ceheckupalert.cf Open in urlscan Pro
2606:4700:30::681c:49d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ceheckupalert.cf/
Submission: On October 09 via automatic, source certstream-suspicious (October 9th 2019, 10:12:23 am UTC)

Summary HTTP 129 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 29 domains to perform 129 HTTP transactions. The main IP is 2606:4700:30::681c:49d, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ceheckupalert.cf.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 9th 2019. Valid for: a year.

This is the only time ceheckupalert.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:30:... 2606:4700:30::681c:49d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.45.99.146 23.45.99.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2.16.186.248 2.16.186.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a01:4f8:110:... 2a01:4f8:110:5005::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:204... 2600:9000:2043:9c00:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:1::... 2606:4700:1::6813:8c4a	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
20	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
17	2a02:26f0:6c0... 2a02:26f0:6c00:28d::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	35.240.50.85 35.240.50.85	15169 (GOOGLE) (GOOGLE - Google LLC)
1	35.157.22.81 35.157.22.81	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	104.111.218.100 104.111.218.100	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2.16.186.152 2.16.186.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2606:4700:10:... 2606:4700:10::6814:5e4d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	95.211.185.110 95.211.185.110	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a02:26f0:6c0... 2a02:26f0:6c00:293::2c92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	23.43.115.95 23.43.115.95	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
129	34

8 2606:4700:30::681c:49d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ceheckupalert.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.146 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-146.deploy.static.akamaitechnologies.com

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.16.186.248 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-248.deploy.static.akamaitechnologies.com

files.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:110:5005::2 (Heidelberg, Germany)

ASN24940 (HETZNER-AS, DE)

www.vidads.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:9c00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:8c4a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a02:26f0:6c00:28d::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

widget.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img9-api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.240.50.85 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 85.50.240.35.bc.googleusercontent.com

app.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.22.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-157-22-81.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.218.100 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-218-100.deploy.static.akamaitechnologies.com

logws1312.ati-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.152 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-152.deploy.static.akamaitechnologies.com

files.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com

api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:5e4d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obj.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.185.110 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: rishi.phaistosnetworks.gr

bold.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:293::2c92 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cmp.teads.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.43.115.95 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	112 KB
18	yallarec.com widget.yallarec.com api.yallarec.com img9-api.yallarec.com	233 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	841 KB
9	ampproject.org cdn.ampproject.org	442 KB
8	missbloom.gr files.missbloom.gr www.missbloom.gr	76 KB
8	ceheckupalert.cf ceheckupalert.cf	274 KB
7	adman.gr static.adman.gr bold.adman.gr obj.adman.gr	312 KB
6	teads.tv a.teads.tv t.teads.tv sync.teads.tv	185 KB
5	capital.gr www.capital.gr files.capital.gr	110 KB
5	googletagservices.com www.googletagservices.com	130 KB
4	vidads.gr www.vidads.gr	85 KB
4	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	criteo.net static.criteo.net	27 KB
3	facebook.net connect.facebook.net	119 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	facebook.com www.facebook.com	246 B
2	ati-host.net 1 redirects logws1312.ati-host.net	664 B
2	googleapis.com ajax.googleapis.com imasdk.googleapis.com	121 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
1	consensu.org cmp.teads.mgr.consensu.org
1	google.com www.google.com
1	criteo.com bidder.criteo.com	146 B
1	exitbee.com app.exitbee.com
1	google.de adservice.google.de	175 B
1	google-analytics.com www.google-analytics.com	17 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	aticdn.net tag.aticdn.net	20 KB
0	qds.ninja Failed t.qds.ninja Failed
129	29

	Domain	Requested by
20	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ceheckupalert.cf
15	img9-api.yallarec.com	ceheckupalert.cf
9	cdn.ampproject.org	securepubads.g.doubleclick.net
8	ceheckupalert.cf	ceheckupalert.cf
7	files.missbloom.gr	ceheckupalert.cf
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net ceheckupalert.cf
5	pagead2.googlesyndication.com	ceheckupalert.cf pagead2.googlesyndication.com
5	www.googletagservices.com	ceheckupalert.cf securepubads.g.doubleclick.net
4	bold.adman.gr	static.adman.gr bold.adman.gr ceheckupalert.cf
4	files.capital.gr	securepubads.g.doubleclick.net ceheckupalert.cf
4	www.vidads.gr	ceheckupalert.cf www.vidads.gr
3	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
3	static.criteo.net	widget.yallarec.com ceheckupalert.cf
3	connect.facebook.net	ceheckupalert.cf connect.facebook.net
3	www.instagram.com	1 redirects ceheckupalert.cf www.instagram.com
2	t.teads.tv
2	sb.scorecardresearch.com	1 redirects
2	static.adman.gr	ceheckupalert.cf static.adman.gr
2	www.facebook.com	ceheckupalert.cf connect.facebook.net
2	logws1312.ati-host.net	1 redirects ceheckupalert.cf
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	widget.yallarec.com	ceheckupalert.cf widget.yallarec.com
2	cdnjs.cloudflare.com	ceheckupalert.cf
1	sync.teads.tv	a.teads.tv
1	cmp.teads.mgr.consensu.org	a.teads.tv
1	www.google.com	ceheckupalert.cf
1	imasdk.googleapis.com	www.vidads.gr
1	obj.adman.gr	ceheckupalert.cf
1	bidder.criteo.com	static.criteo.net
1	api.yallarec.com	widget.yallarec.com
1	ajax.googleapis.com	widget.yallarec.com
1	d.agkn.com	js.agkn.com
1	app.exitbee.com	ceheckupalert.cf
1	www.missbloom.gr	ceheckupalert.cf
1	adservice.google.de	www.googletagservices.com
1	www.google-analytics.com	ceheckupalert.cf
1	cdn.onesignal.com	ceheckupalert.cf
1	js.agkn.com	ceheckupalert.cf
1	www.capital.gr	ceheckupalert.cf
1	platform.instagram.com	1 redirects
1	tag.aticdn.net	ceheckupalert.cf
0	t.qds.ninja Failed	ceheckupalert.cf
129	42

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.missbloom.gr
www.yupiii.gr
www.shape.gr
www.madamefigaro.gr
www.capital.gr
gr.askmen.com
atticamediagroup.gr

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-09` - `2020-10-08`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
tag.aticdn.net GeoTrust RSA CA 2018	`2019-01-25` - `2020-03-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
capital.gr Let's Encrypt Authority X3	`2019-10-01` - `2019-12-30`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-08-25` - `2019-11-23`	3 months	crt.sh
ssl2.nemohq.gr Let's Encrypt Authority X3	`2019-09-17` - `2019-12-16`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
ssl382804.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-07` - `2020-04-14`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.yallarec.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-14` - `2020-03-01`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
app.exitbee.com SSL.com RSA SSL subCA	`2019-07-08` - `2020-10-04`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
*.ati-host.net DigiCert SHA2 Secure Server CA	`2019-01-24` - `2020-04-24`	a year	crt.sh
ssl364933.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-25` - `2019-12-01`	6 months	crt.sh
*.adman.gr COMODO RSA Domain Validation Secure Server CA	`2018-10-15` - `2020-11-04`	2 years	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh
teads.tv Let's Encrypt Authority X3	`2019-08-22` - `2019-11-20`	3 months	crt.sh
teads.mgr.consensu.org Let's Encrypt Authority X3	`2019-09-23` - `2019-12-22`	3 months	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://ceheckupalert.cf/
Frame ID: 726731D743306F6AAD121A2DBB7961EF
Requests: 87 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: CE812A57F32F8566187F5533BB1FBA6E
Requests: 6 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fceheckupalert.cf&rp=%2F
Frame ID: 64BDADD10113F418F70618E5CF924373
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=267600796&gdpr=&gdpr_consent=&url=https%3A%2F%2Fceheckupalert.cf%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22https%3A%2F%2Fceheckupalert.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: B6EEA63746760F430604D574DF3898AB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js
Frame ID: CB47B1F3AAF1E680F2334B7EAEC191F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html
Frame ID: 8E85AE1CE574DEEE1F87BB9057DB2C7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fceheckupalert.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570615924156&bpp=9&bdt=404&fdt=70&idt=70&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8195911500099&frm=20&pv=2&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&ga_fc=0&iag=0&icsg=35176251427&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21064521%2C21064756&oid=3&pvsid=3958752144071127&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=11&uci=b.52n2en6b6iks&fsb=1&dtd=81
Frame ID: DC0D5FA1E65255FF75298B70FE8C1A12
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE1eZXBbo7j5ax3E9pqnIK_6m0VdLtAr1Pa3J3fluLLTDAiDQe3yKKLBngS0PzHQl3THoWbd7GWW86O7wMAnvO7tzuVYFNWD3SSBFgY8Bm7wOrY1fNyGbF2UFcwPTnimXKZUvncaAOPoDMppzzSjB5IK1l77chCwBNQPX90HYuPJ6lEs6_rRamR0IMSSElTaA0I-zevcfu_yw1k6Sb_eLoMWUo0kqvQc2eJzf4SQ_8u-97R-RorFCEo6QkW53UKoyscYSmwhFEpmg&sai=AMfl-YSEIT2wyrodRdTVrTyrNmO9IclAUMOahbJmrjGfGDA7OWSd4JhiUl8ouxV-5kyxobHC8JIFlD87Y_XJI_9wsLOQ8B7bivM2qDea7GXpaA&sig=Cg0ArKJSzGw5w_0jGXsTEAE&urlfix=1&adurl=
Frame ID: A34BB882012AED38333D5AAE6C02D620
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuETBtjcTcplMoYqD9OwW10kieDGOsYehR3RF-bzy5KUKNN4ewjdNiMsqEbljcRjLyxQcougoEYlDurPfq2mX06UGJ-64u_YHZbvJaBivSs7bgibYII3wD64_ghwIPAKUU3gC5MmiPK2LCtAbOTikkHTirXOtaBdA1eWUxzZQ8g9O2FVzeY464tlgj5PU9AImGWQM6YStPEnqvEa2cI2ehPy8FmWYM7gyldpRZzfmu93wYARq3YB25mI46sNNImZA12O60mFE6uQshQExw&sai=AMfl-YRcjboCGj5y7dmO39WbXLdViJ7zPupV1S0vUk78ujNR2lpdqYJpJrM4PeUWmjPicU7QgQ0tYMC11DjyFApW9ZaKx4TIZiARZJtB3fok&sig=Cg0ArKJSzDVw_8tqFwlJEAE&urlfix=1&adurl=
Frame ID: 4041B5CB23BBA9C030CE32B5885C31CB
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: EA2A4129384BFBF7DB561732E388B798
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 6C9C54BA0D4E49AB1A7ED52D8B0E0C74
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js
Frame ID: 1772F82A144E795CF802D0A36A317F09
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 17527E707A7126AECAFA1F51FF687BEC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvk7L9baItMNvqyKXUn2oTjdIQ_-qCTbVVGQcE9fJFpNsFyrjoAUCkqJbH6Fqivj_PoBsdVXaA8gq8q5BzVSJtMHe716EvJHVJfW91cff4f8dWIzHlVLG5ISpMWOW2oRUS6DrLHUxS9NjSAm40yuN59-kCi9AMUpXAYthy6UC05vh_GHMoGo04fXhOB1e5Z_0b1xsBNNwD3m1WLJ2fRHgkH8nQn6EUYjyoL9OJIhFVyfavqJkBdqqP_eclvE50yy9yMQOBAjE4sA&sig=Cg0ArKJSzF6pqA_W8tZ5EAE&urlfix=1&adurl=
Frame ID: BA81DB0F19A43B4B6D9094D83B825E69
Requests: 4 HTTP requests in this frame

