Submitted URL: https://gethedgiesuncut.com/
Effective URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Submission: On March 24 via manual from GB

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 29 HTTP transactions. The main IP is 35.214.15.128, located in Mountain View, United States and belongs to GOOGLE-2, US. The main domain is capitalistexploits.at.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 24th 2020. Valid for: 3 months.
This is the only time capitalistexploits.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.11.211.200 36351 (SOFTLAYER)
1 35.214.15.128 19527 (GOOGLE-2)
2 2a00:1450:400... 15169 (GOOGLE)
7 25 104.16.20.19 13335 (CLOUDFLAR...)
1 151.101.12.217 54113 (FASTLY)
6 2a00:1450:400... 15169 (GOOGLE)
1 209.170.211.179 13649 (ASN-VINS)
29 6
Domain Requested by
17 i.ontraport.com 7 redirects capitalistexploits.at
6 fonts.gstatic.com capitalistexploits.at
6 optassets.ontraport.com capitalistexploits.at
2 app.ontraport.com capitalistexploits.at
2 fonts.googleapis.com capitalistexploits.at
1 capitalistexploits.ontraport.com optassets.ontraport.com
1 player.vimeo.com capitalistexploits.at
1 capitalistexploits.at
1 gethedgiesuncut.com 1 redirects
29 9

This site contains links to these domains. Also see Links.

Domain
en.wikipedia.org
Subject Issuer Validity Valid
capitalistexploits.at
Let's Encrypt Authority X3
2020-02-24 -
2020-05-24
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.ontraport.com
Go Daddy Secure Certificate Authority - G2
2019-10-23 -
2020-11-21
a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-03-23 -
2020-11-08
8 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
capitalistexploits.ontraport.com
Let's Encrypt Authority X3
2020-02-14 -
2020-05-14
3 months crt.sh

This page contains 2 frames:

Primary Page: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Frame ID: 2FDE609E1067392BD26C0C2008C2F3E9
Requests: 28 HTTP requests in this frame

Frame: https://player.vimeo.com/video/378375070/?&autoplay=0&loop=0
Frame ID: 09BC2AE9D72016FCBD441083185D7994
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://gethedgiesuncut.com/ HTTP 301
    https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

29
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

9
Subdomains

6
IPs

2
Countries

1127 kB
Transfer

1737 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gethedgiesuncut.com/ HTTP 301
    https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://i.ontraport.com/193653.713761470a1e30523480f83703b176bc.PNG?ops=1024 HTTP 302
  • https://i.ontraport.com/193653.713761470a1e30523480f83703b176bc.PNG
Request Chain 21
  • https://i.ontraport.com/193653.333a218f7ef50f33cda6a558f085fb93.PNG?ops=1024 HTTP 302
  • https://i.ontraport.com/193653.333a218f7ef50f33cda6a558f085fb93.PNG
Request Chain 22
  • https://i.ontraport.com/193653.69695daf959814d985fdbcd42935304f.PNG?ops=1280 HTTP 302
  • https://i.ontraport.com/193653.69695daf959814d985fdbcd42935304f.PNG
Request Chain 23
  • https://i.ontraport.com/193653.9d836a07176484c2977a5900de639a24.PNG?ops=1280 HTTP 302
  • https://i.ontraport.com/193653.9d836a07176484c2977a5900de639a24.PNG
Request Chain 24
  • https://i.ontraport.com/193653.abf564c544eef6aa85011adf8eea35c1.PNG?ops=1280 HTTP 302
  • https://i.ontraport.com/193653.abf564c544eef6aa85011adf8eea35c1.PNG
Request Chain 25
  • https://i.ontraport.com/193653.f3e7e370eba903417befe4b9cb131ac2.PNG?ops=1920 HTTP 302
  • https://i.ontraport.com/193653.f3e7e370eba903417befe4b9cb131ac2.PNG
Request Chain 26
  • https://i.ontraport.com/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG?ops=1024 HTTP 302
  • https://i.ontraport.com/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
capitalistexploits.at/hedgies-uncut/
Redirect Chain
  • https://gethedgiesuncut.com/
  • https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
152 KB
23 KB
Document
General
Full URL
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.15.128 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
128.15.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
54d2125869c54228282d98cc4ab8fab02ef37d01a560b707467450a322e4c919

