: Sat, 22 Aug 2020 19:16:36 GMT

GET
H/1.1 200
OK googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
884 B 5ms
5ms Image
image/png 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/c96da2eab22f03d8/cse_element__el.js?usqp=CAI%3D

Protocol

HTTP/1.1

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 23 Aug 2019 19:14:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 21:30:00 GMT
Server: sffe
Age: 3733742
Content-Type: image/png
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 551
X-XSS-Protection: 0
Expires: Sat, 22 Aug 2020 19:14:45 GMT

GET
H2 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
1 KB 6ms
5ms Image
image/png 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Requested by

Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
age: 434962
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Tue, 29 Sep 2020 23:34:25 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 11ms
5ms Image
text/plain 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: tivalenthrowdown.cf
URL: http://tivalenthrowdown.cf/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 06 Oct 2019 00:23:47 GMT
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html
platform.twitter.com/widgets/ Frame D964 0
0 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e3a0e1b01ae601b6c9cf798a93ab7e69.html?origin=http%3A%2F%2Ftivalenthrowdown.cf
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://tivalenthrowdown.cf/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://tivalenthrowdown.cf/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-control-allow-origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Oct 2019 00:24:23 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Wed, 02 Oct 2019 20:21:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40EB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1 200
OK show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 186 KB
70 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3586395787e80acee6aa3806035960c48fc44709594a89bc926b2341b41e6b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 05 Oct 2019 23:49:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2029
ETag: 12098309001955011035
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 70745
X-XSS-Protection: 0
Expires: Sun, 06 Oct 2019 00:49:58 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-9/html/ 0
0 11ms
5ms Other
text/html 2a00:1450:4001:809::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-9/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
374 B 36ms
36ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2F1x1_over&sz=1x1&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427487&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3734954522&gut=v2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=51&icsg=562950221852707&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

cbff892b0b5822bce580fb1acfb6a8c78fb82e1ce379e83c6eaeea82d69d6ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
440 B 32ms
31ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_1x1_out&sz=1x1%7C1900x1200&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427491&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=855383893&gut=v2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=52&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

822222439ffd9663310b8fa13d7a2a420a48043dc25d00fbc9b4468e9db2ba69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
9 KB 41ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2Fadblocker&sz=1x1&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427494&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=1679130589&gut=v2&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=53&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

2f00a1d357910c38853b6f1be3f09f26ec3109f530390fac67447c8fe8561e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8841
x-xss-protection: 0
google-lineitem-id: 109602464
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 41141226704
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 349 B
380 B 132ms
132ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_728x90_top&sz=728x90&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427496&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3231742176&gut=v2&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=54&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b30baf62c9fa4e9f306b68af4d4e47541d7d7f680e84b3fef133f705223cd718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 223
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 350 B
382 B 194ms
194ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy5&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_970x90_top&sz=970x250%7C970x90%7C728x90&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427498&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=3455148451&gut=v2&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=55&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

648158fa08893c996363539d274a2a9cf31fb946021702560e038dd921a5f28f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
381 B 261ms
260ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy6&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_470x30_txt1&sz=470x30&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427500&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=805333082&gut=v2&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=56&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

884654c5e36af8cba4dc07c40ae5d7f68c770cd3aa45071e9d9c75508f9e4415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 221
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 347 B
492 B 239ms
238ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy7&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_470x30_txt2&sz=470x30&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427502&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=2782559420&gut=v2&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=57&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8f5e5f8337c6f7690346d06fd199c45b0ed14ca5b9f66804992762e831af6096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 333ms
333ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=1740493775495282&output=json_html&callback=googletag.impl.pubads.callbackProxy8&impl=fif&eid=108809080%2C108809107%2C21060363&sc=0&sfv=1-0-9&iu=%2F8071944%2FBlogs_300x250_r1&sz=300x600%7C300x250&cust_params=Branch%3Darticles%26SubBranch%3Dlightbox%26Category%3D%26Item_Id%3D37735%26Item_Template%3D%26Topics_Id%3D%26Page%3D0%26Layout%3Dnoright_r1_only%26Skin%3Dlarge%26Platform%3Ddesktop%26Ad_safety%3D0&cookie_enabled=1&abxe=1&lmt=1549814525&dt=1570321427504&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=1671209038&gut=v2&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Ftivalenthrowdown.cf%2F&dssz=58&icsg=2814750035537955&std=0&vrg=121&vrp=121&ga_vid=1419835962.1570321427&ga_sid=1570321427&ga_hid=750601493

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_121.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

120548bdb022a0fe6b682900e76e394cae990d1941e8e5937c37f97285f155f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://tivalenthrowdown.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 06 Oct 2019 00:23:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10982
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.agkn.com/	1970-01-19 12:59:03	Name: ab Value: 0001%3AH9zDZylGaiRMDKc6lxhbETXKO1uyFpnq4Loljjv9Sp0x7aJmwDCB4A%3D%3D
.agkn.com/	1970-01-19 12:57:37	Name: u Value: C\|0AEAlK_CTJSvwkwAAAAAAAg1RAQCADVIBAIA
.tivalenthrowdown.cf/	1970-01-19 12:57:37	Name: __cfduid Value: d3465e2e4aa83e2dd47720d116bf169001570321426