Frame: https://cmp.teads.mgr.consensu.org/index.html
Frame ID: F3DB3C6252F880856F8D3E9DB44993AF
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=95778&userId=b43d0b86-6022-4ee2-8fb7-9dacb6504215&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&env=js-web&1570615925218
Frame ID: 6E147F3F0884F2830BF570DE9D6AC345
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

129
Requests

97 %
HTTPS

62 %
IPv6

29
Domains

42
Subdomains

34
IPs

7
Countries

3123 kB
Transfer

7682 kB
Size

8
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MissBloom.gr
Title: γιατί μυρίζει το στόμα μου

Search URL Search Domain Scan URL

URL: https://twitter.com/missbloomgr
Title: τρια πεντε πηγαδια live cam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/missbloomgr/
Title: ποτε θα παντρευτουμε μανωλιο μου

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCotisottYVdSch2d0Vy-bxg
Title: γερμανικα β γυμν βιβλιο μαθητη

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BJwAgHvAlt9/
Title: ταβερνα η κανουλα θεσσαλονικη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/omorfia/best-beauty-buys/ta-nea-meik-ap-pou-molis-ekanan-tin-emfanisi-tous-ti-prosferoun-kai-poso-kostizoun
Title: Τα νέα μέικ απ που μόλις έκαναν την εμφάνισή τους | Τι προσφέρουν και πόσο κοστίζουν

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/moda/faii-skorda-forese-tin-apolyti-tasi-stis-foustes-pou-tha-doume-pantou-fetos
Title: Φαίη Σκορδά | Φόρεσε την απόλυτη τάση στις φούστες που θα δούμε παντού φέτος - Missbloom.gr

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/gossip/c132043/Giannhs_Boyros-Oi_proswpikes_apokalyyeis.html
Title: Γιάννης Βούρος - Οι προσωπικές αποκαλύψεις για τα τρία διαζύγια & τη σχέση με τις πρώην...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/bloggers/analyse-to/analyse-to-oi-kathimerines-synitheies-pou-mporeis-na-kathieroseis-kai-na-simainoun-polla-gia-to-paidi
Title: Ευχάριστα νέα για γνωστό ζευγάρι της ελληνικής showbiz | Θα αποκτήσουν κι άλλο παιδί! - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.shape.gr/diatrofi-adynatisma/syntages-me-liges-thermides/efkola-mpiskota-vromis-me-milo
Title: Εύκολα μπισκότα βρώμης με μήλο

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/thodoris-atheridis-i-fotografia-agkalia-me-to-neogennito-engono-tou/?fbclid=IwAR39TtbDOzjHRY7jjvt5PIfukGTTJVvDQ7eBDAAZyNKv-0DgrGm-eul1eks
Title: Θοδωρής Αθερίδης | Η φωτογραφία αγκαλιά με τον νεογέννητο εγγονό του

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/goneis-gia-defteri-fora-antonis-kanakis-kai-epistimi-mponou/?_gl=1*9fs8tk*_ga*QmhLTDI5NE9iYmQ2OHUweVVoWXJ3MlB6Z1BzRFhiazNDcDRkNGNwRFJTRFRnb2RDTXFQZjN3bnNFbDFqSzV5dg..
Title: Γονείς για δεύτερη φορά Αντώνης Κανάκης και Επιστήμη Μπόνου! - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/tzeni-mpalatsinou-einai-egkyos/?_gl=1*j37gry*_ga*YW1wLWl1cWN4TmVlSGluRnFnNDByTEhFN21HWS1yRTgtdmNtRkxRdmhsLXNRMTJKeWpYTkxGWnE1TENSRWZjSkVwQkY.
Title: Τζένη Μπαλατσινού | Είναι έγκυος; - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.madamefigaro.gr/moda/taseis/114553/h-charlize-theron-me-dior-plise-fousta-apo-ti-nea-sullogi-tis-maria-grazia-chiuri?fbclid=IwAR1y1mqJTo-BeWvPhxetbIzgrmCmwBDTGEjngiJoQLVS2AfL1kiMdLAqflQ
Title: H Charlize Theron με Dior πλισέ φούστα από τη νέα συλλογή της Maria Grazia Chiuri

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/chamenes-sti-genna-echeis-proseksei-tin-omoiotita-tis-ilianas-papageorgiou-me-afti-ti-pasignosti-star
Title: Έχεις προσέξει την ομοιότητα της Ηλιάνας Παπαγεωργίου με...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/i-nea-emfanisi-tis-despoinas-vandi-me-tin-kori-tis-pou-tis-eidame-kai-ti-epeleksan-na-foresoun/?fbclid=IwAR3G_YXJnCXNYiB2S-ARoHoTSOZ0KfrTNAVtxpaYdoJ35hlGgwv5UtTn8CM
Title: Η νέα εμφάνιση της Δέσποινας Βανδή με την κόρη της | Πού τις είδαμε και τι επέλεξαν να φορέσουν...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/moda/i-zara-olosomi-forma-tis-zetas-makrypoulia-einai-oti-chreiazesai-gia-tis-fthinoporines-sou-emfaniseis/?_gl=1*bj1z1m*_ga*YW1wLUZtWU5Jd29YWW5peU5yUFF0OUgzYjZxa3EtM1g3dnRUUVExQVNVSG5VZXhzV1NxVWJ4eVd4cHNSZlNjemVaZHY.
Title: Η Zara ολόσωμη φόρμα της Ζέτας Μακρυπούλια είναι ό,τι χρειάζεσαι για τις φθινοπωρινές σου...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/savvas-poumpouras-areti-theocharidi-oi-etoimasies-gia-to-domatio-tis-koris-tous-pics/?fbclid=IwAR1EAmI_0jHf9TzpmUAo680BVLCHKRA4UnxLqcoWTQ0EvtdTfKrgnEh7a9w
Title: Σάββας Πούμπουρας - Αρετή Θεοχαρίδη | Οι ετοιμασίες για το δωμάτιο της κόρης τους (pics)

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/maria-kitsou-pascho-apo-katathlipsi-palevo-na-to-antimetopiso-me-farmakeftiki-agogi-kai-psychotherapeia/?_gl=1*qgizj0*_ga*QmVwYkdlWVVWRkdmRnR4dGQxYVgzWGJlQnotTXJuZXd2ME9uazg2Z20xbWR4N1BPN0ZEUHNjWTRTUXBIelJNdA..
Title: Μαρία Κίτσου | «Πάσχω από κατάθλιψη! Παλεύω να το αντιμετωπίσω με φαρμακευτική αγωγή και...

Search URL Search Domain Scan URL

URL: https://www.shape.gr/ygeia/zise-ygieina/mporei-to-poly-nero-na-vlapsei-tin-ygeia-sou
Title: Μπορεί το ΠΟΛΥ νερό να βλάψει την υγεία σου;

Search URL Search Domain Scan URL

URL: http://www.capital.gr/
Title:

Search URL Search Domain Scan URL

URL: http://gr.askmen.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.madamefigaro.gr/
Title:

Search URL Search Domain Scan URL

URL: https://www.shape.gr/
Title:

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/
Title:

Search URL Search Domain Scan URL

URL: http://atticamediagroup.gr/pres/
Title: ανώτερος κινητικός νευρώνας

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

Request Chain 59

https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref= HTTP 302
https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref=&Rdt=On

Request Chain 130

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=07052717&cs_ucfr=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=07052717&cs_ucfr=1

129 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ceheckupalert.cf/ 49 KB
14 KB 186ms
93ms Document
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

:method: GET
:authority: ceheckupalert.cf
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 09 Oct 2019 10:12:03 GMT
content-type: text/html
set-cookie: __cfduid=d097495a7be49bdb5d956ac2b7d637d651570615923; expires=Thu, 08-Oct-20 10:12:03 GMT; path=/; domain=.ceheckupalert.cf; HttpOnly
last-modified: Sun, 10 Feb 2019 16:02:05 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 522f92f2e922cbb4-VIE
content-encoding: br

GET
H2 200 579d0.single.include.4e2fc8.css
ceheckupalert.cf/wp-content/cache/minify/ 221 KB
42 KB 112ms
110ms Stylesheet
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288671e40e2ef46fbcbcae204e961e3c55da9137d9511f3e36bf4167240dbd59

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f38ae8cbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H2 200 579d0.default.include.3de91f.js Show response
ceheckupalert.cf/wp-content/cache/minify/ 79 KB
15 KB 122ms
121ms Script
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3174003a7f82a954d93d77cb0164bbfce6139b9640bb2276337d8f1d6c599eda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f38aeccbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15249866
status: 200
served-in-seconds: 0.005
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 522f92f38c87cb9c-VIE
expires: Mon, 28 Sep 2020 10:12:03 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 49ms
48ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 15249865
status: 200
served-in-seconds: 0.025
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:36 GMT
server: cloudflare
etag: W/"5afd48ec-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 522f92f38c89cb9c-VIE
expires: Mon, 28 Sep 2020 10:12:03 GMT

GET
H2 200 style.css
ceheckupalert.cf/wp-content/themes/mb17s/css/ 292 KB
57 KB 97ms
96ms Stylesheet
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 354d4c7d0db4d65289bdf9d1ba2cda998bfbf9666b43857362342081ff73e073

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f38ae9cbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H/1.1 200
OK smarttag.js Show response
tag.aticdn.net/ 69 KB
20 KB 21ms
6ms Script
application/javascript 23.45.99.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/smarttag.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.146 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6992a363089c36fa4062ca560b548b91ce64abb21bba3412a60a8e1636577ef1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: m6f0QPETjhlLaItJRc8eYysGszs2C5zg
Content-Encoding: gzip
Last-Modified: Wed, 17 Jul 2019 13:46:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=600
Date: Wed, 09 Oct 2019 10:12:03 GMT
Connection: keep-alive
Content-Length: 20114
X-Amz-Cf-Id: RlXiLSj1H-AYQLw1tR3ek2G_rgAHa_phbmaD2sbWSEVMifVOwgdWhA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 44 KB
15 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b73045049b4e53b957e25b68ad1afcf18233b0f3e39244051750d57c97cb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "303 / 432 of 1000 / last-modified: 1570563527"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:03 GMT