Request headers

:method
GET
:authority
capitalistexploits.at
:scheme
https
:path
/hedgies-uncut/?orid=254&opid=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
server
nginx
date
Tue, 24 Mar 2020 12:16:13 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-cache-enabled
True
set-cookie
PHPSESSID=250247886e430b797e2a29fee0c7b5db; path=/; secure; HttpOnly wpSGCacheBypass=0; expires=Tue, 24-Mar-2020 11:16:10 GMT; Max-Age=0; path=/ lpsplt_96=0; expires=Sun, 18-Jan-2037 21:25:22 GMT; Max-Age=530874551
x-httpd
1
host-header
6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache
MISS
x-proxy-cache-info
0 NC:000000 UP:1
content-encoding
gzip

Redirect headers

Server
nginx/1.14.0
Date
Tue, 24 Mar 2020 12:16:08 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
273
Connection
keep-alive
Location
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
icon
fonts.googleapis.com/
574 B
468 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 12:16:13 GMT
server
ESF
date
Tue, 24 Mar 2020 12:16:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Mar 2020 12:16:13 GMT
opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/
202 KB
33 KB
Stylesheet
General
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98babaaf52eacd4102d690a153ce4e30ffa3b62dc078206d4c8f8c519eb61f1e

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
content-encoding
br
cf-cache-status
HIT
age
4093
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
579052738db3e5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
opt_default_image.png
app.ontraport.com/images/
5 KB
5 KB
Image
General
Full URL
https://app.ontraport.com/images/opt_default_image.png
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54f7c47345b898756c00a0b0631df1f64790d22d1888f7b3fa5c96d51b6ded2d

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
x-op-benvironment
production
cf-cache-status
HIT
age
267
x-op-release
2
cf-polished
pngoptimizer, origSize=5891
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-bgj
imgq:100
content-length
4736
x-op-ca
10.2.80.206
last-modified
Thu, 31 Jan 2019 20:36:34 GMT
server
cloudflare
etag
"5c535c52-1703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1200
x-op-class
app
accept-ranges
bytes
cf-ray
5790527369fece6b-LHR
expires
Tue, 24 Mar 2020 12:36:13 GMT
anime.js
optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/
16 KB
16 KB
Script
General
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize-1-dev/js/anime.js
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
cf-cache-status
HIT
age
4093
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
579052738dbae5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
jquery-3.2.1.min.js
optassets.ontraport.com/opt_assets/opt_boilerplates/v3/
85 KB
85 KB
Script
General
Full URL
https://optassets.ontraport.com/opt_assets/opt_boilerplates/v3/jquery-3.2.1.min.js
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
cf-cache-status
HIT
age
4093
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
57905273eef8e5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
opt-assets.js
optassets.ontraport.com/opt_assets/
277 KB
278 KB
Script
General
Full URL
https://optassets.ontraport.com/opt_assets/opt-assets.js?1584666577
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201585b188e0c2aae276a9b327d98f727c4a91f27134899f8cea336158898c1c

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
cf-cache-status
HIT
age
4093
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
579052742ff5e5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
custom-elements.min.js
optassets.ontraport.com/opt_assets/templates/custom-elements/
18 KB
18 KB
Script
General
Full URL
https://optassets.ontraport.com/opt_assets/templates/custom-elements/custom-elements.min.js
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
cf-cache-status
HIT
age
4087
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
57905274589fe5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
tracking.js
optassets.ontraport.com/
10 KB
3 KB
Script
General
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4adc57dfc2db3c3bfdbab0b137e5a690de3d99837c4e3c4b643c3b72575ef38

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
content-encoding
br
cf-cache-status
HIT
age
4099
x-op-release
2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
5790527458a4e5f8-LHR
expires
Tue, 24 Mar 2020 16:16:13 GMT
opf.js
app.ontraport.com/js/ontraport/opt_assets/drivers/
63 KB
21 KB
Script
General
Full URL
https://app.ontraport.com/js/ontraport/opt_assets/drivers/opf.js
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f7a02cb06fa227aa0a11db20377e8c32b39f8351be816461ef48d1d5b98f4eb