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5af848db94e099feeecc0fa593f050ce.profile.atl-m.cloudfront.net
ajax.googleapis.com
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
clients1.google.com
cloudfront-labs.amazonaws.com
connect.facebook.net
cse.google.com
d.agkn.com
fonts.googleapis.com
js.agkn.com
pagead2.googlesyndication.com
platform.instagram.com
platform.twitter.com
securepubads.g.doubleclick.net
staticxx.facebook.com
tivalenthrowdown.cf
tpc.googlesyndication.com
truncated
www.google-analytics.com
www.google.com
www.instagram.com
www.lifo.gr
truncated
13.224.196.48
13.225.78.115
172.217.16.162
18.195.227.0
2600:9000:21f3:d000:15:efbc:e300:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:30::6812:2ddc
2606:4700::6810:aa52
2606:4700::6810:d620
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:817::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
52.94.234.174
54.182.205.31
05345acb1b18181a99ca41d5bc7bead916e2ec942183eefbea27b1637592a1cc
086a80ab28cd4eb68e973c95ea7730b13e3129f5a9b19e90c5e50690abc7db41
0ca12fe083d6e9ac3432b0e05680d5c8fbfa0d0814f861bcf90dee5b9bad3853
0d1195491f5e382b9e6fbe12d9b03a2140953872e24214c10dbe8a32d2d599e3
0da6b9e3c6458eaaa2b3c343265cb51fb0ec2de7bf2eb4ed9f9a7696656c0b9a
120548bdb022a0fe6b682900e76e394cae990d1941e8e5937c37f97285f155f5
1774776862071d2068d5a365dba67548f391530a10459f4022ff7da3a1bc21eb
288d5e57db9cb6c2f83946455845b7bdeeff8bc9d2759e3a1323787adfdc3bbb
2f00a1d357910c38853b6f1be3f09f26ec3109f530390fac67447c8fe8561e6a
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3586395787e80acee6aa3806035960c48fc44709594a89bc926b2341b41e6b39
3c4430a40963aebf64baaad3ac8e744f44e9037459a9edf8c0d6640c3384d127
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
4710216faf5a97097c40a56c0d92e0fe29d5beca136bc89c2d9f4f2200e8712a
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5212bc7e582ed1d4213780eede8d52a3efb25abb444b7e07a5dcf5d3010812b2
5aefda2db952fb29fbebeb808241e8eceece6dfaef9c4b70a521ff9207656019
648158fa08893c996363539d274a2a9cf31fb946021702560e038dd921a5f28f
6b6e939f66c2aa0e79c7e0de4cc5be637111d3feb7adf41647ef36a98ed1d389
71bc645c0ef027553895571ae650f8975eb98a95229de17853287348b8d03c43
72b44f3cb496e87c6edadaa25f388849400b1ce20911eede7a74cccf1e969d04
822222439ffd9663310b8fa13d7a2a420a48043dc25d00fbc9b4468e9db2ba69
884654c5e36af8cba4dc07c40ae5d7f68c770cd3aa45071e9d9c75508f9e4415
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
8f5e5f8337c6f7690346d06fd199c45b0ed14ca5b9f66804992762e831af6096
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
90476f48e0b8a9f9c5c11fd16f13fc6a8772fe281d12c8e63153a6f948cdd348
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
ac4f9618be0b43e3a85ccb1b5ae9b9c5efbe4d1ac30bcd5db7b624a767024481
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b30baf62c9fa4e9f306b68af4d4e47541d7d7f680e84b3fef133f705223cd718
b6e3a50a3ce90a165582fc8c32eea269f7728c4cc51092958ed2ef90644013a7
b90c26f7ad4024a4bca779380a4c4f376adfe43ed564273326fc24d942cc11c9
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c8e6fb8c2d85717c457d814054100e92d10a3bf5e8c7e2a6f30030ab69a406af
cbff892b0b5822bce580fb1acfb6a8c78fb82e1ce379e83c6eaeea82d69d6ee4
cda2c2e8498bd0f699bd4a0d0bf25e0e182e8ae3f66ef7b8bdd1f9342d886cee
d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9
d6477de05c28f56b7610141f92e2865ed2ae8bc9e0db1ddea8e4caab4dda0713
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f48ad06a36754c908e80b3d72432de613392e12466d91718c4afdf6091f89c
f98230fa1a47181b2cee5b6e6395e6d3365a7e1b434b4b23115d4811199a441e
fcabb2dbace8b72f8b43eb0f642e678c123f1fd849c8a74b8a789398f9692e08

tivalenthrowdown.cf Open in urlscan Pro 2606:4700:30::6812:2ddc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

54 Requests

54 %HTTPS

73 %IPv6

17 Domains

24 Subdomains

21 IPs

3 Countries

1161 kBTransfer

4284 kBSize

3 Cookies

12 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tivalenthrowdown.cf Open in urlscan Pro
2606:4700:30::6812:2ddc Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

54 %
HTTPS

73 %
IPv6

17
Domains

24
Subdomains

21
IPs

3
Countries

1161 kB
Transfer

4284 kB
Size

3
Cookies

54 HTTP transactions
13 data transactions