GET
H2 200 main.js Show response
ceheckupalert.cf/wp-content/themes/mb17s/js/ 184 KB
32 KB 91ms
91ms Script
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287b0682d5ff7ad624ad8f42d41b25414be319535fba1da217394327015ad811

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f38aedcbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H2 200 missbloom-logo-p.svg
ceheckupalert.cf/wp-content/themes/mb17s/images/logo/ 39 KB
39 KB 123ms
123ms Image
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ceheckupalert.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f38af3cbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H2 200 Screenshot_1-6.jpg
files.missbloom.gr/2016/09/ 68 KB
68 KB 41ms
13ms Image
image/jpeg 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-248.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=86400
last-modified: Mon, 05 Sep 2016 10:31:56 GMT
server: nginx
etag: "57cd499c-10f17"
content-type: image/jpeg
status: 200
cache-control: max-age=8640000
date: Wed, 09 Oct 2019 10:12:03 GMT
accept-ranges: bytes
content-length: 69399
expires: Fri, 17 Jan 2020 10:12:03 GMT

GET
H2

200

47c7ec92d91e.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 07 Oct 2019 18:33:30 GMT
x-fb-trip-id: 1679558926
status: 200
etag: "47c7ec92d91e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4822

Redirect headers

status: 302
date: Wed, 09 Oct 2019 10:12:03 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type: text/html; charset=utf-8

GET
H2 404 4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 102ms
102ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 gb-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 110ms
108ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 va_content.vast.js Show response
www.vidads.gr/scripts/ 290 KB
76 KB 81ms
14ms Script
application/javascript 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/scripts/va_content.vast.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 08:53:51 GMT
server: nginx/1.12.2
etag: "4863f-58d63eed44726-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-route: http1
accept-ranges: bytes
expires: Wed, 09 Oct 2019 11:12:04 GMT

GET
H2 404 64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/ 0
0 130ms
128ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/ 0
0 118ms
116ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/ 0
0 140ms
138ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/ 0
0 140ms
138ms Image
text/html 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 preloadBar.gif
www.capital.gr/Content2017/images/ 25 KB
25 KB 95ms
93ms Image
image/gif 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
last-modified: Tue, 04 Dec 2018 16:43:52 GMT
server: Microsoft-IIS/8.5
etag: "691c58af08bd41:0"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 25323

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 31ms
7ms Script
application/javascript 2600:9000:2043:9c00:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2043:9c00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 13 Jul 2019 16:07:12 GMT
via: 1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2019 15:46:11 GMT
server: AmazonS3
age: 38041
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA54
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: RNudpmdqFkR1UyiylGEqhDDN7BLWBYTy5_ds_W7kuyX0mR57NdqGDg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 103 KB
37 KB 39ms
27ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3a38fb11b35e03d606e3dd1ace0d500eb5facda29048b787509a024d61e43199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 36811
x-xss-protection: 0
server: cafe
etag: 11363827166158723802
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 43ms
16ms Script
application/javascript 2606:4700:1::6813:8c4a
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:1::6813:8c4a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 878
etag: W/"41d0df615391610e30ff0de59eb02d17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 522f92f54a668c80-VIE
expires: Wed, 09 Oct 2019 22:12:04 GMT

GET
H2 200 wp-embed.min.js Show response
ceheckupalert.cf/wp-includes/js/ 54 KB
13 KB 105ms
104ms Script
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://ceheckupalert.cf/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e86ff27dadecd2f8edecf4a06af83984161f03c0249ced4f7a76e183876a2f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 10 Feb 2019 16:02:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f3dbf2cbb4-VIE
expires: Wed, 09 Oct 2019 14:12:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 118
date: Wed, 09 Oct 2019 10:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 09 Oct 2019 12:10:06 GMT

GET
H2 200 pubads_impl_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ 157 KB
58 KB 40ms
40ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58949
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:03 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
175 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=ceheckupalert.cf

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET 482
t.qds.ninja/t/ 0
0

GET
H2 200 xtcore.js Show response
www.missbloom.gr/ 19 KB
8 KB 102ms
101ms Script
application/javascript 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.missbloom.gr/xtcore.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2015 09:49:24 GMT
server: nginx
etag: "5656d5a4-4ae0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 7522
expires: Wed, 23 Oct 2019 10:12:04 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 46ms
46ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924022&dlt=1570615923752&idt=241&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

91147865f6acf48409932eca153d90abd430baa50bd62c327c1fe6889a0472f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4889
x-xss-protection: 0
google-lineitem-id: 5184028794
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289447612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019100301.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
24 KB 40ms
40ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 13:06:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24653
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
692 B 40ms
39ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924032&dlt=1570615923752&idt=241&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

8f10ac4bf8584985da730e6e1119a4eec3cacd73701c35b6978b34243ac35fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 198
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 182ms
182ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924035&dlt=1570615923752&idt=241&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

3015206d8a03a845f972ad974607bac3ccc962a8b2df2ef568f71a03b530ad69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2695
x-xss-protection: 0
google-lineitem-id: 5189058853
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289784343
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 385 B
361 B 193ms
192ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924041&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

623789950e8c1b290490c87733187d699f70d85e6aaf8dda5cf9e27ace590efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 200
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 298ms
298ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924046&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

19b9736385f68f3d03653ae3a433942e3e8da44f26270201684613084838476e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2148
x-xss-protection: 0
google-lineitem-id: 5188927672
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289981996
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 398ms
398ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924055&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

213481b9bffdfee720f1865261266f9c07c782ec4683e15e0576587bfe090d96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4975
x-xss-protection: 0
google-lineitem-id: 5188855858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289973743
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _yalla_loader.js Show response
widget.yallarec.com/ 78 KB
20 KB 39ms
7ms Script
application/javascript 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.yallarec.com/_yalla_loader.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 30bb44eb9bb1a328d7fb4f1f8eecf39633f00d8cd2533a9b9904390eab566c02

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Oct 2019 09:54:40 GMT
Server: nginx
ETag: W/"5d9c5ce0-137f2"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 20149
Expires: Wed, 09 Oct 2019 12:12:04 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
5 KB 592ms
591ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924072&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3492&adk=3543098062&uci=7&ifi=7&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6f94cf11a61ea632fbd21ad68927ecf4c388bde951f98100446786bf16bc724a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4894
x-xss-protection: 0
google-lineitem-id: 5192921027
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138290478631
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 639ms
639ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924077&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3742&adk=1034747580&uci=8&ifi=8&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

255cfa79e3fa1a3d6312d7b09d1e4d61baabc260e79353f43a2add62ccb77913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4773
x-xss-protection: 0
google-lineitem-id: 5182801829
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288530916
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 394 B
481 B 648ms
647ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924082&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3992&adk=926066986&uci=9&ifi=9&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

1f5f917a39d8e46f3ed87cd20cef5d136541e30bdaf61b9b5ce165d22073fbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 207
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
477 B 750ms
750ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924099&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5990&adk=1019512580&uci=a&ifi=10&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=40&icsg=34351808&std=0&csl=77&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x90&msz=1569x90&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

6177205c8b9c5aa1734f0f1999b22194a2237cbe1d7944d9790058f3f588bc84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 missbloom-logo-p.svg
ceheckupalert.cf/wp-content/themes/mb17s/images/logo/ 64 KB
64 KB 18ms
17ms Image
text/html 2606:4700:30::681c:49d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ceheckupalert.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:49d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 10 Feb 2019 16:02:04 GMT
server: cloudflare
age: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: public, max-age=14400
cf-ray: 522f92f5b9a0cbb4-VIE
expires: Wed, 09 Oct 2019 14:12:04 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ 20 KB
7 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "beb093e69c81d951"
age: 1168126
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7119
x-xss-protection: 0
server: sffe
date: Wed, 25 Sep 2019 21:43:18 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 24 Sep 2020 21:43:18 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ Frame CE81 252 KB
69 KB 31ms
13ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "96c1a383c63a0e85"
age: 48173
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 70044
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:49:11 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:49:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909241711100/v0/ Frame CE81 150 KB
41 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "31e12d286572e15e"
age: 47883
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40838
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:54:01 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:54:01 GMT

GET
DATA 200
OK truncated
/ Frame CE81 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfb7980c8939e03715b8a4f55dccdfdf50b348a95c07cd2b150fb442ec7baae8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6229169118696576186
tpc.googlesyndication.com/simgad/ Frame CE81 293 KB
293 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6229169118696576186

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

650f355426c2a3704e1aa23ccca4f65788eecbe3e7b9bdcb1632ff3834737186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 09:41:27 GMT
x-content-type-options: nosniff
age: 520237
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 299599
x-xss-protection: 0
last-modified: Mon, 30 Sep 2019 12:42:28 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Oct 2020 09:41:27 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CE81 0
129 B 28ms
28ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEDorKE3VOBCnpmowcQNbtQOIKFQnKf38fQaz3ceDXLlEI1RWwMh3EhHDCcXtY8qEngKFlO-6LNhqRXPw913BHkVLX3A7DY6zxkuk3jvlhR27csaXHlkwtYC-kMj-t4d3d9V7_r1MJ_msZt-guWP1MF_MUZfgzK4fDT0EYtqGA2CNVQ07egNjlHQgvtkAgyV3xiyNxiZp7xiDrP3eTKKHJN1AOJLi5UYRXIH7NPIbkQI-FaNgZEnlU3sasf3xVomym8y0ulbZO&sai=AMfl-YRtz9zDl_MMnVVFO0nLsnqQ2kHUSbeGsdfvJjFBgUNQ1GW17Zib0bvL5ZF0shAjWcUoOMyoHWGvTLtiRnFcr-d6b-MSP3wcyblJG_RN&sig=Cg0ArKJSzE1dW0Iqhrp6EAE&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31625
x-xss-protection: 0
pragma: public
x-fb-debug: JgFNH/dVFXoZcNgYIT3mkzvkGVgFjwwAh/uWklLzhvhH+C87vXi5WEZbDywoLdIdRWAPyNGoQ+NgGm9t6aCHvQ==
x-fb-trip-id: 2069546604
x-frame-options: DENY
date: Wed, 09 Oct 2019 10:12:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 728ms
726ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3958752144071127&correlator=1385956725676652&output=ldjh&impl=fif&adsid=NT&eid=21064756%2C21064521&vrg=2019100301&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191009&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie=ID%3D3dce719b72d1bfcd%3AT%3D1570615924%3AS%3DALNI_Ma1BTHPz8JGAQElB_Gke8uGNK4iQw&cookie_enabled=1&bc=31&abxe=1&lmt=1549814525&dt=1570615924130&dlt=1570615923752&idt=241&frm=20&biw=1585&bih=1185&oid=3&adx=8&ady=7847&adk=343001862&uci=b&ifi=11&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fceheckupalert.cf%2F&dssz=49&icsg=549628930&std=0&csl=81&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1569x7839&msz=1x-1&psts=CicI-oD4pxPoAbyFxpWDBIICDL2bjwGXnI8Bh7bJLNECrxG2D6nQuT8&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