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
x-op-benvironment
production
cf-cache-status
HIT
age
285
x-op-release
2
cf-polished
origSize=64979
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
cf-bgj
minify
content-encoding
br
x-op-ca
10.2.80.206
last-modified
Fri, 20 Mar 2020 01:18:39 GMT
server
cloudflare
etag
W/"5e7419ef-fdd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1200
x-op-class
app
cf-ray
579052745cccce6b-LHR
expires
Tue, 24 Mar 2020 12:36:13 GMT
css
fonts.googleapis.com/
281 KB
12 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d2f422a3617d5737f1467a249bf36d1f15cb222e35fbe87a5f1fee2a51a7ee7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 24 Mar 2020 12:16:13 GMT
server
ESF
date
Tue, 24 Mar 2020 12:16:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Mar 2020 12:16:13 GMT
/
player.vimeo.com/video/378375070/ Frame 09BC
0
0
Document
General
Full URL
https://player.vimeo.com/video/378375070/?&autoplay=0&loop=0
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-a-4
X-Vimeo-DC
ge
Content-Encoding
gzip
Content-Length
4952
Accept-Ranges
bytes
Date
Tue, 24 Mar 2020 12:16:13 GMT
Age
0
Connection
keep-alive
X-Served-By
cache-fra19150-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1585052174.512873,VS0,VE244
Vary
Accept-Encoding
193653.ffed8476acb446e49ba85581036159f7.PNG
i.ontraport.com/
1 KB
2 KB
Image
General
Full URL
https://i.ontraport.com/193653.ffed8476acb446e49ba85581036159f7.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e71689bd813896130fd29a78b45c2f7fc70942b7b88b99a08772da95bdf044a3

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 c31d49af55fff364fbd11e21a32f7fcb.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
386056
cf-polished
pngoptimizer, origSize=1466
x-cache
RefreshHit from cloudfront
status
200
content-length
1324
cf-bgj
imgq:100
x-amz-request-id
CDC29E358012E56E
x-amz-id-2
tFsvu4vgplYdhJJfwqZEm6O9/9ffRCgiK7ORKN3JJcthmHYmmJrcKbQgJ+z+AygO2RkviwnExFM=
last-modified
Tue, 15 Oct 2019 00:44:23 GMT
server
cloudflare
etag
"e74402a28847ab5fb79545fe74f7a84a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR3-C1
accept-ranges
bytes
cf-ray
57905274bdd0ce6b-LHR
x-amz-cf-id
bA5Mx9FxUAT0i2H0GfFn8SrJxF2-zxTcq2xhzL0czpoFt-hDNpLWUg==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.a06a3248f173f51bcbbcdd434a1de129.PNG
i.ontraport.com/
22 KB
22 KB
Image
General
Full URL
https://i.ontraport.com/193653.a06a3248f173f51bcbbcdd434a1de129.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f562f7c3428c8b266b1fce23b838d5d1d5c52cca6da2bd451bbc6c84a8e90037

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 25de4127038159040c9b8bcb29fd32bc.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
74851
cf-polished
pngoptimizer, origSize=22597
x-cache
Miss from cloudfront
status
200
content-length
22354
cf-bgj
imgq:100
x-amz-request-id
0F244D44B97CFF3F
x-amz-id-2
TKJkQNuTAlgLPMroTVHowjex3fx50SzaLtinwpBQ52NVgSXOBiW8kPNp0Sdd8IJM930ZK5F3MlY=
last-modified
Tue, 15 Oct 2019 05:48:27 GMT
server
cloudflare
etag
"45a4437f3721f49d83160a0adb3187f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
accept-ranges
bytes
cf-ray
57905274bdd1ce6b-LHR
x-amz-cf-id
sqsqCwpwCtuIuim_qe7TFMhjksFVE7r56Elcgu_H-clalxt2U_jNIQ==
expires
Wed, 25 Mar 2020 12:16:13 GMT
XLYgIZbkc4JPUL5CVArUVL0ntnAOSFNuQsI.woff2
fonts.gstatic.com/s/specialelite/v10/
52 KB
52 KB
Font
General
Full URL
https://fonts.gstatic.com/s/specialelite/v10/XLYgIZbkc4JPUL5CVArUVL0ntnAOSFNuQsI.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aefa15f104cdb965aaf8557a477005444e6513c78d895ba84aadbb3d8c277146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:23:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:58:12 GMT
server
sffe
age
1673590
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
53104
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:23:03 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:21:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1673695
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:21:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
4620354
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:50:19 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Mar 2020 13:57:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:39 GMT
server
sffe
age
1289906
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12824
x-xss-protection
0
expires
Tue, 09 Mar 2021 13:57:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1674214
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Fri, 05 Mar 2021 03:12:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Nixie+One|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Origin
https://capitalistexploits.at
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2258947
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 26 Feb 2021 08:47:06 GMT
193653.713761470a1e30523480f83703b176bc.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.713761470a1e30523480f83703b176bc.PNG?ops=1024
  • https://i.ontraport.com/193653.713761470a1e30523480f83703b176bc.PNG
10 KB
10 KB
Image
General
Full URL
https://i.ontraport.com/193653.713761470a1e30523480f83703b176bc.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2659e4d82d5744403f6537be7a96b46daa2d5b6133c9c7ad0c4a3ab2979979c1

