capitolorne.gq Open in urlscan Pro
2606:4700:30::681f:4212 Public Scan

URL:
http://capitolorne.gq/
Submission: On November 13 via api (November 13th 2019, 2:15:38 am UTC) from US

Summary HTTP 153 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 42 IPs in 8 countries across 33 domains to perform 153 HTTP transactions. The main IP is 2606:4700:30::681f:4212, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is capitolorne.gq.

This is the only time capitolorne.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:30:... 2606:4700:30::681f:4212	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:300... 2606:4700:300a::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.45.99.146 23.45.99.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 11	2.16.186.152 2.16.186.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:2880:f21... 2a03:2880:f21c:81c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a01:4f8:151:... 2a01:4f8:151:21d2::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:21f... 2600:9000:21f3:6200:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
20	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:287::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	35.240.50.85 35.240.50.85	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:215... 2600:9000:2156:ba00:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2606:4700:10:... 2606:4700:10::6814:5d4d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6	82.199.68.73 82.199.68.73	15830 (TELECITY-LON) (TELECITY-LON)
1 2	184.31.87.55 184.31.87.55	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.16.186.248 2.16.186.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
3	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
5	104.111.250.158 104.111.250.158	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	62.103.124.31 62.103.124.31	6799 (OTENET-GR...) (OTENET-GR Athens - Greece)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.23.166 172.217.23.166	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2a02:26f0:6c0... 2a02:26f0:6c00:28d::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:292::2c92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:401... 2a00:1450:4016:804::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
153	42

8 2606:4700:30::681f:4212 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

capitolorne.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:300a::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.146 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-146.deploy.static.akamaitechnologies.com

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.16.186.152 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-152.deploy.static.akamaitechnologies.com

files.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:81c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f21c:81e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:151:21d2::2 (Heidelberg, Germany)

ASN24940 (HETZNER-AS, DE)

www.vidads.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6200:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:287::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

widget.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.240.50.85 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 85.50.240.35.bc.googleusercontent.com

app.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ba00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6814:5d4d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
obj.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 82.199.68.73 (Netherlands)

ASN15830 (TELECITY-LON, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.87.55 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-87-55.deploy.static.akamaitechnologies.com

logw312.ati-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.248 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-248.deploy.static.akamaitechnologies.com

files.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com

api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.250.158 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-250-158.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.103.124.31 (Greece)

ASN6799 (OTENET-GR Athens - Greece, GR)
PTR: voss.phaistosnetworks.gr

talos.adman.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.166 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:6c00:28d::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

img9-api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.7 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:292::2c92 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cmp.teads.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.80 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4016:804::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net ad.doubleclick.net	132 KB
18	yallarec.com widget.yallarec.com api.yallarec.com img9-api.yallarec.com	227 KB
16	adman.gr static.adman.gr talos.adman.gr obj.adman.gr	122 KB
11	serving-sys.com bs.serving-sys.com secure-ds.serving-sys.com	132 KB
9	moatads.com z.moatads.com px.moatads.com	94 KB
9	missbloom.gr 1 redirects files.missbloom.gr www.missbloom.gr	76 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	273 KB
8	googletagservices.com www.googletagservices.com	216 KB
8	capitolorne.gq capitolorne.gq	229 KB
6	teads.tv a.teads.tv t.teads.tv sync.teads.tv	187 KB
5	capital.gr www.capital.gr files.capital.gr	110 KB
4	vidads.gr www.vidads.gr	86 KB
4	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	ampproject.org cdn.ampproject.org	132 KB
2	scorecardresearch.com 1 redirects b.scorecardresearch.com	1 KB
2	facebook.com www.facebook.com	374 B
2	ati-host.net 1 redirects logw312.ati-host.net	660 B
2	googleapis.com ajax.googleapis.com imasdk.googleapis.com	122 KB
2	facebook.net connect.facebook.net	112 KB
2	agkn.com js.agkn.com d.agkn.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	7 KB
1	gstatic.com csi.gstatic.com	304 B
1	consensu.org cmp.teads.mgr.consensu.org
1	criteo.com bidder.criteo.com	342 B
1	criteo.net static.criteo.net	27 KB
1	2mdn.net s0.2mdn.net	281 KB
1	google.com www.google.com	500 B
1	exitbee.com app.exitbee.com
1	google.de adservice.google.de	178 B
1	google-analytics.com www.google-analytics.com	17 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	aticdn.net tag.aticdn.net	20 KB
0	qds.ninja Failed t.qds.ninja Failed
153	33

	Domain	Requested by
20	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net capitolorne.gq
15	img9-api.yallarec.com	capitolorne.gq
8	px.moatads.com	capitolorne.gq
8	www.googletagservices.com	capitolorne.gq securepubads.g.doubleclick.net
8	capitolorne.gq	capitolorne.gq
7	talos.adman.gr	static.adman.gr talos.adman.gr
7	files.missbloom.gr	capitolorne.gq
6	bs.serving-sys.com	securepubads.g.doubleclick.net capitolorne.gq secure-ds.serving-sys.com
5	obj.adman.gr	talos.adman.gr obj.adman.gr static.adman.gr
5	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com
4	files.capital.gr	securepubads.g.doubleclick.net capitolorne.gq
4	static.adman.gr	capitolorne.gq static.adman.gr
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net capitolorne.gq tpc.googlesyndication.com
4	pagead2.googlesyndication.com	capitolorne.gq pagead2.googlesyndication.com
4	www.vidads.gr	capitolorne.gq www.vidads.gr
3	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
3	cdn.ampproject.org	securepubads.g.doubleclick.net
3	www.instagram.com	1 redirects capitolorne.gq www.instagram.com
2	t.teads.tv	capitolorne.gq
2	b.scorecardresearch.com	1 redirects capitolorne.gq
2	www.facebook.com	capitolorne.gq connect.facebook.net
2	logw312.ati-host.net	1 redirects capitolorne.gq
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	capitolorne.gq connect.facebook.net
2	widget.yallarec.com	capitolorne.gq widget.yallarec.com
2	www.missbloom.gr	1 redirects capitolorne.gq
2	cdnjs.cloudflare.com	capitolorne.gq
1	imasdk.googleapis.com	www.vidads.gr
1	sync.teads.tv	a.teads.tv
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	cmp.teads.mgr.consensu.org	a.teads.tv
1	bidder.criteo.com	static.criteo.net
1	static.criteo.net	widget.yallarec.com
1	z.moatads.com	secure-ds.serving-sys.com
1	s0.2mdn.net	securepubads.g.doubleclick.net
1	www.google.com	capitolorne.gq
1	ad.doubleclick.net	1 redirects
1	googleads4.g.doubleclick.net	capitolorne.gq
1	api.yallarec.com	widget.yallarec.com
1	ajax.googleapis.com	widget.yallarec.com
1	d.agkn.com	js.agkn.com
1	app.exitbee.com	capitolorne.gq
1	adservice.google.de	www.googletagservices.com
1	www.google-analytics.com	capitolorne.gq
1	cdn.onesignal.com	capitolorne.gq
1	js.agkn.com	capitolorne.gq
1	www.capital.gr	capitolorne.gq
1	platform.instagram.com	1 redirects
1	tag.aticdn.net	capitolorne.gq
0	t.qds.ninja Failed	capitolorne.gq
153	50

This site contains links to these domains. Also see Links.

Domain
talos.adman.gr
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.missbloom.gr
www.yupiii.gr
www.shape.gr
www.madamefigaro.gr
www.capital.gr
gr.askmen.com
atticamediagroup.gr

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
tag.aticdn.net GeoTrust RSA CA 2018	`2019-01-25` - `2020-03-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
capital.gr Let's Encrypt Authority X3	`2019-10-01` - `2019-12-30`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-10-09` - `2020-01-07`	3 months	crt.sh
ssl2.nemohq.gr Let's Encrypt Authority X3	`2019-10-31` - `2020-01-29`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
app.exitbee.com SSL.com RSA SSL subCA	`2019-07-08` - `2020-10-04`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2018-03-08` - `2020-03-08`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-03-03`	a year	crt.sh
*.adman.gr COMODO RSA Domain Validation Secure Server CA	`2018-10-15` - `2020-11-04`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
moatads.com DigiCert ECC Secure Server CA	`2018-11-10` - `2020-02-09`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
ssl364933.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-02` - `2020-05-10`	6 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh

This page contains 20 frames:

Primary Page: http://capitolorne.gq/
Frame ID: C9D54DF8D3F5859E626E6B8998AC074F
Requests: 96 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcapitolorne.gq&rp=%2F
Frame ID: E4ADF67CB4C4C4633DD7A6DA81865A47
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=245880974&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fcapitolorne.gq%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 99739FDDEA890261E78D41DB5C29EB31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191107/r20190131/zrt_lookup.html
Frame ID: 1E99BC1930CFA57B20B8E3210ED487CA
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5mscZjqUEbpH9LIQ6qTupiZ-0g8o_Yg8kF6RXIcZIOhD1fimrYXYxGpZSm5SLyAO-QeI2e2rvPv99qF-lDyuHqNfwQNse0oqqam9GEVmr79K7eYV8uYUM9Ckkt7X5CX1cWWbUe07hG3hwyZFEPSE_TuYJrHnpY8GLH0OWrHvUCebnM4eI1C3ZF_ksUiGlxGdGrOWKUyGs0W3QhYKJyUwEUrkU9Ym-tNDVaNc6c6F-uN_pMJhkzIWILasAXw51wmI&sai=AMfl-YSj18EtOr36G9VJAKButu8Z_d9avywVUajSY6Xxq4YgakzEZLrsIfFu1jLvbUnws01eTxq1txHQFdMUKPQbgP3-q3SB3GE0yAWGI6D4&sig=Cg0ArKJSzGZanoPhg1KDEAE&urlfix=1&adurl=
Frame ID: 996E49BD113DB9BE435A25857A20C17E
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt_v8J3neIonGWQ3N8yrqXB98FuLXLlS638VOJgDEaChH85gijj8QpFMW7lmkZD6a_CGREBwXdzLoxOT2BjJk2wFwEyaoM5sSKPEbFpU9gk7wMZyFbkE74c4hH1bYURLs1aa_G9ejh-tBhEJom9P552_MdLgLtuzAGpLvEOASJcW0sldZy8Gel0loXz9dioHrQzVpf0EJ1ennxAZCL1PiVY8JHZ63hpkP4v5Olp_lWySdl5f6TSXQg728xT4Ho0q_yXoOjf5KERHnT5mdr_g4&sai=AMfl-YTW96XEuINJ3XwB1Q29m8APR5awWwMmv3QdarIDEmgQfm3LFzc4josn_ap03e7ynBPiyz7g129Nu2-eUe9rHmHuNyVlWs45W7wESTjGgA&sig=Cg0ArKJSzAJohHmWvPcAEAE&urlfix=1&adurl=
Frame ID: C1F5E34180F49D4D81D31EFB6878B508
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcapitolorne.gq%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573611319824&bpp=8&bdt=540&fdt=79&idt=79&shv=r20191107&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=276197310104&frm=20&pv=2&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&ga_fc=0&iag=0&icsg=149568757628963&dssz=57&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3650239757705177&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=90
Frame ID: 267F06CEB755A6047DB5A9C1908302CD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGEiBzdhafu0lLdVCmkovWgiHLG0F18XVG-cd1Yiak0YbfMvkClZ_I_sMDikOfvLjEqmpmLyWUdJoFfGDz79__NXaWV1WMud6uJQQSOeurVFGgT_D_UlfURQRV05S_ecUEpu9EVAv38sBH3KTXmNpPCRwes9VtAN0WE4UPGlfdtymQ9pKQEMPSY0JtXcHvqeaYK4PNo1ShewIE1Tywdrt9ceaCdDQudtCKpTa1FuB9gNbjsEvb6Ya26FQF6XFf1Boluw&sai=AMfl-YQjrM0I0qwhtgstTvgaDk5gHgJeoEHmE0mtABb_mpIkEfNOtEvLy43ejqnNc4kMdMYmmXJCP_lT4ikd-6yCGjZXKbr8alivg_IL1vGn&sig=Cg0ArKJSzFd2nZ5bxWENEAE&urlfix=1&adurl=
Frame ID: 856A8D30823CBA76D8EDDB0652025D8A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js
Frame ID: 1D900255B059F130D397B30C9203EA12
Requests: 6 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxWsrFAQvNSatNSuD_4Wk93WpEKo32PWTCrw0YA9oLUvKShai8Li0E7hlo4REK8R2oAExim74YqPs8jwNEFch5ZRYHsdANNPjjlNbF5xFl5sa8YhqDTnQoGUU6dELFK2xTSmnVsokWfx1U9uvVo4eYe47xjcp2G_emjHoGWuxh8ob-1v2_HDQ9kNsmfL5Ur27YAqyyGjuGKNaGl57XhcWSqlnA8agVy2mxWiOdkgv7cXQbYo0ZWxGreh9FxPU48TyanuWziC5auMGZK47v93xfwcOjcb50QSaMy4KQq8rXd_2SYeYTI0bUO5bBIXE&sai=AMfl-YR6tqlLp0FEWL2DNC5WRrXggykmjSkBUDfsb_z5Mad0o2Qu3etkcQSuOa2zzlU26EJmseqbTovJ9aTkottbi2PjYbXxGa4iBI2u-dJ4uw&sig=Cg0ArKJSzEO95rYTNafLEAE&urlfix=1&adurl=
Frame ID: E5EC71D2726EF92CFA8E19803EE29D0D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUhaMW2CaKPAbYk6nQX9hXnZCqzWw3ZqMCXplE1des7iJvhmovz79CBG9cBVp-yo29YFlLbwP8Lwsc4Ab5cRAdCwpAle35mZVrbd-9Ias4SfvPPVVMP0cAX-uR4g6eEXNwNuhWFaZ1Jq65jaaRU4cqJOAKfED9kWPVX70K_zmkUUdnbSrH_xdFS2M8juK3zAniFF5F1fUq89zn8p-T8hBegWimoDkymF_9DxR3Z1JPXLwX2aQufzFdZKr9tYo3wBkIli979w&sai=AMfl-YRDtNabjWDbBHby3WbZkC9ZpQ95AMeX3EF4tpDN6uK77kTPRNdkV7IxxT4sZgq-o0zYI12inNmfHeq3_UP5HhpCLG8WfDSRJOPG8EW6RA&sig=Cg0ArKJSzLxq1KG8nE63EAE&urlfix=1&adurl=
Frame ID: 4FBB351882D1355F38BC01A8DB327219
Requests: 8 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
Frame ID: 3E9EA87C30578DDA61FEDBC92B6E2A49
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D949F97EAED4CAA38381503CDC9CBEC2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg3-iDz3YZqLX3uhoZKKPmjNRsprJZAbQxWXcTmlbHZWpau2x2WHMaaBykS-nAYucJIJRg1CHO3QIPYK6cw3tyqA_SegC9SSU7gr8ru7Vv0J2DHie4QFSnYfMeEO9tSp6m6JkroCUGsY9bAkOfvBObqx5ZNFztSmceCtzhHcAyL-hFCNsTRd0YFb764uMAxyuwwbX1WDKp2-w3uw52uFAEEg1RD1F9xjlfkzRlH4hWjx9sxQ3MGh3q_9fe7KDJUx4y&sig=Cg0ArKJSzHlE5Ck5Mc86EAE&urlfix=1&adurl=
Frame ID: 7537FF334969C01E7AA9E556AEBBB09B
Requests: 4 HTTP requests in this frame