9e965f8956c4263f7fcdcab38967322f0c04476c58ae617fca15cc74bf2a65fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1798
x-xss-protection: 0
google-lineitem-id: 4513156319
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138219435056
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 exitbee.js
app.exitbee.com/c/366/ 0
0 104ms
30ms Script
text/html 35.240.50.85
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.exitbee.com/c/366/exitbee.js

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

openresty/1.15.8.1 / PHP/7.2.13

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
server: openresty/1.15.8.1
status: 403
x-powered-by: PHP/7.2.13
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 429 /
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame 64BD 0
0 119ms
118ms Document
text/html 2a03:2880:f22d:e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fceheckupalert.cf&rp=%2F

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=https%3A%2F%2Fceheckupalert.cf&rp=%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://ceheckupalert.cf/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

status: 429
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Wed, 09 Oct 2019 10:12:04 GMT
content-length: 20614
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-aed: 11
x-fb-trip-id: 1679558926

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame B6EE 0
0 27ms
7ms Document
text/html 35.157.22.81
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=267600796&gdpr=&gdpr_consent=&url=https%3A%2F%2Fceheckupalert.cf%2F&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22https%3A%2F%2Fceheckupalert.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.22.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-157-22-81.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://ceheckupalert.cf/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Wed, 09 Oct 2019 10:12:03 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AF4e0BzY5daZi43HYAMHmMKqQTWK46%2Be2;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlMG70JTBu9AAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 2 KB
1 KB 76ms
76ms XHR
text/xml 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.12.2 / PHP/7.2.23

Resource Hash

960f41cbfbb6407a53c8c3bca480540fbab4ad9870f7708673b6c750813c9d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PHP/7.2.23
status: 200
pragma: no-cache
x-route: http1
last-modified: Wed, 09 Oct 2019 10:12:04 GMT
server: nginx/1.12.2
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-time: 0.073755979537964
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/ 232 KB
86 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 87365
x-xss-protection: 0
server: cafe
etag: 4488748446277364222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/ Frame CB47 232 KB
85 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 87365
x-xss-protection: 0
server: cafe
etag: 4488748446277364222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/ Frame 8E85 0
0 5ms
5ms Document
text/html 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191003/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://ceheckupalert.cf/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 03 Oct 2019 14:46:35 GMT
expires: Thu, 17 Oct 2019 14:46:35 GMT
content-type: text/html; charset=UTF-8
etag: 8648543205226238674
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7402
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 501929
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: widget.yallarec.com
URL: https://widget.yallarec.com/_yalla_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 20:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 739556
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Sep 2020 20:46:08 GMT

GET
H/1.1

200
OK

hit.xiti
logws1312.ati-host.net/
Redirect Chain

https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref=
https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref=&Rdt=On

35 B
160 B

11ms
11ms

Image
image/gif

104.111.218.100
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref=&Rdt=On
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.218.100 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-218-100.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://logws1312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=1212049970657&jv=0&re=1600x1200&vtag=4.5.7&hl=12x12x4&r=1600x1200x24x24&ref=&Rdt=On
Date: Wed, 09 Oct 2019 10:12:04 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 1047335965285668 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1047335965285668?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

555e2df1a53da9be6bc2000971bddbcfc98a0489cfbdf9222afa6cdee2c8cdcd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79754
x-xss-protection: 0
pragma: public
x-fb-debug: lgEU/D4SO+IAM6lv7KZ+LmO6RCXf8bKXVpF6tXlspmmN+PBSvOaUPxgYk+KHdqlxI+4zndgNLBHk8vF4ewUyCg==
x-fb-trip-id: 2069546604
x-frame-options: DENY
date: Wed, 09 Oct 2019 10:12:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 400 ads
googleads.g.doubleclick.net/pagead/ Frame DC0D 0
0 17ms
17ms Document
text/html 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fceheckupalert.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570615924156&bpp=9&bdt=404&fdt=70&idt=70&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8195911500099&frm=20&pv=2&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&ga_fc=0&iag=0&icsg=35176251427&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21064521%2C21064756&oid=3&pvsid=3958752144071127&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=11&uci=b.52n2en6b6iks&fsb=1&dtd=81

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191003/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fceheckupalert.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1570615924156&bpp=9&bdt=404&fdt=70&idt=70&shv=r20191003&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8195911500099&frm=20&pv=2&ga_vid=1731884639.1570615924&ga_sid=1570615924&ga_hid=607585510&ga_fc=0&iag=0&icsg=35176251427&dssz=57&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21064521%2C21064756&oid=3&pvsid=3958752144071127&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1040&bc=31&ifi=11&uci=b.52n2en6b6iks&fsb=1&dtd=81
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://ceheckupalert.cf/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

status: 400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 09 Oct 2019 10:12:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUncGUE-P8gJDWqCuEtOn3qDeo29_3555O3c-OxztpvQ0acz90Xij51EurhX; expires=Mon, 02-Nov-2020 10:12:04 GMT; path=/; domain=.doubleclick.net; HttpOnly
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c13320ecdbc48b4d2d3afedbc3e98bc377a4c648ab361bb7c6529af1313057b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570488230944156"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29093
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame A34B 0
75 B 30ms
29ms Fetch
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE1eZXBbo7j5ax3E9pqnIK_6m0VdLtAr1Pa3J3fluLLTDAiDQe3yKKLBngS0PzHQl3THoWbd7GWW86O7wMAnvO7tzuVYFNWD3SSBFgY8Bm7wOrY1fNyGbF2UFcwPTnimXKZUvncaAOPoDMppzzSjB5IK1l77chCwBNQPX90HYuPJ6lEs6_rRamR0IMSSElTaA0I-zevcfu_yw1k6Sb_eLoMWUo0kqvQc2eJzf4SQ_8u-97R-RorFCEo6QkW53UKoyscYSmwhFEpmg&sai=AMfl-YSEIT2wyrodRdTVrTyrNmO9IclAUMOahbJmrjGfGDA7OWSd4JhiUl8ouxV-5kyxobHC8JIFlD87Y_XJI_9wsLOQ8B7bivM2qDea7GXpaA&sig=Cg0ArKJSzGw5w_0jGXsTEAE&urlfix=1&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A34B 78 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b97fec3e6934342f0e375c750de3c8d093b41a79dca0eeff4a64bfa1ecec8f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570488230944156"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29611
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 970.jpg
files.capital.gr/banners/ftp/bazaar970x250/ Frame A34B 48 KB
48 KB 22ms
8ms Image
image/jpeg 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.capital.gr/banners/ftp/bazaar970x250/970.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c88be2a7d22efe3d848601100d7681d6510d10e3fee319fc6963883a3c3ac022

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
last-modified: Fri, 04 Oct 2019 14:43:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "9d85e24c27ad51:0"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 48947

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 38ms
38ms Image
image/gif 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&r=300x150%7C300x100%7C300x120%7C300x110&w=234&h=60

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: LGDDPvgS87CX+oqqbx6diZjQ6k+3TY5s2Lr8c3piGcLOEmilwHRuj3QdFxAyj8qvgw+cWf/VY72qYEFDTkLlvA==
x-fb-trip-id: 2069546604
x-frame-options: DENY
date: Wed, 09 Oct 2019 10:12:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame A34B 64 KB
0 21ms
15ms Media
video/mp4 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-
Accept-Encoding: identity;q=1, *;q=0

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 0-659933/659934
Cache-Control: public, max-age=39
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 659934

GET
H/1.1 200
OK getrecs.json Show response
api.yallarec.com/rec-api/ 28 KB
10 KB 171ms
91ms Script
application/javascript 95.142.20.17
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_24302231011255504&pubid=185585&webid=175457&wid=117200&recsnum=15&url=https%3A%2F%2Fceheckupalert.cf%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=246c3399-80d8-2bde-23e2-71dec3c26ec9&rndid=24302231011255504
Requested by: Host: widget.yallarec.com
URL: https://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-20-17.purepeak.com
Software: nginx /
Resource Hash: f49380b76d301f158554ef92e40dcbcde8042e811b71e942de50a6fa7b7ee463

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-language: en-US
cache-control: no-cache, no-store, max-age=0
transfer-encoding: chunked
content-type: application/javascript;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=https%3A%2F%2Fceheckupalert.cf%2F&rl=&if=false&ts=1570615924316&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1570615924315.1527120154&it=1570615924195&coo=false&rqm=GET

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
DATA 200
OK truncated
/ Frame A34B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1db91ad4b8a95ebdd04032286c8a7cbd625dd80929d55e692a44f30432533ac8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4041 0
129 B 28ms
27ms Fetch
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuETBtjcTcplMoYqD9OwW10kieDGOsYehR3RF-bzy5KUKNN4ewjdNiMsqEbljcRjLyxQcougoEYlDurPfq2mX06UGJ-64u_YHZbvJaBivSs7bgibYII3wD64_ghwIPAKUU3gC5MmiPK2LCtAbOTikkHTirXOtaBdA1eWUxzZQ8g9O2FVzeY464tlgj5PU9AImGWQM6YStPEnqvEa2cI2ehPy8FmWYM7gyldpRZzfmu93wYARq3YB25mI46sNNImZA12O60mFE6uQshQExw&sai=AMfl-YRcjboCGj5y7dmO39WbXLdViJ7zPupV1S0vUk78ujNR2lpdqYJpJrM4PeUWmjPicU7QgQ0tYMC11DjyFApW9ZaKx4TIZiARZJtB3fok&sig=Cg0ArKJSzDVw_8tqFwlJEAE&urlfix=1&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 adman.js Show response
static.adman.gr/ Frame 4041 114 KB
34 KB 64ms
17ms Script
application/javascript 2606:4700:10::6814:5e4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adman.gr/adman.js
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5e4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe19067e431861b4c27909bd88d0b0cbabb4eeb9d26aa14cf72fc1d6244a8263