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 c9b06c2d0cce11531eef436042fe63ee.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
101240
cf-polished
pngoptimizer, origSize=10050
x-cache
RefreshHit from cloudfront
status
200
content-length
9864
cf-bgj
imgq:100
x-amz-request-id
E471B412827CC6B4
x-amz-id-2
Pt4boJpEWnEcPp0u6zjg9ERlq4k0tIQrNWiG6+Kp1yvvOs9RpkC5BeV4s19vXkNbAyUIYjfQki0=
last-modified
Thu, 17 Oct 2019 00:59:37 GMT
server
cloudflare
etag
"6e15e19122e7dcf59fd5bbc23e9ae44d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR50-C1
accept-ranges
bytes
cf-ray
57905276ab92ce6b-LHR
x-amz-cf-id
uhaUx4qzeIPyRHhcHA7mQN4a82xKKeAKSDjxQvGnzrHm-14bvbA2cw==
expires
Wed, 25 Mar 2020 12:16:13 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 8583f64172baf458ac5712a4d1815fec.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
C3AC9A636D9353A9
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
EzQxlsK0iC3EpgKljbrL5+hQFK80dexcc5FLWju9Ire+CoALQ3sdF5TcSy75q7e8iq0XNGGx8eU=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.713761470a1e30523480f83703b176bc.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
cf-ray
57905275b8d8ce6b-LHR
x-amz-cf-id
Kjdq6UlxLrIm1rrCPncu3IaSt-TzkAXUZGRf432-WQvY5zVdbvHHkQ==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.48fa80be4d71b01152d3d2db7996fd62.PNG
i.ontraport.com/
390 KB
390 KB
Image
General
Full URL
https://i.ontraport.com/193653.48fa80be4d71b01152d3d2db7996fd62.PNG?ops=1920
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3314229077f92deb71dd43528a7d06b0648fb89c3ce656c274cd221f6c8d85b

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 428d48dcc06c35ef0bcb1f235f6038de.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
274325
cf-polished
origSize=440018
x-cache
RefreshHit from cloudfront
status
200
content-length
398934
cf-bgj
imgq:100
x-amz-request-id
29FD9956913EB257
x-amz-id-2
+BBOJhuQ0Vvi2zGqV5dvpyOxFQ66iwRL3iRLGU4VQAwszGRwLiYY+nWP3MBMD5t+LyDFJA1nZUg=
last-modified
Sat, 14 Mar 2020 01:37:25 GMT
server
cloudflare
etag
"5e59d762ba004999d8087c76055e8c3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
cf-ray
57905275b8dbce6b-LHR
x-amz-cf-id
7PBvGTLz_fsmtpHXH24Xt8QTRA0XRJvR0ohjSJ8uRsW6H8Tl7WJr-w==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.333a218f7ef50f33cda6a558f085fb93.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.333a218f7ef50f33cda6a558f085fb93.PNG?ops=1024
  • https://i.ontraport.com/193653.333a218f7ef50f33cda6a558f085fb93.PNG
11 KB
12 KB
Image
General
Full URL
https://i.ontraport.com/193653.333a218f7ef50f33cda6a558f085fb93.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b0ef7ca992f1abce5159c7e47a87b83e3c0e29644536683e6e5ad9d3018ec1