Frame: http://cmp.teads.mgr.consensu.org/index.html
Frame ID: 04ACA6765A130D0E823F07878D06986B
Requests: 1 HTTP requests in this frame

Frame: http://obj.adman.gr/talos/2019/tempo/19475/BS_Left_SKIN_HTML_400x900/index.html?click=https://talos.adman.gr/click/@6luKf0I2v:2A8ik:gpqg/36465/52810/
Frame ID: 9ECCF110D5062005649D66E1232641A5
Requests: 1 HTTP requests in this frame

Frame: http://obj.adman.gr/talos/2019/tempo/19475/Right_SKIN_HTML_400x900/index.html?click=https://talos.adman.gr/click/@6luKf0I2v:2A8ik:gpqg/36465/52810/
Frame ID: 0B2F1A7450AECB5FBFCEE397FF03D35A
Requests: 1 HTTP requests in this frame

Frame: http://obj.adman.gr/talos/2019/tempo/19491/index.html?click=https%3A%2F%2Ftalos.adman.gr%2Fclick%2F%406luKf0I2z%3A2A8ik%3A2AvY%2F36500%2F52887%2F
Frame ID: 780CAA3886C77829F5CBDE0F0FF15D85
Requests: 1 HTTP requests in this frame

Frame: http://sync.teads.tv/iframe?pid=95778&userId=4a6341b1-096d-4743-b7e2-6eceb28b1a54&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&fromFormat=true&env=js-web&1573611320641
Frame ID: FC9E2D512D08F19038BB4A46813FBCF7
Requests: 1 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
Frame ID: AD2B52A0D4E5B1CCA00470C5AB1979E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

153
Requests

63 %
HTTPS

60 %
IPv6

33
Domains

50
Subdomains

42
IPs

8
Countries

2616 kB
Transfer

6936 kB
Size

0
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://talos.adman.gr/click/@6luKf0I2v:2A8ik:gpqg/36465/52810/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MissBloom.gr
Title: γιατί μυρίζει το στόμα μου

Search URL Search Domain Scan URL

URL: https://twitter.com/missbloomgr
Title: τρια πεντε πηγαδια live cam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/missbloomgr/
Title: ποτε θα παντρευτουμε μανωλιο μου

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCotisottYVdSch2d0Vy-bxg
Title: γερμανικα β γυμν βιβλιο μαθητη

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BJwAgHvAlt9/
Title: ταβερνα η κανουλα θεσσαλονικη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/psila-kai-stilata-koritsia-des-tis-koukles-megales-kores-tis-elenis-menegaki-nees-pics/?fbclid=IwAR0PJvJ1_xPtNcmIz_wvw4Nin2PM6z0nQ5F_sFPy65JMq0b1ok5vF8MuEqc
Title: Δες τις κούκλες μεγάλες κόρες της Ελένης Μενεγάκη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/olympia-chopsonidou-i-teleia-erotisi-pou-dechthike-gia-tis-egkymosynes-tis
Title: Ολυμπία Χοψονίδου | Η τέλεια ερώτηση που δέχθηκε για τις εγκυμοσύνες της

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/gossip/c133826/Eydokia_Roymeliwth-Mama_en_drasei!_Me_to.html
Title: Ευδοκία Ρουμελιώτη - Μαμά εν δράσει! Με τον γιο και τον σύζυγό της σε καθημερινές στιγμές

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/mari-konstantatou-aftos-einai-o-neos-ischyros-andras-sto-plevro-tis/?_gl=1*1p2p22o*_ga*YW1wLTVRd0pPZ0dLNzNvaWtiRFpWQ2dzMEJ6YjFjYzc3aldCdzRmS2xkOTBrNVh0eTBOLUM3Mi1jckN3VEltQ3pHTzk.
Title: Μαρί Κωνσταντάτου | Αυτός είναι ο νέος ισχυρός άνδρας στο πλευρό της! - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.shape.gr/diatrofi-adynatisma/sosti-diatrofi/diatrofi-me-soupes-mporeis-na-chaseis-kila-trogontas-soupes
Title: Διατροφή με σούπες | Μπορείς να χάσεις κιλά τρώγοντας σούπες;

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/antonis-fragkakis-egine-pateras-kai-den-to-katalave-kaneis
Title: Αντώνης Φραγκάκης | Έγινε πατέρας και δεν το κατάλαβε κανείς

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/?p=603059
Title: Η Ελένη Τσολάκη έκοψε τα μαλλιά της και ίσως θέλεις να κάνεις το ίδιο

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/antelina-teloni-charis-varthakouris-plana-apo-to-spiti-tous-stin-kifisia-kai-kapoies-yperoches-koines-tous-fotografies
Title: Αντελίνα Τελώνη - Χάρης Βαρθακούρης | Πλάνα από το σπίτι τους

Search URL Search Domain Scan URL

URL: https://www.madamefigaro.gr/celebrities/star-style/114836/oi-emfaniseis-tis-jennifer-aniston-epanaprosdiorizoun-ton-minimalismo?fbclid=IwAR29rAnpVKUVUCGJ1Ax7HIdgzMTXme4TuNJ8JelJLZmxRh-L8XnOo2mi1Ws
Title: Οι εμφανίσεις της Jennifer Aniston επαναπροσδιορίζουν τον μινιμαλισμό

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/i-fotografia-meta-tis-fimes-gia-nea-schesi-kai-oi-stichoi-tou-marantini/?fbclid=IwAR0t-w4qdUYvsUuoLQIktpnnVPGjtcJeyE5vk8yaPMDYB4h_x2kjSb9XVIU
Title: Η φωτογραφία μετά τις φήμες για νέα σχέση και οι στίχοι του Μαραντίνη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/moda/elli-kokkinou-des-plana-apo-to-polyteles-spiti-tis-sta-notia-proastia
Title: Έλλη Κοκκίνου | Δες πλάνα από το πολυτελές σπίτι της

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/omorfia/mallia/jennifer-lopez-koureftike-kai-deichnei-pio-nea-apo-pote/?fbclid=IwAR0gImfHKnqLvnHpk6uIlwnI9RUMTG8-0DH1uBtqOaVLCOzT_WPbbzmx04c
Title: Jennifer Lopez | Κουρεύτηκε και δείχνει πιο νέα από ποτέ

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/viky-kagia-ilias-krassas-des-fotografies-apo-to-monterno-teleio-spiti-tous/?amp
Title: Βίκυ Καγιά – Ηλίας Κρασσάς | Δες φωτογραφίες από το μοντέρνο σπίτι τους

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/elena-christopoulou-zeneviev-mazari-apokalyfthike-ti-kanoun-sta-gyrismata-tou-gntm-pic/?_gl=1*1tg312t*_ga*YW1wLXRvdlY1Z2tHbVJMTldHMXJ1d3czYVhIakxRWl9RYXI3SlVoYklBNEVRVFl4dllEVXc2ajVnUXVxY3Nfb1VIRC0.
Title: Έλενα Χριστοπούλου - Ζενεβιέβ Μαζαρί κοιμούνται στα γυρίσματα

Search URL Search Domain Scan URL

URL: https://www.shape.gr/ygeia/zise-ygieina/pos-tha-katalavo-an-mpika-stin-klimaktirio-enas-mikros-odigos-gia-tin-proemminopafsi
Title: Κλιμακτήριος ή προεμμηνόπαυση: Τα πρώτα «σημάδια»

Search URL Search Domain Scan URL

URL: http://www.capital.gr/
Title:

Search URL Search Domain Scan URL

URL: http://gr.askmen.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.madamefigaro.gr/
Title:

Search URL Search Domain Scan URL

URL: https://www.shape.gr/
Title:

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/
Title:

Search URL Search Domain Scan URL

URL: http://atticamediagroup.gr/pres/
Title: ανώτερος κινητικός νευρώνας

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://platform.instagram.com/en_US/embeds.js HTTP 307
https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js

Request Chain 27

http://www.missbloom.gr/xtcore.js HTTP 301
https://www.missbloom.gr/xtcore.js

Request Chain 60

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref= HTTP 302
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref=&Rdt=On

Request Chain 81

https://ad.doubleclick.net/ddm/jump/N485604.563336MISSBLOOM.GR/B23404773.258640428;sz=300x600 HTTP 302
https://www.google.com/gen_204?reason=EmptyURL

Request Chain 127

http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=91238081&cs_ucfr=1 HTTP 302
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=91238081&cs_ucfr=1

153 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
capitolorne.gq/ 49 KB
15 KB 178ms
122ms Document
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

Host: capitolorne.gq
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2fd01154126cd4e40839875b2bb92db81573611319; expires=Thu, 12-Nov-20 02:15:19 GMT; path=/; domain=.capitolorne.gq; HttpOnly
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 534d3cb8cb39cbcc-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK 579d0.single.include.4e2fc8.css
capitolorne.gq/wp-content/cache/minify/ 45 KB
12 KB 207ms
192ms Stylesheet
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9787bba49c28fdf31c7c4d791e1ab0153855f7a3db826a7a741dadca6c6f889b

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cb9ab08cbb8-VIE

GET
H/1.1 200
OK 579d0.default.include.3de91f.js Show response
capitolorne.gq/wp-content/cache/minify/ 217 KB
50 KB 186ms
170ms Script
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be7819b6ffc8d1f32e3866e4fb1b1ba55449868a1205a3bd19060ec8864ec9e

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:07 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cb9aeb0cb9c-VIE

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 22ms
16ms Stylesheet
text/css 2606:4700:300a::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300a::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18245262
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.005
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 534d3cb99e91cbb0-VIE
expires: Mon, 02 Nov 2020 02:15:19 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 23ms
18ms Script
application/javascript 2606:4700:300a::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:300a::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18245261
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.025
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:36 GMT
server: cloudflare
etag: W/"5afd48ec-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 534d3cb9ae92cbb0-VIE
expires: Mon, 02 Nov 2020 02:15:19 GMT

GET
H/1.1 200
OK style.css
capitolorne.gq/wp-content/themes/mb17s/css/ 355 KB
50 KB 158ms
144ms Stylesheet
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e347b958399166fb0109080d3016c0bc58b8a5ed20fcc845d0c6e610a4f34ef

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cb9ab0acbb8-VIE

GET
H/1.1 200
OK smarttag.js Show response
tag.aticdn.net/ 69 KB
20 KB 107ms
43ms Script
application/javascript 23.45.99.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/smarttag.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.146 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 957f06c2b4c8b7860dfea6fc9c22b0ebbb93b0f578ab7ea119cfab3cc2a683b6

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: _96tQs5PhRQt6rOYPlMjPrGybObCiyA8
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 10:09:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=600
Date: Wed, 13 Nov 2019 02:15:19 GMT
Connection: keep-alive
Content-Length: 20072
X-Amz-Cf-Id: wBhxbd2IvVzvuWP7QyRX22RR530Pa2SD7dUbMjSlP_uTGBKL_TKH1w==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
15 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

673579fe9b5ea2ea13d4681187eef1310f40529884424104b41d620d7bf8f257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "335 / 673 of 1000 / last-modified: 1573593775"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15625
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H/1.1 200
OK main.js Show response
capitolorne.gq/wp-content/themes/mb17s/js/ 43 KB
11 KB 169ms
155ms Script
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0baea9c619c9b3a0711c9e7557cef9519475cd91d4810b8bbfa9bc4845666a

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cb9bfee59b8-VIE

GET
H/1.1 200
OK missbloom-logo-p.svg
capitolorne.gq/wp-content/themes/mb17s/images/logo/ 2 KB
2 KB 184ms
171ms Image
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://capitolorne.gq/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cb9db37cbb8-VIE

GET
H2 200 Screenshot_1-6.jpg
files.missbloom.gr/2016/09/ 68 KB
68 KB 104ms
23ms Image
image/jpeg 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=86400
last-modified: Mon, 05 Sep 2016 10:31:56 GMT
server: nginx
etag: "57cd499c-10f17"
content-type: image/jpeg
status: 200
cache-control: max-age=8640000
date: Wed, 13 Nov 2019 02:15:19 GMT
accept-ranges: bytes
content-length: 69399
expires: Fri, 21 Feb 2020 02:15:19 GMT