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 07:40:29 GMT
server: cloudflare
age: 1066
etag: W/"5d9c3d6d-1c74e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 522f92f7bf23594c-VIE
expires: Wed, 09 Oct 2019 12:12:04 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4041 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b97fec3e6934342f0e375c750de3c8d093b41a79dca0eeff4a64bfa1ecec8f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570488230944156"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29611
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame A34B 36 KB
37 KB 11ms
6ms Media
video/mp4 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6692aa46b1a53011edfeb6967b3d1478207638d7cedca145f167d815ac6898eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=622592-
Accept-Encoding: identity;q=1, *;q=0

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 622592-659933/659934
Cache-Control: public, max-age=39
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37342

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame A34B 69 KB
0 6ms
5ms Media
video/mp4 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=65536-
Accept-Encoding: identity;q=1, *;q=0

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 65536-659933/659934
Cache-Control: public, max-age=39
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 594398

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ Frame EA2A 252 KB
69 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "96c1a383c63a0e85"
age: 48173
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 70044
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:49:11 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:49:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909241711100/v0/ Frame EA2A 150 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "31e12d286572e15e"
age: 47883
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40838
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:54:01 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:54:01 GMT

GET
DATA 200
OK truncated
/ Frame EA2A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12d13a9a9144ad9ba3725c3d0755000efcfdb7d72bc67656010729cca926739d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 857511230055581611
tpc.googlesyndication.com/simgad/ Frame EA2A 90 KB
90 KB 8ms
8ms Image
image/gif 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/857511230055581611

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b744b132ff0fa63608e10e12c7191442b2bb402c3e06c8c558f274af6da1b45c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 09:33:23 GMT
x-content-type-options: nosniff
age: 520721
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 91648
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 09:23:08 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Oct 2020 09:33:23 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA2A 0
57 B 27ms
27ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4G4Zk2iQISafIrzgLMepgCJtpnh30hvfFA1giW1b7vNdvyO42af58Oc26WHgj8b8crd0GOKrKM83zR8xdxoSdNkXYHAbVHOg246V0muK7A0HgxE0upwTE5tiMN3-8um4PQ3FkKhfpAi8ADuLD6N0xLA64N6O8-YHusL5F1MxavmBniRnf06jHzwcLHls79HsQYal0ijrppuhcVe-_Y4_-ZP9-XGrwznPdJna583W_78slDnlzhRCIbBfDNUR39Uu_mymftBe6sfqV1CLJ2-RY0C8&sai=AMfl-YTt0cFOKIN_DRKQCjIwDy_1-5HLuywskYryxL4260DzaEHWtWdOkoBJPZf3HfAotJL3_51jYl_MLZYVmAW47llNCSxhh2QLL6_VePdBUQ&sig=Cg0ArKJSzPzYxydDGm72EAE&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adman.js Show response
static.adman.gr/ 114 KB
34 KB 18ms
17ms Script
application/javascript 2606:4700:10::6814:5e4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adman.gr/adman.js
Requested by: Host: static.adman.gr
URL: https://static.adman.gr/adman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5e4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe19067e431861b4c27909bd88d0b0cbabb4eeb9d26aa14cf72fc1d6244a8263

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 07:40:29 GMT
server: cloudflare
age: 1066
etag: W/"5d9c3d6d-1c74e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=7200
cf-ray: 522f92f7ff64594c-VIE
expires: Wed, 09 Oct 2019 12:12:04 GMT

GET
H/1.1 200
OK / Show response
bold.adman.gr/gbanner/ Frame 4041 176 B
594 B 111ms
19ms Script
application/x-javascript 95.211.185.110
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://bold.adman.gr/gbanner/?1570615924471|27800/300x250?23670:=1570615924471@300x250x24?/&cab=_&v=6

Requested by

Host: static.adman.gr
URL: https://static.adman.gr/adman.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.211.185.110 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

rishi.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

13b5234626ca34e053f01ea31ff47ace2dc2cd404ffd608b96b1c061e2a05ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 176
Content-Type: application/x-javascript; charset=iso-8859-7

GET
H/1.1 200
OK yalla_crt_loader.js Show response
widget.yallarec.com/ 13 KB
3 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.yallarec.com/yalla_crt_loader.js
Requested by: Host: widget.yallarec.com
URL: https://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Oct 2019 09:54:40 GMT
Server: nginx
ETag: W/"5d9c5ce0-342f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 3239
Expires: Wed, 09 Oct 2019 12:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.dsquared2_2D2053_2Dss16_2Dpw_5Fhigh2_2_145105_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/36/36/5f/ 9 KB
10 KB 59ms
35ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/36/36/5f/files.missbloom.gr.dsquared2_2D2053_2Dss16_2Dpw_5Fhigh2_2_145105_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2b5654822d205d50205ccf19714e53d24adbb4c27ef1a45a2742aa57653e334

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 09 Oct 2019 09:55:27 GMT
Server: AmazonS3
x-amz-request-id: 8D8A534DD898717E
ETag: "37304ed60f2035949a6532507b331c7b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9589
x-amz-id-2: JNN1yk7f+GpDzQQAIQor1Dfzt728h/86gkKFFmeNfBO5ZDScyp0A11QQ/nfAUSpcc37zuvUoyro=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_2D1_2_104910_2.png
img9-api.yallarec.com/e4/6d/website_175457/26/d6/70/ 12 KB
12 KB 100ms
75ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/26/d6/70/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_2D1_2_104910_2.png
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d5cc0ee8dfcf9c9d68af4f3f1b32ba2c080f9a8c323292fe9ad2236bbb59bab

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Thu, 19 Sep 2019 15:34:01 GMT
Server: AmazonS3
x-amz-request-id: F816D6B633E63A30
ETag: "a639a1034908719f2a3db4141df469fa"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11912
x-amz-id-2: /d/yQWA65YJd3rHbHzHm+50h5loiiLkuA5HHQEsP//Z6pd5P5Vmgfv17chJ57HmPfQRYUJkZEPI=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK yupiii.gr.60e155d40fccecf6b46995b8f88aed01_2_187989_2.png
img9-api.yallarec.com/98/c6/website_175458/14/e5/73/ 14 KB
14 KB 47ms
23ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/98/c6/website_175458/14/e5/73/yupiii.gr.60e155d40fccecf6b46995b8f88aed01_2_187989_2.png
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef57c387ae10c69fbb2e049075131e7135646ec912566b14f9f6bbe062a2c1d2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Tue, 08 Oct 2019 12:05:11 GMT
Server: AmazonS3
x-amz-request-id: FD2E460BF4608B19
ETag: "fcdc56be0e138364db57ce31c6d528b6"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13965
x-amz-id-2: W/J4b3o+CKCKeUb2Ut+s7lWVbk0hH7xRxmSheoUhAvB4fpWz9QL5iWnBypue0ur8nWILnDv0OwA=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.quizcover_2_164077_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/8f/49/b0/ 12 KB
13 KB 69ms
45ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/8f/49/b0/files.missbloom.gr.quizcover_2_164077_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04ae16d58455e1d89bb2e089d29a9b20c3f8c8ebc3f5ba4568b985a2e31f628d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 11 Sep 2019 12:29:51 GMT
Server: AmazonS3
x-amz-request-id: CC836105FF4E84CD
ETag: "4b6fe0b599a376eae5ef2b970b44679f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12650
x-amz-id-2: H8sQgUo5tXazBRgJDkaRLIX1neqCIvGfJ+XtS2oEsclYPdBrDgZHCbUepwKKqWxANx5kyzyvS64=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.biskota_2Dvromi_2Dmilo_2_147475_2.jpg
img9-api.yallarec.com/dc/64/website_175460/c8/59/2b/ 16 KB
17 KB 52ms
27ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/dc/64/website_175460/c8/59/2b/files.missbloom.gr.biskota_2Dvromi_2Dmilo_2_147475_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd48037f56fa66784e41bcd96fbafe2a1e3aa8a568b4154d76addd1ea9f4da9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 09 Oct 2019 02:10:58 GMT
Server: AmazonS3
x-amz-request-id: A6A6727F21428BD2
ETag: "03c0de08991d123572458b77894c27cb"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16846
x-amz-id-2: PQ0LBX+fYLWnIxQQuyfe0E1ZzuaTPKme7SXFFNfUlZbGhZlTFmqK0Iw5kBucQGXiUGSl0dHZBic=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.atheridiscover_2_119577_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/d4/ed/58/ 12 KB
13 KB 58ms
33ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/d4/ed/58/files.missbloom.gr.atheridiscover_2_119577_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6da9d2305bdb3c92e49ffe93f8e24ca7e16c367208478c111dd0d33f0a02dfd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 09 Oct 2019 09:52:46 GMT
Server: AmazonS3
x-amz-request-id: 68B790A9D54E4CE3
ETag: "86f748bd315b26980dcefa82ca9b0cd2"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12495
x-amz-id-2: mCOIHa6HBjKYqIE/7KEF2qRmgYYcw1Spze7RphA/bhb9fqkzDbAJhUalMw5BTu8XjksyS5xBnTo=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.6990_5FANTONIS_5FKANAKIS_5F692012_2_103078_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/2a/7c/f2/ 22 KB
22 KB 19ms
18ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/2a/7c/f2/files.missbloom.gr.6990_5FANTONIS_5FKANAKIS_5F692012_2_103078_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 741afd37811ca5dfe375067c2973441d12e4dad74cb74f313a53f79944f54ea1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Sun, 29 Sep 2019 17:28:51 GMT
Server: AmazonS3
x-amz-request-id: 3AD239FE3170F308
ETag: "a6bdcb3486c7bb57c1f8b3e8c4c608f9"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22333
x-amz-id-2: i4urXrG42ernb7Ra35o8w820ukWzIqOIKtnghAiR/gMN8roFN2WNKea9BGLNS8YWSeVWp6HYoNE=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.0479_5FVASILIS_5FKIKILIAS_5FTZENI_5FMPALATSINOY_5F25102017_2_186631_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/e6/14/39/ 10 KB
11 KB 43ms
43ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/e6/14/39/files.missbloom.gr.0479_5FVASILIS_5FKIKILIAS_5FTZENI_5FMPALATSINOY_5F25102017_2_186631_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 668b9c02483e0a9978e9099a86c54387e46367869a4362b12b2ad13eeb285062