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 d4a6e22bfb276f18612ccc6f7763ed5e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
432321
cf-polished
origSize=11407
x-cache
RefreshHit from cloudfront
status
200
content-length
11272
cf-bgj
imgq:100
x-amz-request-id
6B3EE5647A53E21E
x-amz-id-2
B6Eq+0G/69NWcXGKQ32mKRGQyAnFt5/IU4Hh+bJfee0JlI4d610BUU7PeGEhl/Ig5M6FQTjeQuU=
last-modified
Thu, 17 Oct 2019 03:04:25 GMT
server
cloudflare
etag
"73ea6ef2558578d8fb574210d0ab2dcf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
CDG53-C1
accept-ranges
bytes
cf-ray
57905276ab8cce6b-LHR
x-amz-cf-id
WznB7jPljI1evMwKP8D3JmSFx5lSVnwU1k1KIQcXp7wLKz7-i3fftg==
expires
Wed, 25 Mar 2020 12:16:13 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 be00537a2361673ea48963d6e04d04a1.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
BD289E324D118A0D
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
VkVnpXlbA+9mt5/Z7pmDhN8VkLHS5XeXz5RkPxQeZY3y1fSE5WTy35vhayVlr6MWAJ1vOFHRDhc=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.333a218f7ef50f33cda6a558f085fb93.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
cf-ray
57905275b8dfce6b-LHR
x-amz-cf-id
XBv485aXRzA4ARdIQ1GKyM3foY_VJd_ZOBCJNjoDgSc0avTn6v0c_g==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.69695daf959814d985fdbcd42935304f.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.69695daf959814d985fdbcd42935304f.PNG?ops=1280
  • https://i.ontraport.com/193653.69695daf959814d985fdbcd42935304f.PNG
32 KB
32 KB
Image
General
Full URL
https://i.ontraport.com/193653.69695daf959814d985fdbcd42935304f.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568e2a2b7ab6e924ca81cccd3f5e1b158fddeedd26adb4b2e7ec1300879a73f1

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:14 GMT
via
1.1 85b9b6c170ed4eb5bc514443bb4ade55.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
72752
cf-polished
origSize=32857
x-cache
Miss from cloudfront
status
200
content-length
32663
cf-bgj
imgq:100
x-amz-request-id
9E11C5135FF5C290
x-amz-id-2
Ljr3BPZT0LIZLtxF3VynDVDCSn0fZdO4uNBMUp5jZIst+C353BPYAIacPDGohLX+ajBCuEDSnpk=
last-modified
Fri, 18 Oct 2019 07:20:30 GMT
server
cloudflare
etag
"54e029ae067a7f89a649bb57a63c0c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR3-C2
accept-ranges
bytes
cf-ray
579052779e9ece6b-LHR
x-amz-cf-id
vvHxXSvIjb4CYIPwjrK1AS_ymG1DRz4LDxlSa2i9RuVGgUTZ5wdMxA==
expires
Wed, 25 Mar 2020 12:16:14 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 b3f4b9d58649ca2204c0fb8174557c63.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
1EAC0F9243F4797A
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
G31h8hrbeiylRJTk/SF2hEVhrKw5AX6gYBH2SrxVg8UfPEjaQo8U/2lnMvzB2RAK6pqKEFiQtMA=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.69695daf959814d985fdbcd42935304f.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
CDG3-C2
cf-ray
57905275b8e1ce6b-LHR
x-amz-cf-id
mqe-geUpMW6BH8yNyHVLezMXPeTiyz9nwhIQrFAgcedZnHckMynz_Q==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.9d836a07176484c2977a5900de639a24.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.9d836a07176484c2977a5900de639a24.PNG?ops=1280
  • https://i.ontraport.com/193653.9d836a07176484c2977a5900de639a24.PNG
22 KB
22 KB
Image
General
Full URL
https://i.ontraport.com/193653.9d836a07176484c2977a5900de639a24.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2fff3efc452953a931c1ea7c0ab1568acad0e7e38ee983aa738843ea00493ef