GET
H2

200

2fe3a16f6aeb.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

http://platform.instagram.com/en_US/embeds.js
https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: a4ca2aab7f67fff86ca9da7b1c4d717d22f52f9e69efc9f4f10346dfd78eaa3d

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 21:07:26 GMT
x-fb-trip-id: 1679558926
status: 200
etag: "2fe3a16f6aeb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4920

Redirect headers

status: 302
date: Wed, 13 Nov 2019 02:15:19 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js
content-type: text/html; charset=utf-8

GET
H2 404 4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 81ms
80ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 gb-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 81ms
80ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 va_content.vast.js Show response
www.vidads.gr/scripts/ 291 KB
76 KB 73ms
8ms Script
application/javascript 2a01:4f8:151:21d2::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/scripts/va_content.vast.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:151:21d2::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
last-modified: Mon, 04 Nov 2019 14:18:29 GMT
server: nginx/1.16.1
etag: "48ac3-59685fd6653e4-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-country: DE
x-route: http1
accept-ranges: bytes
expires: Wed, 13 Nov 2019 03:15:19 GMT

GET
H2 404 64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/ 0
0 65ms
64ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/ 0
0 66ms
65ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/ 0
0 88ms
86ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/ 0
0 77ms
75ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 preloadBar.gif
www.capital.gr/Content2017/images/ 25 KB
25 KB 30ms
23ms Image
image/gif 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
last-modified: Tue, 04 Dec 2018 16:43:52 GMT
server: Microsoft-IIS/8.5
etag: "691c58af08bd41:0"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 25323

GET
H/1.1 200
OK tag.js Show response
js.agkn.com/prod/v0/ 3 KB
4 KB 13ms
6ms Script
application/javascript 2600:9000:21f3:6200:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://js.agkn.com/prod/v0/tag.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2600:9000:21f3:6200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 Nov 2019 20:23:25 GMT
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 20:22:52 GMT
Server: AmazonS3
Age: 45244
ETag: "f53f55cbab099be3a970b446a66c496a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 3167
X-Amz-Cf-Id: aWlQ8fExfpJGAsgU-tyhNQM2Mby3dor2NvCNbvjKbyuOSQzKd8HOAg==

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
37 KB 26ms
20ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

dc7c74c1e1b68cf6efe2f0b681006deee0cd0de40e7d9506a744a0d279b1b2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 9840631062815110993
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 37759
X-XSS-Protection: 0
Expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 29ms
28ms Script
application/javascript 2606:4700::6812:e134
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 984
etag: W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 534d3cbc4f7bcba8-VIE
expires: Wed, 13 Nov 2019 14:15:19 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
capitolorne.gq/wp-includes/js/ 93 KB
24 KB 135ms
134ms Script
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://capitolorne.gq/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1565b905a6a3dc95b276bf9451b2c2e8b897f74137b87854754daf05bac70c9

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cba9d60cbcc-VIE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6102
date: Wed, 13 Nov 2019 00:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Wed, 13 Nov 2019 02:33:37 GMT

GET
H2 200 pubads_impl_2019110401.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
58 KB 100ms
56ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

89db741bbe693e04001902f6651d3f47bcfd0b216bc35cd1896e33086f7c4ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 14:08:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59437
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
178 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=capitolorne.gq

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET 482
t.qds.ninja/t/ 0
0

GET
H2

200

xtcore.js Show response
www.missbloom.gr/
Redirect Chain

http://www.missbloom.gr/xtcore.js
https://www.missbloom.gr/xtcore.js

19 KB
8 KB

23ms
23ms

Script
application/javascript

2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.missbloom.gr/xtcore.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: public
date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2015 09:49:24 GMT
server: nginx
etag: "5656d5a4-4ae0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 7522
expires: Wed, 27 Nov 2019 02:15:19 GMT

Redirect headers

Location: https://www.missbloom.gr/xtcore.js
Date: Wed, 13 Nov 2019 02:15:19 GMT
Cache-Control: max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 58ms
58ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319729&dlt=1573611319284&idt=423&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

33e71b125f125788699dd49aec1abb2dc11e813f0462330e0625f13c96348287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3390
x-xss-protection: 0
google-lineitem-id: 5204372110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138292025257
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019110401.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
25 KB 55ms
55ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

d3cd091705544e4df29bbee72ca66f1233f6fa01447742156675c21ba59e6e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 14:08:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25051
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 91ms
91ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319738&dlt=1573611319284&idt=423&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

61096f8d4ae3903bc64f86a3142965d70f2e995085d67745a23cdfe4948d6ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2509
x-xss-protection: 0
google-lineitem-id: 5219392308
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293936849
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 172ms
171ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319741&dlt=1573611319284&idt=423&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

04f9d83b4c914f604be6f461de6911483759d5b3624cd79fd7c3de03e8efff52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2698
x-xss-protection: 0
google-lineitem-id: 5189058853
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289784343
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 389 B
371 B 167ms
167ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319746&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

fd085d436ea4e65b93adb4ccbd6bbe6649f139f61efed182966660f41c948f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 202
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 208ms
208ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319750&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0234b84c65606ae191bd41168148a048c0061e45dfd57371b3f0eb889bf0900b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4462
x-xss-protection: 0
google-lineitem-id: 5216510307
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293845612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 395 B
373 B 261ms
260ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319758&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b7aa3d448bc7aed0d29529bf87e13e8668be2816f402cf7a81f8f7ea4792acaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _yalla_loader.js Show response
widget.yallarec.com/ 79 KB
20 KB 23ms
5ms Script
application/javascript 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/_yalla_loader.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 23d461adf9afa5180a9fec3fc16b4011904c200d1406cc38e8118141e644dd74

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Nov 2019 13:07:41 GMT
Server: nginx
ETag: W/"5dc4171d-13de1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 20540
Expires: Wed, 13 Nov 2019 04:15:19 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
8 KB 298ms
298ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319776&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3120&adk=3543098062&uci=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f301952b8d9634c9d07d087f5f141741a5aa11faa24c742f98963ae79a616dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8037
x-xss-protection: 0
google-lineitem-id: 5206149502
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138292273720
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 335ms
335ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319779&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3370&adk=1034747580&uci=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3efb9e5717f8ee87d9d609a4063ef9eed7ed55cae8e7708cac77d5cf13012218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2189
x-xss-protection: 0
google-lineitem-id: 5205372208
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138292169827
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 386 B
362 B 332ms
330ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319782&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3620&adk=926066986&uci=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e14ed2006ce7c30870a22cf1fb74b7b4d9d788b607a756b944e00508f350ac8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 201
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 397 B
483 B 498ms
498ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319792&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5432&adk=1019512580&uci=a&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=40&icsg=34351808&std=0&csl=77&vis=1&scr_x=0&scr_y=0&psz=1569x90&msz=1569x90&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f7c81f036d8791a0a341e878337123fd3bf5eca41384f9e713ce648371916334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK missbloom-logo-p.svg
capitolorne.gq/wp-content/themes/mb17s/images/logo/ 64 KB
64 KB 16ms
16ms Image
text/html 2606:4700:30::681f:4212
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://capitolorne.gq/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:4212 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 10 Feb 2019 16:02:04 GMT
Server: cloudflare
Age: 0
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: private, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cbcc819cbcc-VIE

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
27 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 27377
x-xss-protection: 0
pragma: public
x-fb-debug: a9UqnA4YuPjijRuyFgGjPxrbfjHe0BUmlqtNWLLRxdKeL1kX8Y6rXbA9BuoPJugXI/dfXXlpGEJ+JXWUIINrUw==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 13 Nov 2019 02:15:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 494ms
493ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3650239757705177&correlator=2108555148793451&output=ldjh&impl=fif&adsid=NT&eid=21064212&vrg=2019110401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-36&ecs=20191113&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1573611319803&dlt=1573611319284&idt=423&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=6303&adk=343001862&uci=b&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcapitolorne.gq%2F&dssz=49&icsg=549628930&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x6295&msz=1x-1&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3fb2764d6ae276a32dac16e46dd2d0173a904c0a7bc0cb8316276efc92a8fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1891
x-xss-protection: 0
google-lineitem-id: 4513156319
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138219435056
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://capitolorne.gq
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 exitbee.js
app.exitbee.com/c/366/ 0
0 106ms
40ms Script
text/html 35.240.50.85
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.exitbee.com/c/366/exitbee.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

openresty/1.15.8.2 / PHP/7.2.13

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
server: openresty/1.15.8.2
status: 403
x-powered-by: PHP/7.2.13
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 429 /
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame E4AD 0
0 119ms
119ms Document
text/html 2a03:2880:f21c:81e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcapitolorne.gq&rp=%2F

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/2fe3a16f6aeb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcapitolorne.gq&rp=%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://capitolorne.gq/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://capitolorne.gq/

Response headers

status: 429
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Wed, 13 Nov 2019 02:15:19 GMT
content-length: 20614
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-aed: 13
access-control-expose-headers: X-IG-Set-WWW-Claim
x-fb-trip-id: 1679558926

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 9973 0
0 16ms
8ms Document
text/html 2600:9000:2156:ba00:19:fc2c:a140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=245880974&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fcapitolorne.gq%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:ba00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Content-Type: text/html;charset=UTF-8
Content-Length: 479
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Date: Wed, 13 Nov 2019 02:15:19 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AbXtYXxFqK1wNkAWksBy9IsTwPP3McV5V;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlXiO3JV4jtwAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache: Miss from cloudfront
Via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: VXW37HlViGAa28RVqdl61_6Ve5GUfqqwv-pZocIDVEQup95a_RaHmw==

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 2 KB
1 KB 35ms
34ms XHR
text/xml 2a01:4f8:151:21d2::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:4f8:151:21d2::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 / PHP/7.2.24

Resource Hash

4f49e3861189b1ca56c0615100e8c50d530ae8c559ea5445dee8e3c27a4d729e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: http://capitolorne.gq
x-powered-by: PHP/7.2.24
status: 200
pragma: no-cache
x-route: http1
last-modified: Wed, 13 Nov 2019 02:15:19 GMT
server: nginx/1.16.1
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
x-country: DE
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-time: 0.028011083602905
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20191107/r20190131/ 223 KB
84 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191107/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0cfbf66edd81bd42d98dc420f56362442dab55294358435ee1caafac671199cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 85954
x-xss-protection: 0
server: cafe
etag: 12866466463575875148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191107/r20190131/ Frame 1E99 0
0 6ms
5ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191107/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191107/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://capitolorne.gq/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://capitolorne.gq/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 07 Nov 2019 15:16:14 GMT
expires: Thu, 21 Nov 2019 15:16:14 GMT
content-type: text/html; charset=UTF-8
etag: 17893446177683960593
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7725
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 471545
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 31 Oct 2019 07:11:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1105451
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29671
X-XSS-Protection: 0
Expires: Fri, 30 Oct 2020 07:11:08 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 996E 0
273 B 35ms
34ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5mscZjqUEbpH9LIQ6qTupiZ-0g8o_Yg8kF6RXIcZIOhD1fimrYXYxGpZSm5SLyAO-QeI2e2rvPv99qF-lDyuHqNfwQNse0oqqam9GEVmr79K7eYV8uYUM9Ckkt7X5CX1cWWbUe07hG3hwyZFEPSE_TuYJrHnpY8GLH0OWrHvUCebnM4eI1C3ZF_ksUiGlxGdGrOWKUyGs0W3QhYKJyUwEUrkU9Ym-tNDVaNc6c6F-uN_pMJhkzIWILasAXw51wmI&sai=AMfl-YSj18EtOr36G9VJAKButu8Z_d9avywVUajSY6Xxq4YgakzEZLrsIfFu1jLvbUnws01eTxq1txHQFdMUKPQbgP3-q3SB3GE0yAWGI6D4&sig=Cg0ArKJSzGZanoPhg1KDEAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:19 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H/1.1 200
OK adman.js Show response
static.adman.gr/ Frame 996E 115 KB
35 KB 105ms
41ms Script
application/javascript 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adman.gr/adman.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116381fd746f7bb9b63e420e7d1f82d199dc82083bf06269202a005e8c588b76

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Mon, 11 Nov 2019 08:55:33 GMT
Server: cloudflare
Age: 4320
etag: W/"5dc92205-1ca7b"
vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cbd78ec59b8-VIE

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 996E 77 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

10f00cef14dd32e5aae14d76fb0b45502d429baac7a810cf5492dcbd03ac5604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29405
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame C1F5 0
254 B 32ms
31ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt_v8J3neIonGWQ3N8yrqXB98FuLXLlS638VOJgDEaChH85gijj8QpFMW7lmkZD6a_CGREBwXdzLoxOT2BjJk2wFwEyaoM5sSKPEbFpU9gk7wMZyFbkE74c4hH1bYURLs1aa_G9ejh-tBhEJom9P552_MdLgLtuzAGpLvEOASJcW0sldZy8Gel0loXz9dioHrQzVpf0EJ1ennxAZCL1PiVY8JHZ63hpkP4v5Olp_lWySdl5f6TSXQg728xT4Ho0q_yXoOjf5KERHnT5mdr_g4&sai=AMfl-YTW96XEuINJ3XwB1Q29m8APR5awWwMmv3QdarIDEmgQfm3LFzc4josn_ap03e7ynBPiyz7g129Nu2-eUe9rHmHuNyVlWs45W7wESTjGgA&sig=Cg0ArKJSzAJohHmWvPcAEAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:19 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H/1.1 200
OK adServer.bs Show response
bs.serving-sys.com/BurstingPipe/ Frame C1F5 14 KB
6 KB 72ms
20ms Script
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=29235977&PluID=0&w=1&h=1&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv3XTGDF0u-_5tnb2Wx-pzf72RqcRwzAo8XGBmOYMGRcLYK5ebnDApZmATHkLoNSBzIvD3RG59GtTgDlT6QJvKjh8AdqRGGFwmgCP0f-XtC_F42yawNnnDqIXUhzY5CCKiTUbEfXCQ_2JxKbm-NNYf6Xb8X8eK8TC0MD-cH5IKP95ophkCqJJa-dX80RsmJT3CZgEUsRvXr3Gq-_2WRiU_OPqeESF9JFk-oWEHkYLdjQow9AqFUGhx0A3L2n1pE46Wy&sai=AMfl-YR8viYQMG9Tprpt7SD8xDrpn5CikOoztbUc4PZSjDF0gSLR7-_k3-PWr_WLd5vOmxuU-BbpfZxOxXBLBD2v5FDLh4vZtNqyQtji-zOejA&sig=Cg0ArKJSzEaiqzfsUr_OEAE&urlfix=1&adurl=$$&ord=25984295&ucm=true
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET, ARR/2.5, ASP.NET
Resource Hash: 542fd0745c2e5b19a3f27085b28019dd505fe21fdf08864c31c6d8c36b5a09d8