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 11 Sep 2019 13:40:45 GMT
Server: AmazonS3
x-amz-request-id: A6A75F88DFFF7150
ETag: "cc71a65c421b039317bce8024a9eb8ed"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10637
x-amz-id-2: 3TgqGCn5iQm+X+JeBSIvJ2PK+smzcfBQcQ0vzL9sUEeKZYajT/URugIfNVyAqvYml5BMU/QpD0Y=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK madamefigaro.gr.4d3c98de4cfb413aaf09e824057774c8_2_118361_2.jpg
img9-api.yallarec.com/c3/28/website_175461/a9/79/35/ 12 KB
13 KB 9ms
9ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/c3/28/website_175461/a9/79/35/madamefigaro.gr.4d3c98de4cfb413aaf09e824057774c8_2_118361_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4d7e5798e3aecea789c333768c139e901e90ff50a11c5db67019bfc0413d0b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Tue, 08 Oct 2019 09:54:23 GMT
Server: AmazonS3
x-amz-request-id: 1C45D68DDB1DA8EF
ETag: "d31498cebacea294ebea7f96319866cb"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12420
x-amz-id-2: olB1kyQjuaS9+XAwF1l8IWIJs5SGfESVPjIpjrC/rNidqnUanU9IaPgZ107/E5MbuWWelvV78MA=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.iliana_2_139672_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/11/1c/f3/ 12 KB
12 KB 17ms
17ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/11/1c/f3/files.missbloom.gr.iliana_2_139672_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b00c8a6f01fcee914a03177702bcbe6154c3dd97725638f09addafc587edf6d1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Thu, 03 Oct 2019 13:04:21 GMT
Server: AmazonS3
x-amz-request-id: B9185A1FE1D834CC
ETag: "d7a8ed4495a2ab2964996a26b5455e9f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12335
x-amz-id-2: 8NkelZR7wLCcfmLCX4QCm+OOxBp1FqdC2o9OxJMhws5FHKyzcbQEzGD8bpkmGkmbPsgajvpMulQ=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.cover_2_184985_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/b5/2f/2d/ 13 KB
13 KB 24ms
23ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/b5/2f/2d/files.missbloom.gr.cover_2_184985_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01999efb8a5b3cc0d3eae0735bee0c71c046c7daf7f539ecb4e0a3826c0b5920

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 02 Oct 2019 12:32:56 GMT
Server: AmazonS3
x-amz-request-id: 7663DB3AB74C7850
ETag: "8e276f31591c52b04fee2f57b882279e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12826
x-amz-id-2: UkGmKnOCMy0wjV0hEm7LWuH/cP/NlqlW8GsNhyMBjv2YLmmki6rSPKO+XQj7PhWXFaNFr5/wA0Q=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D2019_2D09_2D15_2D11_2E56_2E58_2D_3F_3F_2_112262_2.png
img9-api.yallarec.com/e4/6d/website_175457/e5/00/db/ 12 KB
12 KB 16ms
16ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/e5/00/db/files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D2019_2D09_2D15_2D11_2E56_2E58_2D_3F_3F_2_112262_2.png
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c4bfd6e7dd76fbb6c52d661e29dc1030650092c6062f51774af7455cb1f5867

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Sun, 15 Sep 2019 15:06:57 GMT
Server: AmazonS3
x-amz-request-id: 7EB5C13C150728A2
ETag: "ed6004205458524f8dcdd3b483c6804c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12327
x-amz-id-2: hFzoAQrtSiqlstJnDmteXQBx9nZyLOGfhCt3ati+ucVNA2heePeeOoWkyB3//EhQpu2r7OLex70=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr.savvaspoumpouras_2_170955_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/4b/1b/9b/ 18 KB
18 KB 28ms
28ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/4b/1b/9b/files.missbloom.gr.savvaspoumpouras_2_170955_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb7d6f5aee2cf035c8a59ad65280418507891e8345dfddaec446db043537f67

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Tue, 08 Oct 2019 11:40:43 GMT
Server: AmazonS3
x-amz-request-id: B4A8DC656A565798
ETag: "b2ad5ede9fbdd5e637e2776878730aad"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17983
x-amz-id-2: b7MfNJpuEwSsdq5EHEKqpYe2aJSQA3ns0nTG1fGhITMl8uLsg6xxE+GEhYEHOMLIsB9qY3qXrak=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_2_189951_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/e9/64/7d/ 10 KB
11 KB 8ms
7ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/e4/6d/website_175457/e9/64/7d/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_2_189951_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cead61ecfe672e516440bd4644a397f70c8dabe8bc58d101db73560abdeeabc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Wed, 02 Oct 2019 20:17:37 GMT
Server: AmazonS3
x-amz-request-id: 7688E609F02200C1
ETag: "6c176174bcfd1b117183c826a57a5d26"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10693
x-amz-id-2: S3r3ftFqiMSQT7J574clA+6Q7le/GtOokzvbo0NJ5YVO33aQPbna4QPrUbcDDA6ZbKZ1btXfCG4=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H/1.1 200
OK i1.wp.com.young_2Dwoman_2Dshowing_2Ddrinking_2Dglass_2Dwith_2Dwater_2Dpicture_2Did673848156_2Ejpg_3Ffit_3D660__186921_2.jpg
img9-api.yallarec.com/dc/64/website_175460/62/3d/2a/ 8 KB
9 KB 26ms
25ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img9-api.yallarec.com/dc/64/website_175460/62/3d/2a/i1.wp.com.young_2Dwoman_2Dshowing_2Ddrinking_2Dglass_2Dwith_2Dwater_2Dpicture_2Did673848156_2Ejpg_3Ffit_3D660__186921_2.jpg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 029f46804d0a69bf8eaccb06d3570dbd12e3f514e045063581ea752835cc20e8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 09 Oct 2019 10:12:04 GMT
Last-Modified: Fri, 27 Sep 2019 09:05:48 GMT
Server: AmazonS3
x-amz-request-id: CDAC936B66D2E961
ETag: "54e68c40bfb4c421d8153de0b1dae0ab"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8397
x-amz-id-2: ppYEZTz9jkYadkK2SmMGq537XHd7OFqY3005QuWiN49gFJrdAI0NomDKzdjoVjxsQpL5qALmNUY=
Expires: Wed, 16 Oct 2019 10:12:04 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 15ms
15ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: widget.yallarec.com
URL: https://widget.yallarec.com/yalla_crt_loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 28567b9298df1914ea63e0ea93676032cdb92854a9fb100a29a4890230a9ca90

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 18:17:48 GMT
server: nginx
etag: W/"5d8a5dcc-15bb7"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 10 Oct 2019 10:12:04 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
146 B 44ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=74&profileId=184&cb=13699518442
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Wed, 09 Oct 2019 10:12:04 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://ceheckupalert.cf
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK / Show response
bold.adman.gr/gbanner/ Frame 4041 644 B
1 KB 19ms
19ms Script
application/x-javascript 95.211.185.110
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://bold.adman.gr/gbanner/?1570615924|27800/300x250?23670:=1570615924471@300x250x24?/&cab=_&v=6/testcookie1

Requested by

Host: bold.adman.gr
URL: https://bold.adman.gr/gbanner/?1570615924471|27800/300x250?23670:=1570615924471@300x250x24?/&cab=_&v=6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.211.185.110 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

rishi.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

914340f5cced5a82caab546fb18fd40928d88c6842dab4a2387b977c243c53b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
ETag: "8GmACGoE00g"
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Content-Type: application/x-javascript; charset=iso-8859-7
Content-Length: 644

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 13ms
13ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 03 Oct 2020 10:12:04 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 14ms
14ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 03 Oct 2020 10:12:04 GMT

GET
H2 200 g_photoprint.gif
obj.adman.gr/bold/2019/mindshare/7147/ Frame 4041 240 KB
241 KB 20ms
19ms Image
image/gif 2606:4700:10::6814:5e4d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obj.adman.gr/bold/2019/mindshare/7147/g_photoprint.gif
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5e4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44963e34588b2bee04c5406979190eb3679305166c3791ef0c29740ec2d12c94

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
cf-cache-status: HIT
age: 1511
cf-polished: origSize=247674
status: 200
last-modified: Thu, 03 Oct 2019 09:58:08 GMT
content-length: 246100
cf-bgj: imgq:100
server: cloudflare
etag: "5d95c630-3c77a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 522f92f8d80c594c-VIE
expires: Wed, 09 Oct 2019 10:42:04 GMT

GET
DATA 200
OK truncated
/ Frame 4041 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8618e50f4559827ae15532ebe3c82f2ac9f2fe908d9cf000fdefb738759aed3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK phaistos
bold.adman.gr/rm/42263/27800/1023807829/ Frame 4041 43 B
422 B 19ms
19ms Other
image/gif 95.211.185.110
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://bold.adman.gr/rm/42263/27800/1023807829/phaistos?rnd=1570615924640

Requested by

Host: static.adman.gr
URL: https://static.adman.gr/adman.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.211.185.110 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

rishi.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: https://ceheckupalert.cf
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials: true
Content-Type: image/gif
Content-Length: 43

GET
H2 200 va_content.vast.min.css
www.vidads.gr/css/ 41 KB
7 KB 4ms
4ms Stylesheet
text/css 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/css/va_content.vast.min.css?v=2.13
Requested by: Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 08:53:50 GMT
server: nginx/1.12.2
etag: "a554-58d63eec89310-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=5184000
x-route: http1
accept-ranges: bytes
content-length: 6926
expires: Sun, 08 Dec 2019 10:12:04 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 270 KB
92 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

230f0dbc21b7f0e1bddc2844a3d140ec31e5d1f4658e1cbd39752548da34366b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93812
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ Frame 6C9C 252 KB
69 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "96c1a383c63a0e85"
age: 48173
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 70044
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:49:11 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:49:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 6C9C 150 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "31e12d286572e15e"
age: 47883
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40838
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:54:01 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:54:01 GMT

GET
DATA 200
OK truncated
/ Frame 6C9C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee719db920bcec0e6084060cb844b7e3dc4e1199cf54d9265aba519b693c80cd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15868574519932823326
tpc.googlesyndication.com/simgad/ Frame 6C9C 120 KB
121 KB 7ms
6ms Image
image/gif 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15868574519932823326

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

55326eac53bc651412601204285c90db4d116470076d3232bb7f15a05e12bdb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 09:36:04 GMT
x-content-type-options: nosniff
age: 2160
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 123367
x-xss-protection: 0
last-modified: Tue, 08 Oct 2019 14:34:47 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Oct 2020 09:36:04 GMT

GET
H/1.1 200
OK banner
bold.adman.gr/ Frame 6C9C 43 B
359 B 20ms
19ms Image
image/gif 95.211.185.110
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bold.adman.gr/banner?webspace=27839&auto=1&rnd=[timestamp]