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 19a079cfe5fbc38f063a9e46b60b00a7.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
329744
cf-polished
origSize=22243
x-cache
RefreshHit from cloudfront
status
200
content-length
22039
cf-bgj
imgq:100
x-amz-request-id
4359565851EF9629
x-amz-id-2
JGI9AwQcbH2qphE0DBVPLB5M1KaP32tIvQeb/rk20ria5QFdtJ5M6AQ7+EUFAD+kk2FiPPlx5hg=
last-modified
Thu, 17 Oct 2019 03:05:45 GMT
server
cloudflare
etag
"1cf95f76fe988ed847e3a9098c4406de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR61-C2
accept-ranges
bytes
cf-ray
57905276ab90ce6b-LHR
x-amz-cf-id
xGkedo_wv9SanCxuQpQlmYTQWXscO4SsMuC-B4PRATusxHFNvQ_cPA==
expires
Wed, 25 Mar 2020 12:16:13 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 551c4532b3865b4520a30b3bdc3c24f0.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
A4C45E85102F6DAB
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
VSm7UTgggLLnQH25LJmgG6R8k38/YBjL/3+822rGFg0maHi2uXcpa2YPdjt0WqAjpDBrRBpYuw8=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.9d836a07176484c2977a5900de639a24.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
cf-ray
57905275b8e3ce6b-LHR
x-amz-cf-id
BMsrqK1vQQvk32xyMcekx0DNUcVbyai-vrbSFUMksWtFm-b27KI0vQ==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.abf564c544eef6aa85011adf8eea35c1.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.abf564c544eef6aa85011adf8eea35c1.PNG?ops=1280
  • https://i.ontraport.com/193653.abf564c544eef6aa85011adf8eea35c1.PNG
13 KB
13 KB
Image
General
Full URL
https://i.ontraport.com/193653.abf564c544eef6aa85011adf8eea35c1.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0005af9ea67b44794dbb8f9d3a37181398f0e5dd84f05012fe6ef65f4d61e51a

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 812340d4e76cb03e2d09a3ae9f9fd8b8.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
72751
cf-polished
pngoptimizer, origSize=13395
x-cache
Miss from cloudfront
status
200
content-length
13196
cf-bgj
imgq:100
x-amz-request-id
EDDB04698BDE2F09
x-amz-id-2
33Us9r5Za96aACCMRsAIhLreZnjmA1Chu/ITEw4DjJAfIvUu4BVeojncosz1P5aN+M9OhxtdIXY=
last-modified
Thu, 17 Oct 2019 03:19:09 GMT
server
cloudflare
etag
"560f8cec551e603dedc2043eb9f81741"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR3-C2
accept-ranges
bytes
cf-ray
57905276ab94ce6b-LHR
x-amz-cf-id
lVJmY9dvnYt7O0TpdsIw0jdFUxCcquaRoIAe8vw4tghdg9S6P4anDw==
expires
Wed, 25 Mar 2020 12:16:13 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 d2428440ce503624f438381ac01a2c8d.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
0ACB43CFA9A656CE
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
8Q2lIM+mxkmPSCfSz6yQPqhZcY4KyPZSWZLaIfS9mIteY9SGbjUJC5qM5Rjb8ar3kJJg7GO2Lu0=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.abf564c544eef6aa85011adf8eea35c1.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
cf-ray
57905275b8e4ce6b-LHR
x-amz-cf-id
AwkVFu25nrvGJBrXWOLOPK6O5-r8tVCGQUvwZ8OCoDUyCATMJqx19Q==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.f3e7e370eba903417befe4b9cb131ac2.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.f3e7e370eba903417befe4b9cb131ac2.PNG?ops=1920
  • https://i.ontraport.com/193653.f3e7e370eba903417befe4b9cb131ac2.PNG
13 KB
13 KB
Image
General
Full URL
https://i.ontraport.com/193653.f3e7e370eba903417befe4b9cb131ac2.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b13dd1fda91bced90d389fe6422f91fac02b8051f29f612e921a9e8828e24da0

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:14 GMT
via
1.1 c50e6c45c49371a5ebc690255500593d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
287655
cf-polished
pngoptimizer, origSize=13309
x-cache
Miss from cloudfront
status
200
content-length
13155
cf-bgj
imgq:100
x-amz-request-id
A15AC09EDF15B312
x-amz-id-2
n62QgJJTVwXzm+t1LdAeKkt4oogewLCpsaqTbj1dyV2ZwjwJGzT4MObr1HMPJIRBXesIv29j4Yo=
last-modified
Thu, 17 Oct 2019 03:06:16 GMT
server
cloudflare
etag
"daccc98d02bdd56bd2a8968b3d619f23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR61-C1
accept-ranges
bytes
cf-ray
579052776db3ce6b-LHR
x-amz-cf-id
fEv1IkhxrJ2qGdhdnJCCILq67_N5Qi02ffdLU-hTyjL6DZaGpdgqsg==
expires
Wed, 25 Mar 2020 12:16:14 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 81df7b82147a3b8250950ccfe02b7433.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
7B76C01E2450EDBD
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
44Moa+9BsLnstQUg/1C8wxCl4E31E3URY3NibjN55i5Fbbdt0mDlAAud9s1/ORmr7tW32ucgbUQ=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.f3e7e370eba903417befe4b9cb131ac2.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
CDG3-C2
cf-ray
57905276ab8bce6b-LHR
x-amz-cf-id
zqqFGzxqXOneYG-0-3VbhzgS_QhNw_TPXvdBed79b0K1yIvPwfDuqQ==
expires
Wed, 25 Mar 2020 12:16:13 GMT
193653.8cf691f6e7d34f304c7aef4e738133e8.PNG
i.ontraport.com/
Redirect Chain
  • https://i.ontraport.com/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG?ops=1024
  • https://i.ontraport.com/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG
6 KB
7 KB
Image
General
Full URL
https://i.ontraport.com/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG
Requested by
Host: capitalistexploits.at
URL: https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.20.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6082b1a896bfe3d3c564bd2193bb69cc4b699ae2850890eadeabac911bcbf43d