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:19 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET, ARR/2.5, ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI", CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 5834
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1F5 77 KB
29 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 1047335965285668 Show response
connect.facebook.net/signals/config/ 348 KB
85 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1047335965285668?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

7b9dfa8558017a8e1be56d4120bb80ca6160a5844bfc3d41ea46b7208a752cf4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: m0dLPLWytuwHaWCJQx5l62Sg6u6qwzmmponuhvbkS54abnaYEPF291uvIjDeqH9UHeZbm8FFMjO5/C8YAK925Q==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Wed, 13 Nov 2019 02:15:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

hit.xiti
logw312.ati-host.net/
Redirect Chain

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref=
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref=&Rdt=On

35 B
160 B

23ms
23ms

Image
image/gif

184.31.87.55
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref=&Rdt=On
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 184.31.87.55 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-87-55.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=031519670871&jv=0&re=1600x1200&vtag=4.5.7&hl=3x15x19&r=1600x1200x24x24&ref=&Rdt=On
Date: Wed, 13 Nov 2019 02:15:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 400 ads
googleads.g.doubleclick.net/pagead/ Frame 267F 0
0 34ms
34ms Document
text/html 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcapitolorne.gq%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573611319824&bpp=8&bdt=540&fdt=79&idt=79&shv=r20191107&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=276197310104&frm=20&pv=2&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&ga_fc=0&iag=0&icsg=149568757628963&dssz=57&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3650239757705177&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=90

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191107/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcapitolorne.gq%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1573611319824&bpp=8&bdt=540&fdt=79&idt=79&shv=r20191107&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=276197310104&frm=20&pv=2&ga_vid=201594565.1573611320&ga_sid=1573611320&ga_hid=473339148&ga_fc=0&iag=0&icsg=149568757628963&dssz=57&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3650239757705177&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://capitolorne.gq/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUk6l1I4Eg7_GEbDzES2AplmheFUUoRNobM3opAPLJicbbuJ8mHbSC6yWfSS; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://capitolorne.gq/

Response headers

status: 400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 13 Nov 2019 02:15:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 856A 0
129 B 36ms
36ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGEiBzdhafu0lLdVCmkovWgiHLG0F18XVG-cd1Yiak0YbfMvkClZ_I_sMDikOfvLjEqmpmLyWUdJoFfGDz79__NXaWV1WMud6uJQQSOeurVFGgT_D_UlfURQRV05S_ecUEpu9EVAv38sBH3KTXmNpPCRwes9VtAN0WE4UPGlfdtymQ9pKQEMPSY0JtXcHvqeaYK4PNo1ShewIE1Tywdrt9ceaCdDQudtCKpTa1FuB9gNbjsEvb6Ya26FQF6XFf1Boluw&sai=AMfl-YQjrM0I0qwhtgstTvgaDk5gHgJeoEHmE0mtABb_mpIkEfNOtEvLy43ejqnNc4kMdMYmmXJCP_lT4ikd-6yCGjZXKbr8alivg_IL1vGn&sig=Cg0ArKJSzFd2nZ5bxWENEAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:19 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 856A 77 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:19 GMT

GET
H2 200 970.jpg
files.capital.gr/banners/ftp/bazaar970x250/ Frame 856A 48 KB
48 KB 54ms
25ms Image
image/jpeg 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.capital.gr/banners/ftp/bazaar970x250/970.jpg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c88be2a7d22efe3d848601100d7681d6510d10e3fee319fc6963883a3c3ac022

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:19 GMT
last-modified: Fri, 04 Oct 2019 14:43:00 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "9d85e24c27ad51:0"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 48947

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame 856A 85 KB
0 51ms
37ms Media
video/mp4 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://capitolorne.gq/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 13 Nov 2019 02:15:19 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 0-659933/659934
Cache-Control: public, max-age=191
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 659934

GET
H/1.1 200
OK getrecs.json Show response
api.yallarec.com/rec-api/ 27 KB
9 KB 94ms
74ms Script
application/javascript 95.142.20.17
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_49833354185551880&pubid=185585&webid=175457&wid=117200&recsnum=15&url=http%3A%2F%2Fcapitolorne.gq%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=b4e01d5a-8605-e63c-52fb-caa13b118454&rndid=49833354185551880&psid=968d84eb-7080-b700-1356-31d94f89b1da
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-20-17.purepeak.com
Software: nginx /
Resource Hash: f5a40196e00dae18bf09ef0b522d546579404e1a56d31b2ec3dec0667034268a

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-language: en-US
cache-control: no-cache, no-store, max-age=0
transfer-encoding: chunked
content-type: application/javascript;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ 20 KB
8 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 13639
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7923
x-xss-protection: 0
server: sffe
date: Tue, 12 Nov 2019 22:28:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "78dc79e454080e42"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 22:28:01 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910251950120/ Frame 1D90 243 KB
78 KB 31ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 29859
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 78754
x-xss-protection: 0
server: sffe
date: Tue, 12 Nov 2019 17:57:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e013cb1224f59e75"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 17:57:41 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910251950120/v0/ Frame 1D90 151 KB
46 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910251950120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: gzip
x-content-type-options: nosniff
age: 29841
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47460
x-xss-protection: 0
server: sffe
date: Tue, 12 Nov 2019 17:57:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8efde0f72d912957"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 17:57:59 GMT

GET
DATA 200
OK truncated
/ Frame 1D90 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cee0606b2ded133ce93fad1bd7f09eeb6fb91b3738e7c36c40f8f389c9a90a1d

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 11132734215048490371
tpc.googlesyndication.com/simgad/ Frame 1D90 136 KB
136 KB 7ms
7ms Image
image/gif 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11132734215048490371

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b2f6b17e117be350dc45be02721813c2450bba8efdc580424fb0b14660d05487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 Nov 2019 10:33:26 GMT
x-content-type-options: nosniff
age: 402113
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 138785
x-xss-protection: 0
last-modified: Fri, 08 Nov 2019 09:55:23 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Nov 2020 10:33:26 GMT

GET
H/1.1 200 adServer.bs
bs.serving-sys.com/serving/ Frame 1D90 42 B
865 B 17ms
17ms Image
image/gif 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving/adServer.bs?cn=display&c=19&mc=imp&pli=29221915&PluID=0&ord=445639704&rtu=-1
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:19 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D90 0
152 B 32ms
32ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBBY1gApECdYTqtF8_dNNp4CYPMbp51HQQWjXnYQ-2EMauoJfPQjbgYltWEdjUvou3ccZqkha15qDhesjUJqFd3O6hDvtO26awJNxUs4WzO1F8d7pGDvqTjShhWZBuWqIXUVrsmiNw4u8lrs7VULaczw-2r7TtUfRID_6soHHMumHk7CEgS9NUIcxhJEsZL_DLvcSUN4UwGi9uEczNCJFjsb01UZE3Cgnh0Xh9_2HJmaYWcQtO20iyD9NEk9KJCUr8uSFywA&sai=AMfl-YT7h5_iarn6Wi7fiwEU9e98tboxyB4iFrtaKCPBErnU9AUJuzNxdW58ZJDWydAVM9qVRy6T0waaP9nn8xr7ueGyIRaTZQ7ONakcOCQD9Q&sig=Cg0ArKJSzKVszGCBih5aEAE&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H2 200 PL_AdBuilderInterstitial.js Show response
secure-ds.serving-sys.com/BurstingRes//CustomScripts/ Frame C1F5 58 KB
15 KB 73ms
24ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingRes//CustomScripts/PL_AdBuilderInterstitial.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=29235977&PluID=0&w=1&h=1&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv3XTGDF0u-_5tnb2Wx-pzf72RqcRwzAo8XGBmOYMGRcLYK5ebnDApZmATHkLoNSBzIvD3RG59GtTgDlT6QJvKjh8AdqRGGFwmgCP0f-XtC_F42yawNnnDqIXUhzY5CCKiTUbEfXCQ_2JxKbm-NNYf6Xb8X8eK8TC0MD-cH5IKP95ophkCqJJa-dX80RsmJT3CZgEUsRvXr3Gq-_2WRiU_OPqeESF9JFk-oWEHkYLdjQow9AqFUGhx0A3L2n1pE46Wy&sai=AMfl-YR8viYQMG9Tprpt7SD8xDrpn5CikOoztbUc4PZSjDF0gSLR7-_k3-PWr_WLd5vOmxuU-BbpfZxOxXBLBD2v5FDLh4vZtNqyQtji-zOejA&sig=Cg0ArKJSzEaiqzfsUr_OEAE&urlfix=1&adurl=$$&ord=25984295&ucm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 6a0641c96363fab1d22c36e13ff3303a145e26106efa7a017238206b0516b661

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
status: 200
last-modified: Fri, 16 Mar 2018 07:35:45 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/2.5, ASP.NET
etag: "72ec2465f9bcd31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=149
accept-ranges: bytes
content-length: 15124

GET
H2 200 ebHtml5ExpBanner_api.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ Frame C1F5 404 KB
106 KB 85ms
36ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/BurstingPipe/adServer.bs?cn=rsb&c=28&pli=29235977&PluID=0&w=1&h=1&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsv3XTGDF0u-_5tnb2Wx-pzf72RqcRwzAo8XGBmOYMGRcLYK5ebnDApZmATHkLoNSBzIvD3RG59GtTgDlT6QJvKjh8AdqRGGFwmgCP0f-XtC_F42yawNnnDqIXUhzY5CCKiTUbEfXCQ_2JxKbm-NNYf6Xb8X8eK8TC0MD-cH5IKP95ophkCqJJa-dX80RsmJT3CZgEUsRvXr3Gq-_2WRiU_OPqeESF9JFk-oWEHkYLdjQow9AqFUGhx0A3L2n1pE46Wy&sai=AMfl-YR8viYQMG9Tprpt7SD8xDrpn5CikOoztbUc4PZSjDF0gSLR7-_k3-PWr_WLd5vOmxuU-BbpfZxOxXBLBD2v5FDLh4vZtNqyQtji-zOejA&sig=Cg0ArKJSzEaiqzfsUr_OEAE&urlfix=1&adurl=$$&ord=25984295&ucm=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0, ASP.NET
Resource Hash: fbbf681a7dab1098a4519748b3b1b36543f75a4a1e6318cea9bdf54ea76ecafb

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
status: 200
last-modified: Sun, 10 Nov 2019 07:59:25 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0, ASP.NET
etag: W/"e1611dc59c97d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 108270
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200
OK adman.js Show response
static.adman.gr/ 115 KB
35 KB 17ms
16ms Script
application/javascript 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adman.gr/adman.js
Requested by: Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116381fd746f7bb9b63e420e7d1f82d199dc82083bf06269202a005e8c588b76

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Mon, 11 Nov 2019 08:55:33 GMT
Server: cloudflare
Age: 4321
etag: W/"5dc92205-1ca7b"
vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cbe093659b8-VIE

GET
H/1.1 200
OK / Show response
talos.adman.gr/gbanner/ Frame 996E 172 B
633 B 231ms
61ms Script
application/x-javascript 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

https://talos.adman.gr/gbanner/?1573611319999|36465/300x250?8365:=1573611319999@1x1x24?/&cab=_&v=6

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

1efd438fcb4ff9510113cf2515fba3dbb306a1c1b0d9f591db38f5bc219e9179

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection: close
Content-Type: application/x-javascript; charset=iso-8859-7
Content-Length: 172

GET
H2 200 /
www.facebook.com/tr/ 44 B
320 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=http%3A%2F%2Fcapitolorne.gq%2F&rl=&if=false&ts=1573611320013&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573611320013.500710063&it=1573611319865&coo=false&rqm=GET

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
DATA 200
OK truncated
/ Frame 856A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe1b30d145ca350e8c334789ff3339b21cb859f41da1a9619629a3bc38d74cf9

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
googleads4.g.doubleclick.net/pcs/ Frame E5EC 0
753 B 89ms
35ms Fetch
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstxWsrFAQvNSatNSuD_4Wk93WpEKo32PWTCrw0YA9oLUvKShai8Li0E7hlo4REK8R2oAExim74YqPs8jwNEFch5ZRYHsdANNPjjlNbF5xFl5sa8YhqDTnQoGUU6dELFK2xTSmnVsokWfx1U9uvVo4eYe47xjcp2G_emjHoGWuxh8ob-1v2_HDQ9kNsmfL5Ur27YAqyyGjuGKNaGl57XhcWSqlnA8agVy2mxWiOdkgv7cXQbYo0ZWxGreh9FxPU48TyanuWziC5auMGZK47v93xfwcOjcb50QSaMy4KQq8rXd_2SYeYTI0bUO5bBIXE&sai=AMfl-YR6tqlLp0FEWL2DNC5WRrXggykmjSkBUDfsb_z5Mad0o2Qu3etkcQSuOa2zzlU26EJmseqbTovJ9aTkottbi2PjYbXxGa4iBI2u-dJ4uw&sig=Cg0ArKJSzEO95rYTNafLEAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H2