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.211.185.110 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

rishi.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C9C 0
57 B 29ms
29ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv98BIveeQfQbAmgQza79wBhvroWaSOpFqmXkDMtUwFIOe7UuqdxMMe_2xaTRDJh0tvQN7mxVmCg2gIg6rVjxxXIQE398aE5op3ptc0NcVMq0WEwTba41kcRoVJgmeWeo-Zm9zNhbLp4XuCn1xGffJFWVgcBdOmiofhu7MkfWVYTByYVmKptVsFDnlKxOzGFE8RTU_2bA7ivF62IO4JECs1eFCHhHsfnV5EvAzI0hXnXE6vQYDu0iipQ-5obLS3T7TkL_ZarYd9gPgj37g&sig=Cg0ArKJSzM6t3NbCR83MEAE&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6C9C 0
0 16ms
15ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTj1cx-qT2nu-5vYj2oTwhaI749tVdg3Ho8iiRkABOUrH4WTOo6lyUiu7tylOO1LXY-00xxSQMu8qDcbs30uwCh-hjTbg
Requested by: Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011909241711100/ Frame 1772 252 KB
69 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "96c1a383c63a0e85"
age: 48173
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 70044
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:49:11 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:49:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011909241711100/v0/ Frame 1772 150 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011909241711100/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "31e12d286572e15e"
age: 47883
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40838
x-xss-protection: 0
server: sffe
date: Tue, 08 Oct 2019 20:54:01 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Wed, 07 Oct 2020 20:54:01 GMT

GET
DATA 200
OK truncated
/ Frame 1772 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c243123b57b9400373cb04ae2d22c201d420f234956b04467ef174dc67b186

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 15974439074036553867
tpc.googlesyndication.com/simgad/ Frame 1772 130 KB
130 KB 8ms
8ms Image
image/gif 2a00:1450:4001:81e::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15974439074036553867

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b2aeabc83c5bd13a80e9903cbd6f7d737d1db8615656a6da0cf3f3ed83c9d850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 20:48:55 GMT
x-content-type-options: nosniff
age: 739389
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 132663
x-xss-protection: 0
last-modified: Wed, 25 Sep 2019 11:32:46 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Sep 2020 20:48:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1772 0
57 B 29ms
29ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHTrCBGKSCDbXi8xVuBFj54wnf4FLO1hFQNk0abQKRXapk1Tvo3av3g_NU2KfKmwK8c9yE9mCNRFR3NXA1VL3IB41awuFFKw1-g4DDB4UY7D7yNCfYiQuhoXuKxq3qlVFSDxwgIFwPh7Ya6RiBufTBzEVyXF1KRMwbnY4rn4--Cf6P_i0RMfj0-L-GMHgX6h15Op35G92bIhbTZaa0-aYmL4lQTm55sFXDIrI3Wv8u--GTDQ_ymyNJNtdPYzey3esr8ZmQmqhFYz4FGPs&sig=Cg0ArKJSzAOFrIiE4lE4EAE&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 2 KB
1 KB 27ms
27ms XHR
text/xml 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.12.2 / PHP/7.2.23

Resource Hash

4e920a6eab638112e387e722c124fbdf9cb87146b90dd337e031101af659964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PHP/7.2.23
status: 200
pragma: no-cache
x-route: http1
last-modified: Wed, 09 Oct 2019 10:12:04 GMT
server: nginx/1.12.2
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://ceheckupalert.cf
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-time: 0.024549007415771
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame 1752 0
0 6ms
6ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3611
pragma: no-cache
cache-control: no-cache
origin: https://ceheckupalert.cf
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://ceheckupalert.cf/
accept-encoding: gzip, deflate, br
cookie: fr=0Xxl6nnDKonOPU04U..BdnbJ0...1.0.BdnbJ0.
Origin: https://ceheckupalert.cf
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://ceheckupalert.cf
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
date: Wed, 09 Oct 2019 10:12:04 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame BA81 0
57 B 29ms
29ms Fetch
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvk7L9baItMNvqyKXUn2oTjdIQ_-qCTbVVGQcE9fJFpNsFyrjoAUCkqJbH6Fqivj_PoBsdVXaA8gq8q5BzVSJtMHe716EvJHVJfW91cff4f8dWIzHlVLG5ISpMWOW2oRUS6DrLHUxS9NjSAm40yuN59-kCi9AMUpXAYthy6UC05vh_GHMoGo04fXhOB1e5Z_0b1xsBNNwD3m1WLJ2fRHgkH8nQn6EUYjyoL9OJIhFVyfavqJkBdqqP_eclvE50yy9yMQOBAjE4sA&sig=Cg0ArKJSzF6pqA_W8tZ5EAE&urlfix=1&adurl=

Requested by

Host: ceheckupalert.cf
URL: https://ceheckupalert.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Oct 2019 10:12:04 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/77691/ Frame BA81 679 B
709 B 73ms
72ms Script
application/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/77691/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 433
expires: Wed, 09 Oct 2019 11:12:04 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA81 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019100301.js?21064756

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b97fec3e6934342f0e375c750de3c8d093b41a79dca0eeff4a64bfa1ecec8f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1570488230944156"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29611
x-xss-protection: 0
expires: Wed, 09 Oct 2019 10:12:04 GMT

GET
DATA 200
OK truncated
/ Frame BA81 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2899ee917b6d004187245a2b5a2e0fa9e56b450d642ca427c4d0d60c8303f8f5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 706 KB
184 KB 7ms
7ms Script
text/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/77691/tag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9361dcd8a551c81149b9898eaa1e49ac7ce1133093d2da7668a9947b191ea4aa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 10:12:04 GMT
content-encoding: gzip
last-modified: Tue, 08 Oct 2019 13:08:40 GMT
x-amz-request-id: A03B16AA3EF4A0C7
etag: "e3f66b686a0b18abf0b45460ac8b73a6"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=600
x-bucket: 6
accept-ranges: bytes
content-length: 187484
x-amz-id-2: Jh7kf8NCffVpDqwCC4aLxMwqxZNKfkJgTTYYkeR76B2a+nXDRSxWPVLaKgfls44WeFFAgUuF7Bs=
expires: Wed, 09 Oct 2019 10:22:04 GMT

GET
H/1.1 200
OK index.html
cmp.teads.mgr.consensu.org/ Frame F3DB 0
0 19ms
6ms Document
text/html 2a02:26f0:6c00:293::2c92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.teads.mgr.consensu.org/index.html
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:293::2c92 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cmp.teads.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://ceheckupalert.cf/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

x-amz-id-2: kGI/LkmsIcd2daPyZ44T91Tgh3nqFBaPCP2I5Rt/ZLlg5M5DrVepYy/Ac/ZfkFjnOAPn7svobKA=
x-amz-request-id: B87A212102411FA1
Last-Modified: Fri, 14 Sep 2018 07:42:32 GMT
ETag: "e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 583
Server: AmazonS3
Cache-Control: max-age=300
Expires: Wed, 09 Oct 2019 10:17:05 GMT
Date: Wed, 09 Oct 2019 10:12:05 GMT
Connection: keep-alive

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

43 B
309 B

7ms
7ms

Image
image/gif

23.43.115.95
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=07052717&cs_ucfr=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.43.115.95 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-43-115-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Oct 2019 10:12:05 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1570615925012&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=07052717&cs_ucfr=1
Pragma: no-cache
Date: Wed, 09 Oct 2019 10:12:05 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
157 B 30ms
30ms Image
image/gif 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&ts=1570615925009&pageId=77691&pid=95778&env=js-web&pfid=[pfid]&f=1&fv=124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 09 Oct 2019 10:12:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 09 Oct 2019 10:12:05 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
157 B 33ms
32ms Image
image/gif 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&ts=1570615925010&pageId=77691&pid=95778&env=js-web&pfid=[pfid]&f=1&slot=native&fv=124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 09 Oct 2019 10:12:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 09 Oct 2019 10:12:05 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/77691/ 118 B
335 B 77ms
76ms XHR
application/json 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/77691/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fceheckupalert.cf%2F&page=%7B%22id%22%3A77691%2C%22placements%22%3A%5B%7B%22id%22%3A95778%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1569%2C%22height%22%3A883%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22reason%22%3A220%7D%7D&userId=b43d0b86-6022-4ee2-8fb7-9dacb6504215&formatVersion=2.22.61&env=js-web&netBw=10&ttfb=93
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a

Request headers

Accept: application/json; charset=UTF-8
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:12:05 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ceheckupalert.cf
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 129
expires: Wed, 09 Oct 2019 10:12:05 GMT

GET
H2 200 iframe
sync.teads.tv/ Frame 6E14 0
0 43ms
42ms Document
text/html 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=95778&userId=b43d0b86-6022-4ee2-8fb7-9dacb6504215&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&env=js-web&1570615925218
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

:method: GET
:authority: sync.teads.tv
:scheme: https
:path: /iframe?pid=95778&userId=b43d0b86-6022-4ee2-8fb7-9dacb6504215&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&env=js-web&1570615925218
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://ceheckupalert.cf/
accept-encoding: gzip, deflate, br
cookie: tt_viewer=687f97f9-3b21-4e0e-b634-044b44af3226
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://ceheckupalert.cf/

Response headers

status: 200
content-type: text/html; charset=UTF-8
server: akka-http/10.1.5
content-length: 1844
expires: Wed, 09 Oct 2019 10:12:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 09 Oct 2019 10:12:05 GMT
set-cookie: tt_exelate=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Thu, 10 Oct 2019 10:12:05 GMT; Domain=.teads.tv; SameSite=None

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CE81 42 B
115 B 38ms
38ms Image
image/gif 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMXV87Mr5H22l9ly9cMn3GtLofZZpSbpD2BpiePzdAQw3_7pn6RUt-29ex_lUa6GLD1g-wh47g-ZIISD-U1aZIqyyKBU0TA8MBU9geQ_M&sig=Cg0ArKJSzI5oTMhIEJi9EAE&id=ampim&o=8,470&d=1920,1000&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=125&tls=1126&g=58.72682332992554&h=58.72682332992554&pt=399&tt=1126&rpt=399&rst=1570615924113&r=v&adk=3307054402&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://ceheckupalert.cf/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Oct 2019 10:12:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.qds.ninja
URL: https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:38:31	Name: IDE Value: AHWqTUncGUE-P8gJDWqCuEtOn3qDeo29_3555O3c-OxztpvQ0acz90Xij51EurhX
.agkn.com/	1970-01-19 13:02:31	Name: u Value: C\|0AEAlMG70JTBu9AAAAAAAAg1RAQCADVIBAIA
.agkn.com/	1970-01-19 13:03:58	Name: ab Value: 0001%3AF4e0BzY5daZi43HYAMHmMJ%2B3inLwJ7F94Loljjv9Sp2FjAQLul5Oyg%3D%3D
.ceheckupalert.cf/	1970-01-19 06:26:31	Name: _fbp Value: fb.1.1570615924315.1527120154
.ceheckupalert.cf/	1970-01-19 21:48:07	Name: __gads Value: ID=825454f248926ffe:T=1570615924:S=ALNI_MbQbLUpXv4p58nNENyMfMMzxScvfg
.ceheckupalert.cf/	1970-01-19 04:18:22	Name: _gid Value: GA1.2.1547838160.1570615924
.ceheckupalert.cf/	1970-01-19 21:48:07	Name: _ga Value: GA1.2.1731884639.1570615924
.ceheckupalert.cf/	1970-01-19 13:02:31	Name: __cfduid Value: d097495a7be49bdb5d956ac2b7d637d651570615923