204

gen_204 Show response
www.google.com/ Frame E5EC
Redirect Chain

https://ad.doubleclick.net/ddm/jump/N485604.563336MISSBLOOM.GR/B23404773.258640428;sz=300x600
https://www.google.com/gen_204?reason=EmptyURL

0
500 B

16ms
16ms

Fetch
text/html

2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?reason=EmptyURL

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 204
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/gen_204?reason=EmptyURL
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E5EC 41 KB
15 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 01:27:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 09 May 2018 20:45:00 GMT
Server: sffe
Age: 2875
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Length: 15207
X-XSS-Protection: 0
Expires: Thu, 12 Nov 2020 01:27:25 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5EC 77 KB
29 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H2 200 2502_PHILIPS_PowerCyclone7_300x600px.png
s0.2mdn.net/6416729/ Frame E5EC 281 KB
281 KB 27ms
7ms Image
image/png 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6416729/2502_PHILIPS_PowerCyclone7_300x600px.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c805c76c30559c47d60d1531e4de4458f22df0db58d9f96520a3900f9da7304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 Nov 2019 23:30:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 11:42:53 GMT
server: sffe
age: 9894
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 287502
x-xss-protection: 0
expires: Wed, 13 Nov 2019 23:30:26 GMT

GET
H2 200 DelayedImpression.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_56_0_0/ Frame C1F5 2 KB
1 KB 24ms
24ms Script
application/javascript 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_56_0_0/DelayedImpression.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0, ASP.NET
Resource Hash: aa67ef92b6b6e70da4be78ca05bf65a9a43e59f6bf80f412a4b1a74e8d3768c0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
status: 200
last-modified: Sun, 10 Nov 2019 07:59:24 GMT
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0, ASP.NET
etag: W/"c7de78c49c97d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 878
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame 856A 36 KB
37 KB 55ms
41ms Media
video/mp4 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6692aa46b1a53011edfeb6967b3d1478207638d7cedca145f167d815ac6898eb

Request headers

Referer: http://capitolorne.gq/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=622592-

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 622592-659933/659934
Cache-Control: public, max-age=190
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37342

GET
H/1.1 200
OK yalla_crt_loader.js Show response
widget.yallarec.com/ 13 KB
3 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/yalla_crt_loader.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Nov 2019 13:07:42 GMT
Server: nginx
ETag: W/"5dc4171e-342f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 3239
Expires: Wed, 13 Nov 2019 04:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.elenh_2Dmenegakh_2Dkorew_2_148960_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/00/14/c6/ 16 KB
16 KB 20ms
7ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/00/14/c6/files.missbloom.gr.elenh_2Dmenegakh_2Dkorew_2_148960_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04be5ef0c7fdc64bd0fe70bbb7a575b94950be880e8f961988a6f4d7570c01cb

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 01 Nov 2019 01:53:31 GMT
Server: AmazonS3
x-amz-request-id: C926EA7CE4A40C74
ETag: "b269cc248b02fe36e7008f9b65f794c9"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16390
x-amz-id-2: jVT6l46A3U1fYlbHSeYy9nl2jr/ScM2wnVa61FFfIEmDMEjpGSgkanS/wLcJMEDeFTCbOLBNqHg=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.xopsonidou_2_129334_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/ab/ab/68/ 15 KB
15 KB 36ms
24ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/ab/ab/68/files.missbloom.gr.xopsonidou_2_129334_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b363d500002cd35329617663e7daa48933ee8fb8545bbd2e7b16ad12452274f

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 15 Oct 2019 11:44:17 GMT
Server: AmazonS3
x-amz-request-id: 9F7D3392CF180BB7
ETag: "53375d3ae7bc2e78958b119fc032cf2e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14873
x-amz-id-2: Za/MllJT6Skgcxrgx2P9ye06qbe+u2Dr19TD0Z8GuJUcPWMSW8InBHYcsE4ub5+/qJ6QFkgSCZk=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK yupiii.gr.e4ad1731ee4a7ee9457c0c94e7fee096_2_100634_2.jpg
img9-api.yallarec.com/98/c6/website_175458/81/62/4f/ 11 KB
11 KB 37ms
24ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/98/c6/website_175458/81/62/4f/yupiii.gr.e4ad1731ee4a7ee9457c0c94e7fee096_2_100634_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 683c11ee40320264bfb5c5047109fb709e1cd061cf9f71895d1bcdcca847f7dd

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 12 Nov 2019 19:29:41 GMT
Server: AmazonS3
x-amz-request-id: 48C4A7191EB4F941
ETag: "4770b9b7550c42611fc20dc21ee339a1"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11005
x-amz-id-2: NrfAqTDaNHQ2TMBKFMc/ghj62FZviu4U1Wf/+KaXU6JtT8NbLyyKkQu1zS+D/kOYJipZ0K8KeQU=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_149950_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/3b/63/95/ 12 KB
13 KB 37ms
25ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/3b/63/95/files.missbloom.gr._3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_149950_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdc35423b7287436ac62d019275e648f4533f09e39635e9e9478928210e3c19a

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 15 Oct 2019 18:33:31 GMT
Server: AmazonS3
x-amz-request-id: A7AB8A10AF1110DD
ETag: "745170edd29c015a52235d76e04efb6e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12510
x-amz-id-2: +Ti6KaVNOdezIFQTbnyubkNnQ4DDq0YwbuLeNE+SBhYHu5yxWEEaPywXn1wrlnv73KD00HjcPAE=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.female_2Dkeeping_2Dmug_2Dof_2Dwarming_2Dpumpkin_2Dyellow_2Dcream_2Dsoup_2Dpicture_2Did1051438438_2_106857_2.jpg
img9-api.yallarec.com/dc/64/website_175460/db/c0/49/ 11 KB
11 KB 19ms
7ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/db/c0/49/files.missbloom.gr.female_2Dkeeping_2Dmug_2Dof_2Dwarming_2Dpumpkin_2Dyellow_2Dcream_2Dsoup_2Dpicture_2Did1051438438_2_106857_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81b68bcefc56b39ce46ba81f6982195074952593d28a09e9bf3fceabab836749

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Thu, 07 Nov 2019 02:49:06 GMT
Server: AmazonS3
x-amz-request-id: 3074C05D1A0BF728
ETag: "85abaf8c0055339f36c4de81b141a624"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11215
x-amz-id-2: o/HO67GaF8ay1iH9h17clVnbsXO4/5Xx7aJJ1aHfkWbOChT0Q9PZH6DjkIBLWWJuZFsPFVPJEcY=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.frag_2_167351_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/0c/ba/07/ 12 KB
13 KB 37ms
25ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/0c/ba/07/files.missbloom.gr.frag_2_167351_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de268581a4db5572012908108d7bc9dd24163e79d663992cb79353599eabcdc1

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 18 Oct 2019 10:51:01 GMT
Server: AmazonS3
x-amz-request-id: 52AA33B31695CDCC
ETag: "6095eba72f478095e5450df2f34d8d85"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12500
x-amz-id-2: kUMoxvOQC98aNTcZrsFZGe56q2kELcUB+wdbShfyq4yPVvR3qJoRySEQeQ+CStWaqrgR6W5mhCc=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2D2_2_166550_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/1f/9b/43/ 16 KB
16 KB 23ms
21ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/1f/9b/43/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2D2_2_166550_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1938a4528546642ca81d99fcfb44598f45b12b711c7107318e17e777ad17758

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Wed, 23 Oct 2019 09:55:01 GMT
Server: AmazonS3
x-amz-request-id: AE6D1356FB87CC8D
ETag: "d7a450321861069bcc55f1ba96be0693"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16021
x-amz-id-2: ykiYu0br9x9x7EPMd6LXcJNlqHpgmHsRXppcHLeM3t4r+OvAMqYhaoghTVv/SDBr/YHojPsCjHI=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.Untitled_2D23_2_125373_2.png
img9-api.yallarec.com/e4/6d/website_175457/10/98/f7/ 13 KB
14 KB 23ms
23ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/10/98/f7/files.missbloom.gr.Untitled_2D23_2_125373_2.png
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fa431a1cfd2e92cb4887b0c5b38494868a0a7ae7ecbd395a8a082379ce80c9e

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 25 Oct 2019 11:42:46 GMT
Server: AmazonS3
x-amz-request-id: F2EA2EB437141EBF
ETag: "b7dee9aee590c59e60f6e050fa657c1f"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13403
x-amz-id-2: KjsvcdqU66YhX6ymBLe1R/YOAs40Ko2nTeboH9ycSiAMt1hsl4V58Ra9fGAXpmehlOViV8ZQBQM=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK madamefigaro.gr.ff5afb156ce24383a06fde488f1c1419_2_182731_2.jpg
img9-api.yallarec.com/c3/28/website_175461/3a/80/ff/ 10 KB
10 KB 8ms
7ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/c3/28/website_175461/3a/80/ff/madamefigaro.gr.ff5afb156ce24383a06fde488f1c1419_2_182731_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b30707afba71d2b90ecd30bcf6507d7a95a6e7dc9aa5ead81d50c189bb644438

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Sun, 10 Nov 2019 15:21:52 GMT
Server: AmazonS3
x-amz-request-id: D88786839F29C903
ETag: "c451c158d0873797085533d277bc3b24"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9787
x-amz-id-2: pfhyH+WbVG9t/oPREyzRZU6L4J//N94NPaodP4ClfaxylfB01VST2JqtspM8fhPi6SJfTOMJ1aU=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.sissy2_2_141281_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/eb/8b/65/ 11 KB
12 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/eb/8b/65/files.missbloom.gr.sissy2_2_141281_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4557079e171c6c0c3bd8cb29ba1bf7acbbf3ba1f0b2315076f27e9fa7b2f58a8

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 29 Oct 2019 13:55:41 GMT
Server: AmazonS3
x-amz-request-id: A11940EC72F3E909
ETag: "24165d88edeb1bd3ab8419802963fb97"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11581
x-amz-id-2: mMH8Ou0YBOtoomQ7t5APHoku0ffH0XqmIToolxxnssyx7ooFz/hBhyr6Tw5UqlvPlr5lxbLXj8Y=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.elli_2Dkokinou_2_101223_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/3f/c3/9f/ 14 KB
15 KB 22ms
22ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/3f/c3/9f/files.missbloom.gr.elli_2Dkokinou_2_101223_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dccd4afe4d79c4443e33169612d2d1c2b37f52d43e3b8abb516965886c95857a

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Wed, 30 Oct 2019 08:19:28 GMT
Server: AmazonS3
x-amz-request-id: A93AD683044EF184
ETag: "d3f816268756e1672c11fae9eae84ff0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14563
x-amz-id-2: +nRl7V5Cq1QwD+CnCOybJGUxwsHrewgqw1QVkTzZqESgi8Pbr0BEb5EvUbh5XZrjECfUMMu9/Fg=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.Jennifer_2DLopez_2_134427_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/48/2d/d2/ 9 KB
9 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/48/2d/d2/files.missbloom.gr.Jennifer_2DLopez_2_134427_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c769d9ee3b891f078b54633eeb0c2fb543e73198f649caa0f784ef51e1a866e9

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 12 Nov 2019 18:04:37 GMT
Server: AmazonS3
x-amz-request-id: 381ED3F7D8624EED
ETag: "65fc5f9a8c592500143901416577a7aa"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9102
x-amz-id-2: KikDF5vJI2H7D6vmO9zXG8d/Kj5vcDY7X9O5sjk0tBbxxHRwqLA8pEOSmW3Opw2ZPZ87Oazb+hM=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr.kalokerinos_2Dchorismos_2Dgia_2Dviky_2Dkagia_2Dmonos_2Dstin_2Dmykono_2Detheathi_2Do_2Dsyzygos_2Dtis__158642_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/58/69/70/ 18 KB
18 KB 22ms
21ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/58/69/70/files.missbloom.gr.kalokerinos_2Dchorismos_2Dgia_2Dviky_2Dkagia_2Dmonos_2Dstin_2Dmykono_2Detheathi_2Do_2Dsyzygos_2Dtis__158642_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 265f5454837a43358ec1bd56dd45fa34004cd084b33ed7ac4343cf12cbe292eb

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 12 Nov 2019 17:59:35 GMT
Server: AmazonS3
x-amz-request-id: 70E1BC39991FD7E7
ETag: "bc780cd41f66646feb5dc31996ca112d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18035
x-amz-id-2: qAcJhfwy9KwuNaBkJN51xvU7RjtxrIG0QLveUvNpUzhx+IEnwz3ytUgMAsXyiFI1zdyX4IcVZ38=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F__186178_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/14/1d/e2/ 12 KB
12 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/14/1d/e2/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F__186178_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e3db728ac8fe57596c67e7206c6b4d5a26445899f21821b32005e8471ce23ac

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Tue, 12 Nov 2019 19:24:17 GMT
Server: AmazonS3
x-amz-request-id: 3F8E5A15FFF82AB1
ETag: "7a62a70322ef35a9ba1a465e3e94f440"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11846
x-amz-id-2: z3nMPUN6lRxIDgLE9J3pHQ6QqI6DBKALLCjckNaCrM2zlLmT3+AYvw4kuA7HR5Y6GeK7bWVPJa8=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK i0.wp.com.portrait_2Dof_2Da_2Dconfident_2Dand_2Dsmiling_2Dbusinesswoman_2Dpicture_2Did1038703420_2Ejpg_3Ffit_3_135606_2.jpg
img9-api.yallarec.com/dc/64/website_175460/21/8d/20/ 9 KB
9 KB 7ms
7ms Image
image/jpeg 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/21/8d/20/i0.wp.com.portrait_2Dof_2Da_2Dconfident_2Dand_2Dsmiling_2Dbusinesswoman_2Dpicture_2Did1038703420_2Ejpg_3Ffit_3_135606_2.jpg
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c618f71582f66bcc7ca2d21019c984f9a146727661e077edf4c64a3c07861fc8

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Mon, 04 Nov 2019 08:01:23 GMT
Server: AmazonS3
x-amz-request-id: EC4266AF45AA5E8B
ETag: "ae33add3c120d8f351abd04521bf2aff"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9202
x-amz-id-2: m05PPazLNHLyefTXZaGNwL/nwnubUHk21w1Q2k1T2mMxGYtDDdigF2IUENYui/k5n6yhfJ+lv0s=
Expires: Wed, 20 Nov 2019 02:15:20 GMT

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4FBB 0
129 B 36ms
36ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUhaMW2CaKPAbYk6nQX9hXnZCqzWw3ZqMCXplE1des7iJvhmovz79CBG9cBVp-yo29YFlLbwP8Lwsc4Ab5cRAdCwpAle35mZVrbd-9Ias4SfvPPVVMP0cAX-uR4g6eEXNwNuhWFaZ1Jq65jaaRU4cqJOAKfED9kWPVX70K_zmkUUdnbSrH_xdFS2M8juK3zAniFF5F1fUq89zn8p-T8hBegWimoDkymF_9DxR3Z1JPXLwX2aQufzFdZKr9tYo3wBkIli979w&sai=AMfl-YRDtNabjWDbBHby3WbZkC9ZpQ95AMeX3EF4tpDN6uK77kTPRNdkV7IxxT4sZgq-o0zYI12inNmfHeq3_UP5HhpCLG8WfDSRJOPG8EW6RA&sig=Cg0ArKJSzLxq1KG8nE63EAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK adman.js Show response
static.adman.gr/ Frame 4FBB 115 KB
35 KB 15ms
15ms Script
application/javascript 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adman.gr/adman.js
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116381fd746f7bb9b63e420e7d1f82d199dc82083bf06269202a005e8c588b76

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
CF-Cache-Status: HIT
last-modified: Mon, 11 Nov 2019 08:55:33 GMT
Server: cloudflare
Age: 4321
etag: W/"5dc92205-1ca7b"
vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=7200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cbf096659b8-VIE

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FBB 77 KB
29 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H2 200 index.html
secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19// Frame 3E9E 0
0 27ms
27ms Document
text/html 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0 ASP.NET
Resource Hash

Request headers

:method: GET
:authority: secure-ds.serving-sys.com
:scheme: https
:path: /BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://capitolorne.gq/
accept-encoding: gzip, deflate, br
cookie: A6=03CbMWrQhr000zW3000000000; u2=c1a4fef5-0675-4ce7-9a7c-93b0b38157214sA08g
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://capitolorne.gq/

Response headers

status: 200
content-type: text/html
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 10:18:10 GMT
etag: "cb8d82517998d51:0"
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0 ASP.NET
content-length: 4152
expires: Mon, 31 Dec 2035 00:00:00 GMT
date: Wed, 13 Nov 2019 02:15:20 GMT
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK moatad.js Show response
z.moatads.com/initiativegreeceunileversizmek725116604653/ 269 KB
90 KB 109ms
37ms Script
application/x-javascript 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/initiativegreeceunileversizmek725116604653/moatad.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f1fcd4efcd69b85e4922c61ae6eb0971a5ef82b58e116a99237a46330d75cd03

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Oct 2019 00:53:01 GMT
Server: AmazonS3
x-amz-request-id: D337DDF6709003E5
ETag: "9c2c798ee25d7039186eabf84441c51b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1866
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92159
x-amz-id-2: j8ae7R1o4gCaMJEKk1j4QrsX7bzfB+Y70wa3ft5umBavyo0w82nf7rCYSId+fYg524mnW4qoHqg=

GET
DATA 200
OK truncated
/ Frame C1F5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9bb8cd99509617de07d328592541ef76f79e05a18251df61fb0307e7051347

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D949 0
0 6ms
5ms Document
text/html 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 8395
Date: Tue, 12 Nov 2019 23:41:24 GMT
Expires: Wed, 11 Nov 2020 23:41:24 GMT
Last-Modified: Wed, 09 May 2018 20:45:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 9236

GET
DATA 200
OK truncated
/ Frame E5EC 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cc7b6ad907c4e96b79a7f6ca766431294a47f31b75f04e7e4776c6ba0f4f465

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
talos.adman.gr/gbanner/ Frame 4FBB 177 B
638 B 178ms
59ms Script
application/x-javascript 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

https://talos.adman.gr/gbanner/?1573611320210|36500/300x250?70664:=1573611320210@300x250x24?/&cab=_&v=6

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

e4af8d375c8d5e15691b4d62fb4f9f6505295352fe19059f595994c4fc3c28f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection: close
Content-Type: application/x-javascript; charset=iso-8859-7
Content-Length: 177

POST
H/1.1 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame C1F5 24 B
847 B 17ms
17ms XHR
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:19 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8
Content-Length: 24
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 97ms
34ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/yalla_crt_loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
last-modified: Fri, 25 Oct 2019 13:44:17 GMT
server: nginx
etag: W/"5db2fc31-15cda"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Thu, 14 Nov 2019 02:15:20 GMT

POST
H/1.1 200 adServer.bs
bs.serving-sys.com/Serving/ Frame C1F5 0
660 B 33ms
17ms Other
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=60365859~~0~~18349464~~8339450962471654416^VsR~0~0~01020^AdStart~0~0~01020&usercookie=u2=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&rnd=0.6924510748749935&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:19 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK / Show response
talos.adman.gr/gbanner/ Frame 996E 1 KB
1 KB 176ms
59ms Script
application/x-javascript 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

https://talos.adman.gr/gbanner/?1573611320|36465/300x250?8365:=1573611319999@1x1x24?/&cab=_&v=6/testcookie1

Requested by

Host: talos.adman.gr
URL: https://talos.adman.gr/gbanner/?1573611319999|36465/300x250?8365:=1573611319999@1x1x24?/&cab=_&v=6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

a835da706f8ab8c2b12a98fc7b5707693810139fed74e1484582feee770e33f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ADMAN
ETag: "8d3boFHnUGL"
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection: close
Content-Type: application/x-javascript; charset=iso-8859-7
Content-Length: 480

GET
H/1.1 206
Partial Content 970-bazaar-new-1.mp4
files.capital.gr/banners/bazaar/ Frame 856A 85 KB
0 26ms
26ms Media
video/mp4 2.16.186.248
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://files.capital.gr/banners/bazaar/970-bazaar-new-1.mp4
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.16.186.248 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-248.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Referer: http://capitolorne.gq/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=65536-

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 04 Oct 2019 10:56:33 GMT
Server: Microsoft-IIS/8.5
Access-Control-Allow-Origin: *
X-Powered-By: ASP.NET
ETag: "284c7162a27ad51:0"
Content-Type: video/mp4
Content-Range: bytes 65536-659933/659934
Cache-Control: public, max-age=190
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 594398

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 7537 0
57 B 33ms
32ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstg3-iDz3YZqLX3uhoZKKPmjNRsprJZAbQxWXcTmlbHZWpau2x2WHMaaBykS-nAYucJIJRg1CHO3QIPYK6cw3tyqA_SegC9SSU7gr8ru7Vv0J2DHie4QFSnYfMeEO9tSp6m6JkroCUGsY9bAkOfvBObqx5ZNFztSmceCtzhHcAyL-hFCNsTRd0YFb764uMAxyuwwbX1WDKp2-w3uw52uFAEEg1RD1F9xjlfkzRlH4hWjx9sxQ3MGh3q_9fe7KDJUx4y&sig=Cg0ArKJSzHlE5Ck5Mc86EAE&urlfix=1&adurl=

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Nov 2019 02:15:20 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK tag Show response
a.teads.tv/page/77691/ Frame 7537 679 B
916 B 96ms
81ms Script
application/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/page/77691/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate, max-age=3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 433
Expires: Wed, 13 Nov 2019 03:15:20 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7537 77 KB
29 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:824::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019110401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573475478201178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29292
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 84ms
27ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&hp=1&wf=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1573611320318&de=166009107108&m=0&ar=6907c9d928-clean&iw=facc12f&q=2&cb=0&ym=0&cu=1573611320318&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=992426%3A42578%3A29235977%3A60365859&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=GR&zMoatJS=-&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&fd=1&ac=1&it=500&ti=0&ih=1&fs=173050&na=1458212630&cs=0
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:20 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 131 B
342 B 99ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=76&profileId=184&cb=87151788089
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: 111ee20c5535b0cacdc7ba96b15b1ebec2e4d883ed08f51d457cb1db501d794a

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
server: Finatra
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://capitolorne.gq
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 137

GET
DATA 200
OK truncated
/ Frame 7537 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d1fbaef3bb6860ab51263224c351c7a78deec64dc98135054511277e65078e1

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
talos.adman.gr/gbanner/ Frame 4FBB 739 B
1 KB 179ms
60ms Script
application/x-javascript 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

https://talos.adman.gr/gbanner/?1573611320|36500/300x250?70664:=1573611320210@300x250x24?/&cab=_&v=6/testcookie1

Requested by

Host: talos.adman.gr
URL: https://talos.adman.gr/gbanner/?1573611320210|36500/300x250?70664:=1573611320210@300x250x24?/&cab=_&v=6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

eb32b30dc3043d66e61f3115b0fb8e433aac21fe28c4abe3fc706e1f1378e0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ADMAN
ETag: "7o5cSJDNc0H"
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection: close
Content-Type: application/x-javascript; charset=iso-8859-7
Content-Length: 396

GET
H/1.1 200
OK teads-format.min.js Show response
a.teads.tv/media/format/v3/ 710 KB
185 KB 26ms
26ms Script
text/javascript 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/page/77691/tag
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 10c96be857b364178637a861ec303b87d0b62f7e2e7f3e81d5fbf91040854f03

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Nov 2019 16:51:16 GMT
x-amz-request-id: A71B4E239890B7EF
ETag: "aa35b005c6eceebc0683c7eadef8e932"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Cache-Control: private, must-revalidate, max-age=600
X-BUCKET: e
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 188593
x-amz-id-2: WU4rSXyi/aj6/anRos8fE8MqztxtTFMvtEZspFMG6R10pxAp+LA3SwC9aiUEH3v/Eh90ym6QRkE=
Expires: Wed, 13 Nov 2019 02:25:20 GMT

GET
H/1.1 200
OK skin.js Show response
obj.adman.gr/talos/2019/tempo/19475/ Frame 996E 39 KB
6 KB 70ms
58ms Script
application/javascript 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.js
Requested by: Host: talos.adman.gr
URL: https://talos.adman.gr/gbanner/?1573611320|36465/300x250?8365:=1573611319999@1x1x24?/&cab=_&v=6/testcookie1
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02aa4c3b8c1cc5a9cb16ec4448623eefa9934e004766f52b345a5b9ce20cfc0b

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 06 Nov 2019 13:18:30 GMT
Server: cloudflare
ETag: W/"5dc2c826-9aa3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cc0cd7acbc8-VIE

GET
H/1.1 200
OK index.html
cmp.teads.mgr.consensu.org/ Frame 04AC 0
0 18ms
12ms Document
text/html 2a02:26f0:6c00:292::2c92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://cmp.teads.mgr.consensu.org/index.html
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:292::2c92 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cmp.teads.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

x-amz-id-2: yyXlc6Ix1XTeVqihoMuQEZ/CIz6suDXIYgWirB75+sy470A/rEwmh1hpgy8l+ZPzfUs7FZCmoWY=
x-amz-request-id: EC1838BFF3B3A298
Last-Modified: Fri, 14 Sep 2018 07:42:32 GMT
ETag: "e7d6c2974a38b7ff77a560e83789f66a"
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Encoding: gzip
Content-Length: 354
Cache-Control: max-age=300
Expires: Wed, 13 Nov 2019 02:20:20 GMT
Date: Wed, 13 Nov 2019 02:15:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

p2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_...
http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st...

43 B
309 B

30ms
30ms

Image
image/gif

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=91238081&cs_ucfr=1
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1573611320522&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=91238081&cs_ucfr=1
Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
252 B 89ms
57ms Image
image/gif 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://t.teads.tv/track?action=placementCall&ts=1573611320520&pageId=77691&pid=95778&env=js-web&pfid=[pfid]&f=1&fv=161
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Wed, 13 Nov 2019 02:15:20 GMT
Connection: keep-alive
Content-Length: 23
Content-Type: image/gif

GET
H/1.1 200
OK track
t.teads.tv/ 23 B
252 B 87ms
55ms Image
image/gif 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://t.teads.tv/track?action=slotAvailable&ts=1573611320521&pageId=77691&pid=95778&env=js-web&pfid=[pfid]&f=1&slot=native&fv=161
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Wed, 13 Nov 2019 02:15:20 GMT
Connection: keep-alive
Content-Length: 23
Content-Type: image/gif

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzwzkLCpQhjZwkKCI

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 13 Nov 2019 02:15:20 GMT
status: 200
content-type: text/plain
access-control-allow-origin: http://capitolorne.gq
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK skin.css
obj.adman.gr/talos/2019/tempo/19475/ 2 KB
822 B 47ms
47ms Stylesheet
text/css 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.css
Requested by: Host: obj.adman.gr
URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f07171c4a99e03c93ebea6f4ce22f1312ada4f85465b548878e9c4f26c6f6eb

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 24 Oct 2019 09:08:19 GMT
Server: cloudflare
ETag: W/"5db16a03-789"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: private, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 534d3cc16e17cbc8-VIE