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: https://ceheckupalert.cf/(Line 53) Message: has skin
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds [object Object]
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527) Message: Powered by AMP ⚡ HTML – Version 1909241711100 https://ceheckupalert.cf/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: https://static.adman.gr/adman.js(Line 1) Message: Deploying adman.js to top window.
console-api	info	URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527) Message: Powered by AMP ⚡ HTML – Version 1909241711100 https://ceheckupalert.cf/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: https://ceheckupalert.cf/(Line 78) Message: [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527) Message: Powered by AMP ⚡ HTML – Version 1909241711100 https://ceheckupalert.cf/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds VidAdsContent -> ready
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=https%3A%2F%2Fceheckupalert.cf%2F
console-api	info	URL: https://cdn.ampproject.org/rtv/011909241711100/amp4ads-v0.js(Line 527) Message: Powered by AMP ⚡ HTML – Version 1909241711100 https://ceheckupalert.cf/
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds ALL OK. CONTINUE.
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds [object Object]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019100301.js?21064756(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
adservice.google.de
ajax.googleapis.com
api.yallarec.com
app.exitbee.com
bidder.criteo.com
bold.adman.gr
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
ceheckupalert.cf
cmp.teads.mgr.consensu.org
connect.facebook.net
d.agkn.com
files.capital.gr
files.missbloom.gr
googleads.g.doubleclick.net
imasdk.googleapis.com
img9-api.yallarec.com
js.agkn.com
logws1312.ati-host.net
obj.adman.gr
pagead2.googlesyndication.com
platform.instagram.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adman.gr
static.criteo.net
sync.teads.tv
t.qds.ninja
t.teads.tv
tag.aticdn.net
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
t.qds.ninja
104.111.218.100
172.217.23.98
178.250.0.165
178.250.2.130
2.16.186.152
2.16.186.248
2.18.232.7
23.43.115.95
23.45.99.146
2600:9000:2043:9c00:15:efbc:e300:93a1
2606:4700:10::6814:5e4d
2606:4700:1::6813:8c4a
2606:4700:30::681c:49d
2606:4700::6813:c497
2a00:1450:4001:800::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2004
2a00:1450:4001:824::2001
2a00:1450:4001:825::200a
2a01:4f8:110:5005::2
2a02:26f0:6c00:28d::3b8c
2a02:26f0:6c00:293::2c92
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
35.157.22.81
35.240.50.85
95.142.20.17
95.211.185.110
01999efb8a5b3cc0d3eae0735bee0c71c046c7daf7f539ecb4e0a3826c0b5920
029f46804d0a69bf8eaccb06d3570dbd12e3f514e045063581ea752835cc20e8
04ae16d58455e1d89bb2e089d29a9b20c3f8c8ebc3f5ba4568b985a2e31f628d
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
0c4bfd6e7dd76fbb6c52d661e29dc1030650092c6062f51774af7455cb1f5867
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
12d13a9a9144ad9ba3725c3d0755000efcfdb7d72bc67656010729cca926739d
13b5234626ca34e053f01ea31ff47ace2dc2cd404ffd608b96b1c061e2a05ad0
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
197c294e1520b32d787d2678660c02fd195c1c93fee3441de596ef22c34ed425
19b9736385f68f3d03653ae3a433942e3e8da44f26270201684613084838476e
1db91ad4b8a95ebdd04032286c8a7cbd625dd80929d55e692a44f30432533ac8
1f5f917a39d8e46f3ed87cd20cef5d136541e30bdaf61b9b5ce165d22073fbe9
213481b9bffdfee720f1865261266f9c07c782ec4683e15e0576587bfe090d96
230f0dbc21b7f0e1bddc2844a3d140ec31e5d1f4658e1cbd39752548da34366b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
255cfa79e3fa1a3d6312d7b09d1e4d61baabc260e79353f43a2add62ccb77913
28567b9298df1914ea63e0ea93676032cdb92854a9fb100a29a4890230a9ca90
287b0682d5ff7ad624ad8f42d41b25414be319535fba1da217394327015ad811
288671e40e2ef46fbcbcae204e961e3c55da9137d9511f3e36bf4167240dbd59
2899ee917b6d004187245a2b5a2e0fa9e56b450d642ca427c4d0d60c8303f8f5
2bd48037f56fa66784e41bcd96fbafe2a1e3aa8a568b4154d76addd1ea9f4da9
2d5cc0ee8dfcf9c9d68af4f3f1b32ba2c080f9a8c323292fe9ad2236bbb59bab
3015206d8a03a845f972ad974607bac3ccc962a8b2df2ef568f71a03b530ad69
30bb44eb9bb1a328d7fb4f1f8eecf39633f00d8cd2533a9b9904390eab566c02
3174003a7f82a954d93d77cb0164bbfce6139b9640bb2276337d8f1d6c599eda
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e7cfb629c6fc28bec6f0039c2b843ac7d63cb54a883599ca33ce2384e251fa
34fde0f4461395a617be2117bae4b1c3e9d80a1126f198201b7337c10f7db71e
354d4c7d0db4d65289bdf9d1ba2cda998bfbf9666b43857362342081ff73e073
37a8b06eab08134f2037c797f4596c7688dd564a8395cb7e072577f371d8f993
3a38fb11b35e03d606e3dd1ace0d500eb5facda29048b787509a024d61e43199
40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4
41c243123b57b9400373cb04ae2d22c201d420f234956b04467ef174dc67b186
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44963e34588b2bee04c5406979190eb3679305166c3791ef0c29740ec2d12c94
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4e920a6eab638112e387e722c124fbdf9cb87146b90dd337e031101af659964f
55326eac53bc651412601204285c90db4d116470076d3232bb7f15a05e12bdb6
555e2df1a53da9be6bc2000971bddbcfc98a0489cfbdf9222afa6cdee2c8cdcd
6177205c8b9c5aa1734f0f1999b22194a2237cbe1d7944d9790058f3f588bc84
623789950e8c1b290490c87733187d699f70d85e6aaf8dda5cf9e27ace590efe
650f355426c2a3704e1aa23ccca4f65788eecbe3e7b9bdcb1632ff3834737186
668b9c02483e0a9978e9099a86c54387e46367869a4362b12b2ad13eeb285062
6692aa46b1a53011edfeb6967b3d1478207638d7cedca145f167d815ac6898eb
6992a363089c36fa4062ca560b548b91ce64abb21bba3412a60a8e1636577ef1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d157866400e2e50e077448f9cf06a9f29f70e031612ad6679d3626909a4c4e5
6df5a2fc07e8b543b7428df746cf2d2b79fc5e44eaa58a7e193edca54f3acf4e
6f94cf11a61ea632fbd21ad68927ecf4c388bde951f98100446786bf16bc724a
741afd37811ca5dfe375067c2973441d12e4dad74cb74f313a53f79944f54ea1
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5
8bcad0d5e62d5b147bbad7e008f6301fbbdd376ee551c87546a3158168d3df21
8cead61ecfe672e516440bd4644a397f70c8dabe8bc58d101db73560abdeeabc
8f10ac4bf8584985da730e6e1119a4eec3cacd73701c35b6978b34243ac35fd9
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
91147865f6acf48409932eca153d90abd430baa50bd62c327c1fe6889a0472f7
914340f5cced5a82caab546fb18fd40928d88c6842dab4a2387b977c243c53b7
9361dcd8a551c81149b9898eaa1e49ac7ce1133093d2da7668a9947b191ea4aa
960f41cbfbb6407a53c8c3bca480540fbab4ad9870f7708673b6c750813c9d49
9e965f8956c4263f7fcdcab38967322f0c04476c58ae617fca15cc74bf2a65fd
9eb7d6f5aee2cf035c8a59ad65280418507891e8345dfddaec446db043537f67
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b00c8a6f01fcee914a03177702bcbe6154c3dd97725638f09addafc587edf6d1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2aeabc83c5bd13a80e9903cbd6f7d737d1db8615656a6da0cf3f3ed83c9d850
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b744b132ff0fa63608e10e12c7191442b2bb402c3e06c8c558f274af6da1b45c
b97fec3e6934342f0e375c750de3c8d093b41a79dca0eeff4a64bfa1ecec8f37
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c13320ecdbc48b4d2d3afedbc3e98bc377a4c648ab361bb7c6529af1313057b6
c2b5654822d205d50205ccf19714e53d24adbb4c27ef1a45a2742aa57653e334
c4d7e5798e3aecea789c333768c139e901e90ff50a11c5db67019bfc0413d0b1
c6da9d2305bdb3c92e49ffe93f8e24ca7e16c367208478c111dd0d33f0a02dfd
c88be2a7d22efe3d848601100d7681d6510d10e3fee319fc6963883a3c3ac022
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
d0d676d307d83c43afe67946ba65bfa126dea1ce58f2bd6fd3e8030e0d85e7c9
d2b73045049b4e53b957e25b68ad1afcf18233b0f3e39244051750d57c97cb00
d2e86ff27dadecd2f8edecf4a06af83984161f03c0249ced4f7a76e183876a2f
d98e77e558ef5c298f4c28cdd1604914a16a3fcc9249904ba70c57d989fb6aab
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dfb7980c8939e03715b8a4f55dccdfdf50b348a95c07cd2b150fb442ec7baae8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8618e50f4559827ae15532ebe3c82f2ac9f2fe908d9cf000fdefb738759aed3
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ee719db920bcec0e6084060cb844b7e3dc4e1199cf54d9265aba519b693c80cd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef57c387ae10c69fbb2e049075131e7135646ec912566b14f9f6bbe062a2c1d2
f49380b76d301f158554ef92e40dcbcde8042e811b71e942de50a6fa7b7ee463
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a
fe19067e431861b4c27909bd88d0b0cbabb4eeb9d26aa14cf72fc1d6244a8263

ceheckupalert.cf Open in urlscan Pro 2606:4700:30::681c:49d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

97 %HTTPS

62 %IPv6

29 Domains

42 Subdomains

34 IPs

7 Countries

3123 kBTransfer

7682 kBSize

8 Cookies

26 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ceheckupalert.cf Open in urlscan Pro
2606:4700:30::681c:49d Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

97 %
HTTPS

62 %
IPv6

29
Domains

42
Subdomains

34
IPs

7
Countries

3123 kB
Transfer

7682 kB
Size

8
Cookies

129 HTTP transactions
8 data transactions