GET
H/1.1 200
OK index.html
obj.adman.gr/talos/2019/tempo/19475/BS_Left_SKIN_HTML_400x900/ Frame 9ECC 0
0 57ms
45ms Document
text/html 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://obj.adman.gr/talos/2019/tempo/19475/BS_Left_SKIN_HTML_400x900/index.html?click=https://talos.adman.gr/click/@6luKf0I2v:2A8ik:gpqg/36465/52810/
Requested by: Host: obj.adman.gr
URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: obj.adman.gr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=ddd05cb69cd19db02b9acd6ff0e065aae1573611319
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 23 Oct 2019 11:42:32 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 534d3cc17879cba0-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK index.html
obj.adman.gr/talos/2019/tempo/19475/Right_SKIN_HTML_400x900/ Frame 0B2F 0
0 57ms
45ms Document
text/html 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://obj.adman.gr/talos/2019/tempo/19475/Right_SKIN_HTML_400x900/index.html?click=https://talos.adman.gr/click/@6luKf0I2v:2A8ik:gpqg/36465/52810/
Requested by: Host: obj.adman.gr
URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: obj.adman.gr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=ddd05cb69cd19db02b9acd6ff0e065aae1573611319
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 23 Oct 2019 11:42:22 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 534d3cc18aa3cb98-VIE
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 996E 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dc555935c860eb09057a382aac8234cd2eff498590d5f56c617cf1c44830376

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 996E 50 KB
19 KB 22ms
21ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

841fdab7f32afcfead28e8e8041bcca501737464f8b359ddcf3d4ba12cb121b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 01:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2491
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19298
x-xss-protection: 0
server: cafe
etag: 2436006143369225866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Nov 2019 02:33:49 GMT

GET
H/1.1 200
OK ad Show response
a.teads.tv/page/77691/ 118 B
505 B 75ms
75ms XHR
application/json 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://a.teads.tv/page/77691/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=http%3A%2F%2Fcapitolorne.gq%2F&page=%7B%22id%22%3A77691%2C%22placements%22%3A%5B%7B%22id%22%3A95778%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A1569%2C%22height%22%3A883%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22reason%22%3A220%7D%7D&userId=4a6341b1-096d-4743-b7e2-6eceb28b1a54&formatVersion=2.22.61&env=js-web&netBw=9.3&ttfb=122
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a

Request headers

Accept: application/json; charset=UTF-8
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 129
Expires: Wed, 13 Nov 2019 02:15:20 GMT

GET
H2 200 adman.v2.RectangleApp.js Show response
static.adman.gr/c/ Frame 4FBB 21 KB
7 KB 50ms
18ms Script
application/javascript 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adman.gr/c/adman.v2.RectangleApp.js
Requested by: Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009c0ecbe245dcdad81a591736e706ae9497d4e65bcb2df4fd8a8f67c65eea2d

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Nov 2019 08:55:33 GMT
server: cloudflare
age: 1157
etag: W/"5dc92205-5421"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=7200
cf-ray: 534d3cc1cba4cbc4-VIE

GET
DATA 200
OK truncated
/ Frame 4FBB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c42c4ed86ef352ca0c226361ebccb33f0e049a9473983366fba99d58620dada

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 996E 0
304 B 67ms
26ms Other
image/gif 2a00:1450:4016:804::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~k2wnjtvv&chm=1&ctx=2&gqid=N2fLXazrLe2O7_UP6p6dyAI&qqid=CIiK6v2O5uUCFdXHuwgdRMYJaw&met.4=fb.2~lb.js~ol.js~idt.8m~dt.-35&met.3=197.jr~123.jr_1~117.js~118.ju~118.ju~118.jx~118.jz~118.k0~113.kq_2~112.kp_3&met.1=1.k2wnjtb6~14.0~15.0~16.0~17.0~18.0~19.0~20.js~21.js~22.k0~23.k0&met.7=CCIQBBgBIAIoAjAlOCNoA3AleJECsAEBuAED~CBsQCiADOGw~CCoQChgBIAMoAzAsOCk~CBsQCiCdATjoAQ~CBsQCiCaAzixAQ~CBsQCiDMBDhH~CCgQChgBIM4FKM4FMOYFOBhozgVw4wV4lZgBgAHilgGIAeCNA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4016:804::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 02:15:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
obj.adman.gr/talos/2019/tempo/19491/ Frame 780C 0
0 47ms
46ms Document
text/html 2606:4700:10::6814:5d4d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://obj.adman.gr/talos/2019/tempo/19491/index.html?click=https%3A%2F%2Ftalos.adman.gr%2Fclick%2F%406luKf0I2z%3A2A8ik%3A2AvY%2F36500%2F52887%2F
Requested by: Host: static.adman.gr
URL: https://static.adman.gr/c/adman.v2.RectangleApp.js
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: obj.adman.gr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=ddd05cb69cd19db02b9acd6ff0e065aae1573611319
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Date: Wed, 13 Nov 2019 02:15:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Thu, 24 Oct 2019 11:29:12 GMT
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 534d3cc1fec0cbc8-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK Cookie set iframe
sync.teads.tv/ Frame FC9E 0
0 74ms
60ms Document
text/html 2.18.232.7
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://sync.teads.tv/iframe?pid=95778&userId=4a6341b1-096d-4743-b7e2-6eceb28b1a54&gdprIab={%22status%22:22,%22consent%22:%22%22,%22reason%22:220}&fromFormat=true&env=js-web&1573611320641
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: HTTP/1.1
Server: 2.18.232.7 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.5 /
Resource Hash

Request headers

Host: sync.teads.tv
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://capitolorne.gq/
Accept-Encoding: gzip, deflate
Cookie: tt_viewer=ec0edd04-0183-4023-86b1-05ee851e2342
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://capitolorne.gq/

Response headers

Content-Type: text/html; charset=UTF-8
Server: akka-http/10.1.5
Content-Length: 1694
Expires: Wed, 13 Nov 2019 02:15:20 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Connection: keep-alive
Set-Cookie: tt_exelate=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_bluekai=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_emetriq=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_liveramp=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_neustar=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_salesforce=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_dar=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None tt_skp=; Expires=Thu, 14 Nov 2019 02:15:20 GMT; Domain=.teads.tv; SameSite=None

GET
H2 200 index.html
secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19// Frame AD2B 0
0 24ms
23ms Document
text/html 104.111.250.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.158 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-250-158.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/3.0 ASP.NET
Resource Hash

Request headers

:method: GET
:authority: secure-ds.serving-sys.com
:scheme: https
:path: /BurstingRes/Site-75984/WSFolders/14722238_19//index.html?v=_2_107_1_0&n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://capitolorne.gq/
accept-encoding: gzip, deflate, br
cookie: u2=c1a4fef5-0675-4ce7-9a7c-93b0b38157214sA08g; A6=03CbMWrQhr000zW300000000003ChMzrQhr000rx6000010000; eyeblaster=RES=32
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://capitolorne.gq/

Response headers

status: 200
content-type: text/html
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 10:18:10 GMT
etag: "cb8d82517998d51:0"
server: Microsoft-IIS/8.5
x-powered-by: ARR/3.0 ASP.NET
content-length: 4152
expires: Mon, 31 Dec 2035 00:00:00 GMT
date: Wed, 13 Nov 2019 02:15:20 GMT
vary: Accept-Encoding
access-control-allow-origin: *
accept-ranges: bytes

POST
H/1.1 200
OK phaistos
talos.adman.gr/rm/52810/36465/2258571806/ 43 B
522 B 116ms
103ms Other
image/gif 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://talos.adman.gr/rm/52810/36465/2258571806/phaistos?rnd=1573611320689

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Content-Length: 43

POST
H/1.1 200
OK phaistos
talos.adman.gr/rm/52887/36500/2715488910/ Frame 4FBB 43 B
522 B 116ms
103ms Other
image/gif 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://talos.adman.gr/rm/52887/36500/2715488910/phaistos?rnd=1573611320710

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=http%3A%2F%2Fcapitolorne.gq%2FIFRAME&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=539&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&as=0&ag=57&an=0&gf=57&gg=0&ix=57&ic=57&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=57&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=113&cd=0&ah=113&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=306657398&cs=0
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:20 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:20 GMT

POST
H/1.1 200
OK phaistos
talos.adman.gr/rv/52810/36465/2258571806/ 43 B
548 B 369ms
105ms Other
image/gif 62.103.124.31
Greece

General

Check archive.org

Show headers Download Go to

Full URL

http://talos.adman.gr/rv/52810/36465/2258571806/phaistos?rnd=1573611321699

Requested by

Host: static.adman.gr
URL: http://static.adman.gr/adman.js

Protocol

HTTP/1.1

Server

62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),

Reverse DNS

voss.phaistosnetworks.gr

Software

ADMAN /

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

X-Content-Type-Options: nosniff
Server: ADMAN
X-Adman-Reason: mismatch
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Content-Length: 43

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 996E 42 B
110 B 14ms
13ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd568HzE7iYk5aYoWgA4RFDWZyYr1N3mZJr5Op_n2CeK_AK7WIWQ6dXplOzwL4UfURi4L0yDau-A-8dK7Y8LxlyqPL0JbD8by4AnaGbPA&sig=Cg0ArKJSzJiFAnILmM3sEAE&adk=3307054402&tt=-1&bs=1600%2C1200&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&p=487,8,488,9&cm=1&xcm=1&mcvt=1042&rs=3&ht=0&tfs=702&tls=1744&mc=1&lte=0&bas=0&bac=0&met=no&avms=nio&niot_obs=11&niot_cbk=30&md=2&lm=2&rst=1573611319844&rpt=710&isd=0&msd=0&imams=1&oseid=3&xdi=0&ps=1600%2C8201&ss=1600%2C1200&pt=-1&bin=1&deb=1-4-7-17-18-15-131-16-0-0-0&tvt=1738&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191111

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 02:15:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 856A 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuk2o8fW_XE600XAzEwYuCnkQJ2o5uc1Zpy9-uaNaYyH1pAHyJi32HLY446uz4YPJhpU2RLCN6hd8HNAsIjYMwWuBoiMnyh6XhRbdVb6Rg&sig=Cg0ArKJSzD_KK8adDsu7EAE&adk=248121373&tt=-1&bs=1600%2C1200&mtos=1036,1036,1036,1036,1036&tos=1439,0,0,0,0&p=489,8,737,978&cm=1&mcvt=1036&rs=0&ht=0&tfs=151&tls=1690&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&lm=2&rst=1573611319922&dlt&rpt=137&isd=0&msd=0&ext&imams=1&xdi=0&ps=1600%2C8201&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-17-5-16-16-0-0-0&tvt=1687&is=970%2C250&iframe_loc=http%3A%2F%2Fcapitolorne.gq%2F&r=v&id=osdim&vs=4&uc=17&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191111

Requested by

Host: capitolorne.gq
URL: http://capitolorne.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Nov 2019 02:15:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 27ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=1627&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1150&an=57&gi=1&gf=1150&gg=57&ix=1150&ic=1150&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1150&bx=57&ci=1150&jz=1005&dj=1&aa=1&ad=1050&cn=0&gn=1&gk=1050&gl=0&ik=1050&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1005&cd=113&ah=1005&am=113&rf=0&re=0&wb=1&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=1941605042&cs=0
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=1628&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1150&an=1150&gi=1&gf=1150&gg=1150&ix=1150&ic=1150&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1150&bx=1150&ci=1150&jz=1005&dj=1&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1005&cd=1005&ah=1005&am=1005&rf=0&re=0&wb=1&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=910914746&cs=0
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:21 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:21 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=1628&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=1150&an=1150&gi=1&gf=1150&gg=1150&ix=1150&ic=1150&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1150&bx=1150&ci=1150&jz=1005&dj=1&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=1005&cd=1005&ah=1005&am=1005&rf=0&re=0&wb=1&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=1205755655&cs=0
Requested by: Host: capitolorne.gq
URL: http://capitolorne.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:22 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:22 GMT

GET
H2 200 va_content.vast.min.css
www.vidads.gr/css/ 41 KB
7 KB 9ms
8ms Stylesheet
text/css 2a01:4f8:151:21d2::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/css/va_content.vast.min.css?v=2.13
Requested by: Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:151:21d2::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 08:53:50 GMT
server: nginx/1.16.1
etag: "a554-58d63eec89310-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=5184000
x-country: DE
x-route: http1
accept-ranges: bytes
content-length: 6926
expires: Sun, 12 Jan 2020 02:15:22 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 272 KB
93 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8ba5d0a29c4db3440b3c614c99e94f074dd198cccf77bfd4175e0e08d751485b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 94626
x-xss-protection: 0
expires: Wed, 13 Nov 2019 02:15:22 GMT

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 2 KB
1 KB 28ms
28ms XHR
text/xml 2a01:4f8:151:21d2::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:4f8:151:21d2::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 / PHP/7.2.24

Resource Hash

88c1e74193640dcca7cbcd3a3062a83bc8e55e957d234d65fad5f93763422a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 Nov 2019 02:15:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: http://capitolorne.gq
x-powered-by: PHP/7.2.24
status: 200
pragma: no-cache
x-route: http1
last-modified: Wed, 13 Nov 2019 02:15:22 GMT
server: nginx/1.16.1
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
x-country: DE
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-time: 0.022403001785278
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200 adServer.bs
bs.serving-sys.com/Serving/ Frame C1F5 0
660 B 18ms
18ms Other
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=60365859~~0~~18349464~~8339450962471654416^PVsR~0~0~01021^default_autoshow~0~0~01001^VsIAB~0~0~01020^PVsIAB~0~0~01021^ebUniqueVideoStarted~0~0~01010^ebVideoStarted~1~460214256~01010^eb25Per_Played~1~460214256~01010&usercookie=u2=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&rnd=0.22785321334476683&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:25 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=5654&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5178&an=1150&gi=1&gf=5178&gg=1150&ix=5178&ic=5178&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5178&bx=1150&ci=1150&jz=1005&dj=1&aa=1&ad=5078&cn=1050&gn=1&gk=5078&gl=1050&ik=5078&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5033&cd=1005&ah=5033&am=1005&rf=0&re=0&wb=2&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=1775415698&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:25 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
25ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=5859&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=5382&an=5178&gi=1&gf=5382&gg=5178&ix=5382&ic=5382&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5382&bx=5178&ci=1150&jz=1005&dj=1&aa=1&ad=5282&cn=5078&gn=1&gk=5282&gl=5078&ik=5282&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5234&cd=5033&ah=5234&am=5033&rf=0&re=0&wb=2&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=606146355&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:26 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:26 GMT

GET
H/1.1 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame C1F5 0
660 B 17ms
17ms XHR
text/html 82.199.68.73
TELECITY-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=60365859~~0~~18349464~~8339450962471654416^eb50Per_Played~1~460214256~01010&usercookie=u2=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&rnd=0.8781549812735516&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_158_3_0/ebHtml5ExpBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (TELECITY-LON, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:29 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: http://capitolorne.gq
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK pixel.gif
px.moatads.com/ 43 B
409 B 26ms
26ms Image
image/gif 2.18.235.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=http%3A%2F%2Fcapitolorne.gq%2FIFRAME&i=INITIATIVE_GREECE_UNILEVER_SIZMEK1&ud=undefined&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%7DGH%3Ch%2Cqkc!p!ny%7BiY81%22ASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN%7CDoD%3DhA&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkBBBBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF6GfC6Jn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=1200&w=1585&fy=0&gp=0&zGSRC=1&gu=http%3A%2F%2Fcapitolorne.gq%2F&id=1&f=0&j=&t=1573611320318&de=166009107108&cu=1573611320318&m=10492&ar=6907c9d928-clean&iw=facc12f&cb=0&ym=0&ll=2&lm=0&ln=0&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=8201&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=10016&an=5382&gi=1&gf=10016&gg=5382&ix=10016&ic=10016&ez=1&ck=1150&kw=1005&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10016&bx=5382&ci=1150&jz=1005&dj=1&aa=1&ad=9916&cn=5282&gn=1&gk=9916&gl=5282&ik=9916&co=1050&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&bu=9871&cd=5234&ah=9871&am=5234&rf=0&re=0&wb=2&cl=0&at=0&d=992426%3A42578%3A29235977%3A60365859&bo=capitolorne.gq&bd=capitolorne.gq&gw=initiativegreeceunileversizmek725116604653&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatCamp=1910_TRESemme_Launch&zMoatUSER=c1a4fef5-0675-4ce7-9a7c-93b0b3815721&zMoatADV=112710&zMoatAd=1910_TRESemme_Launch_Prestitial_800x600&zMoatPlace=800x600_vprestitial&zMoatPub=Missbloom%20GR&zMoatMarket=GR&zMoatJS=3%3A-&hv=SIZMEKADS&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&ti=0&ih=1&tc=0&fs=173050&na=637733560&cs=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://capitolorne.gq/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Nov 2019 02:15:30 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 13 Nov 2019 02:15:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.qds.ninja
URL: https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds [object Object]
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://capitolorne.gq/(Line 53) Message: has skin
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://static.adman.gr/adman.js(Line 1) Message: Deploying adman.js to top window.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://cdn.ampproject.org/rtv/011910251950120/amp4ads-v0.js(Line 508) Message: Powered by AMP ⚡ HTML – Version 1910251950120 http://capitolorne.gq/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://capitolorne.gq/(Line 78) Message: [object Object]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019110401.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://obj.adman.gr/talos/2019/tempo/19475/skin.js(Line 33) Message: Detected dfp!
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds VidAdsContent -> ready
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcapitolorne.gq%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds ALL OK. CONTINUE.
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ad.doubleclick.net
adservice.google.de
ajax.googleapis.com
api.yallarec.com
app.exitbee.com
b.scorecardresearch.com
bidder.criteo.com
bs.serving-sys.com
capitolorne.gq
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
cmp.teads.mgr.consensu.org
connect.facebook.net
csi.gstatic.com
d.agkn.com
files.capital.gr
files.missbloom.gr
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
img9-api.yallarec.com
js.agkn.com
logw312.ati-host.net
obj.adman.gr
pagead2.googlesyndication.com
platform.instagram.com
px.moatads.com
s0.2mdn.net
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
static.adman.gr
static.criteo.net
sync.teads.tv
t.qds.ninja
t.teads.tv
tag.aticdn.net
talos.adman.gr
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
z.moatads.com
t.qds.ninja
104.111.250.158
172.217.16.130
172.217.23.162
172.217.23.166
178.250.0.130
178.250.0.165
184.31.87.55
2.16.186.152
2.16.186.248
2.16.186.80
2.18.232.7
2.18.235.40
23.45.99.146
2600:9000:2156:ba00:19:fc2c:a140:93a1
2600:9000:21f3:6200:15:efbc:e300:93a1
2606:4700:10::6814:5d4d
2606:4700:300a::6813:c397
2606:4700:30::681f:4212
2606:4700::6812:e134
2a00:1450:4001:808::200e
2a00:1450:4001:809::2006
2a00:1450:4001:815::2001
2a00:1450:4001:817::2002
2a00:1450:4001:819::200a
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2001
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2004
2a00:1450:4016:804::2003
2a01:4f8:151:21d2::2
2a02:26f0:6c00:287::3b8c
2a02:26f0:6c00:28d::3b8c
2a02:26f0:6c00:292::2c92
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
35.240.50.85
62.103.124.31
82.199.68.73
95.142.20.17
009c0ecbe245dcdad81a591736e706ae9497d4e65bcb2df4fd8a8f67c65eea2d
0234b84c65606ae191bd41168148a048c0061e45dfd57371b3f0eb889bf0900b
02aa4c3b8c1cc5a9cb16ec4448623eefa9934e004766f52b345a5b9ce20cfc0b
04be5ef0c7fdc64bd0fe70bbb7a575b94950be880e8f961988a6f4d7570c01cb
04f9d83b4c914f604be6f461de6911483759d5b3624cd79fd7c3de03e8efff52
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
0be7819b6ffc8d1f32e3866e4fb1b1ba55449868a1205a3bd19060ec8864ec9e
0cfbf66edd81bd42d98dc420f56362442dab55294358435ee1caafac671199cf
10c96be857b364178637a861ec303b87d0b62f7e2e7f3e81d5fbf91040854f03
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10f00cef14dd32e5aae14d76fb0b45502d429baac7a810cf5492dcbd03ac5604
111ee20c5535b0cacdc7ba96b15b1ebec2e4d883ed08f51d457cb1db501d794a
116381fd746f7bb9b63e420e7d1f82d199dc82083bf06269202a005e8c588b76
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
1efd438fcb4ff9510113cf2515fba3dbb306a1c1b0d9f591db38f5bc219e9179
1fa431a1cfd2e92cb4887b0c5b38494868a0a7ae7ecbd395a8a082379ce80c9e
23d461adf9afa5180a9fec3fc16b4011904c200d1406cc38e8118141e644dd74
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25226e6e3ba0503974bdf2075bc6e44ff223c59520aae1f1722759050d988232
265f5454837a43358ec1bd56dd45fa34004cd084b33ed7ac4343cf12cbe292eb
2c42c4ed86ef352ca0c226361ebccb33f0e049a9473983366fba99d58620dada
2cc7b6ad907c4e96b79a7f6ca766431294a47f31b75f04e7e4776c6ba0f4f465
2dc555935c860eb09057a382aac8234cd2eff498590d5f56c617cf1c44830376
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e71b125f125788699dd49aec1abb2dc11e813f0462330e0625f13c96348287
3cce2a24544c35f594cc3f662c67eb79393104a7b62fd00090671db641e8eb05
3d0baea9c619c9b3a0711c9e7557cef9519475cd91d4810b8bbfa9bc4845666a
3efb9e5717f8ee87d9d609a4063ef9eed7ed55cae8e7708cac77d5cf13012218
3f07171c4a99e03c93ebea6f4ce22f1312ada4f85465b548878e9c4f26c6f6eb
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e
40bf5d3b5c6d75c1cd50049b9b77b8378696472d06ba32296eafc96f574903d4
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
4557079e171c6c0c3bd8cb29ba1bf7acbbf3ba1f0b2315076f27e9fa7b2f58a8
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b363d500002cd35329617663e7daa48933ee8fb8545bbd2e7b16ad12452274f
4f49e3861189b1ca56c0615100e8c50d530ae8c559ea5445dee8e3c27a4d729e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
542fd0745c2e5b19a3f27085b28019dd505fe21fdf08864c31c6d8c36b5a09d8
5c805c76c30559c47d60d1531e4de4458f22df0db58d9f96520a3900f9da7304
61096f8d4ae3903bc64f86a3142965d70f2e995085d67745a23cdfe4948d6ee6
6692aa46b1a53011edfeb6967b3d1478207638d7cedca145f167d815ac6898eb
673579fe9b5ea2ea13d4681187eef1310f40529884424104b41d620d7bf8f257
683c11ee40320264bfb5c5047109fb709e1cd061cf9f71895d1bcdcca847f7dd
6a0641c96363fab1d22c36e13ff3303a145e26106efa7a017238206b0516b661
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e3db728ac8fe57596c67e7206c6b4d5a26445899f21821b32005e8471ce23ac
7b9dfa8558017a8e1be56d4120bb80ca6160a5844bfc3d41ea46b7208a752cf4
7e347b958399166fb0109080d3016c0bc58b8a5ed20fcc845d0c6e610a4f34ef
81b68bcefc56b39ce46ba81f6982195074952593d28a09e9bf3fceabab836749
841fdab7f32afcfead28e8e8041bcca501737464f8b359ddcf3d4ba12cb121b1
866c1cf254c11afbcb1689842e0eb3ed4973f7edada9f814d5e6b72cd54b9b56
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5
88c1e74193640dcca7cbcd3a3062a83bc8e55e957d234d65fad5f93763422a30
89db741bbe693e04001902f6651d3f47bcfd0b216bc35cd1896e33086f7c4ad7
8ba5d0a29c4db3440b3c614c99e94f074dd198cccf77bfd4175e0e08d751485b
957f06c2b4c8b7860dfea6fc9c22b0ebbb93b0f578ab7ea119cfab3cc2a683b6
9787bba49c28fdf31c7c4d791e1ab0153855f7a3db826a7a741dadca6c6f889b
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
9d1fbaef3bb6860ab51263224c351c7a78deec64dc98135054511277e65078e1
a4ca2aab7f67fff86ca9da7b1c4d717d22f52f9e69efc9f4f10346dfd78eaa3d
a835da706f8ab8c2b12a98fc7b5707693810139fed74e1484582feee770e33f8
aa67ef92b6b6e70da4be78ca05bf65a9a43e59f6bf80f412a4b1a74e8d3768c0
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1938a4528546642ca81d99fcfb44598f45b12b711c7107318e17e777ad17758
b2f6b17e117be350dc45be02721813c2450bba8efdc580424fb0b14660d05487
b30707afba71d2b90ecd30bcf6507d7a95a6e7dc9aa5ead81d50c189bb644438
b7aa3d448bc7aed0d29529bf87e13e8668be2816f402cf7a81f8f7ea4792acaf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdc35423b7287436ac62d019275e648f4533f09e39635e9e9478928210e3c19a
c618f71582f66bcc7ca2d21019c984f9a146727661e077edf4c64a3c07861fc8
c769d9ee3b891f078b54633eeb0c2fb543e73198f649caa0f784ef51e1a866e9
c88be2a7d22efe3d848601100d7681d6510d10e3fee319fc6963883a3c3ac022
cc9bb8cd99509617de07d328592541ef76f79e05a18251df61fb0307e7051347
cee0606b2ded133ce93fad1bd7f09eeb6fb91b3738e7c36c40f8f389c9a90a1d
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3cd091705544e4df29bbee72ca66f1233f6fa01447742156675c21ba59e6e15
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc7c74c1e1b68cf6efe2f0b681006deee0cd0de40e7d9506a744a0d279b1b2e4
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dccd4afe4d79c4443e33169612d2d1c2b37f52d43e3b8abb516965886c95857a
de268581a4db5572012908108d7bc9dd24163e79d663992cb79353599eabcdc1
e14ed2006ce7c30870a22cf1fb74b7b4d9d788b607a756b944e00508f350ac8c
e21da87120c823e7856f1e2af9d73746e19590b71407869dccb2d203115d451c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb2764d6ae276a32dac16e46dd2d0173a904c0a7bc0cb8316276efc92a8fbd
e4af8d375c8d5e15691b4d62fb4f9f6505295352fe19059f595994c4fc3c28f1
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eb32b30dc3043d66e61f3115b0fb8e433aac21fe28c4abe3fc706e1f1378e0bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1565b905a6a3dc95b276bf9451b2c2e8b897f74137b87854754daf05bac70c9
f1fcd4efcd69b85e4922c61ae6eb0971a5ef82b58e116a99237a46330d75cd03
f301952b8d9634c9d07d087f5f141741a5aa11faa24c742f98963ae79a616dd7
f50167bee40cd7fdd6c623efb794e0edddec7de87ef71f48c8b1b1413e1dfc4a
f5a40196e00dae18bf09ef0b522d546579404e1a56d31b2ec3dec0667034268a
f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246
f7c81f036d8791a0a341e878337123fd3bf5eca41384f9e713ce648371916334
fbbf681a7dab1098a4519748b3b1b36543f75a4a1e6318cea9bdf54ea76ecafb
fd085d436ea4e65b93adb4ccbd6bbe6649f139f61efed182966660f41c948f40
fe1b30d145ca350e8c334789ff3339b21cb859f41da1a9619629a3bc38d74cf9

capitolorne.gq Open in urlscan Pro 2606:4700:30::681f:4212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

153 Requests

63 %HTTPS

60 %IPv6

33 Domains

50 Subdomains

42 IPs

8 Countries

2616 kBTransfer

6936 kBSize

0 Cookies

27 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

capitolorne.gq Open in urlscan Pro
2606:4700:30::681f:4212 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

63 %
HTTPS

60 %
IPv6

33
Domains

50
Subdomains

42
IPs

8
Countries

2616 kB
Transfer

6936 kB
Size

0
Cookies

153 HTTP transactions
8 data transactions