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 8bdb05fbf74c6dd0d9d93215e88dbeee.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
287654
cf-polished
status=not_needed
x-cache
Miss from cloudfront
status
200
content-length
6616
cf-bgj
imgq:100
x-amz-request-id
4129534C8E90E800
x-amz-id-2
bfz+AtmPaPBXm6Lo+4AiLYEq8EXj0g6ZbPGNAyc0jofZb7dRBe+oXDyU1isufXiMkpJ4Awn8w0w=
last-modified
Thu, 17 Oct 2019 03:09:27 GMT
server
cloudflare
etag
"89936c05c59b18e4a045133a726a5d94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C3
accept-ranges
bytes
cf-ray
579052776dc3ce6b-LHR
x-amz-cf-id
7xFmn9eorIiT9Lp0hy3gOgMBvYoxwkz3FOOjW9IcKf1XVlMqa50KyA==
expires
Wed, 25 Mar 2020 12:16:13 GMT

Redirect headers

date
Tue, 24 Mar 2020 12:16:13 GMT
via
1.1 31b9a80773cc362c841cdf3c93e7e137.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-request-id
49C0C06C476237CC
x-cache
Hit from cloudfront
status
302
content-length
0
x-amz-id-2
SiLZu2kizQk91+GKcAhONAoKTOYRJvLmDx6cfLmDlai3qvd928TPU6F/E6XFrdD5oOV5KU3a5OU=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/xml
location
/193653.8cf691f6e7d34f304c7aef4e738133e8.PNG
cache-control
public, max-age=86400
x-amz-cf-pop
LHR62-C2
cf-ray
57905276ec4cce6b-LHR
x-amz-cf-id
K-YDb-jt9CQ1P7RnSEV7iOrt1zGFOcXaPgWoh3e-IxWzCJepgC9URA==
expires
Wed, 25 Mar 2020 12:16:13 GMT
track.php
capitalistexploits.ontraport.com/
1009 B
1 KB
Script
General
Full URL
https://capitalistexploits.ontraport.com/track.php?mid=193653_lp96.0_2&llc=http://capitalistexploits.ontraport.com/lp/193653/96/fbef643556377cfc496d7b681136a7e2/1?lpsplt_96=0&fv=1&orid=254&opid=83&first_visit=1&referral_page=&aff=254&opid=83&s=85b6snbyg6wr6m616m5t&l=http://capitalistexploits.ontraport.com/lp/193653/96/fbef643556377cfc496d7b681136a7e2/1?lpsplt_96=0&fv=1&orid=254&opid=83&ti=Hedgies%20Uncut&forms%5Bp2c193653lp96.0.bid4433554b-cf7a-e013-a838-c39a8f353e75%5D=0&forms%5Bp2c193653lp96.0.bid311925ad-9fe6-71a8-8a81-bb85e9591a32%5D=0&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.170.211.179 Venice, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
c8b3f86cccb47287248de5f814fff1cab4077a65aa491eb0ee399c5591f73675

Request headers

Referer
https://capitalistexploits.at/hedgies-uncut/?orid=254&opid=83
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 24 Mar 2020 12:16:15 GMT
Content-Encoding
gzip
Server
ONTRAport
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-release
2
Connection
keep-alive
Transfer-Encoding
chunked
X-op-class
hosted
Access-Control-Allow-Credentials
true
Content-Type
text/html
X-op-ca
193.9.113.121

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| op string| _opt_lpid boolean| isONTRApage object| $jscomp object| $jscomp$this function| anime function| $ function| jQuery function| cash object| M object| Materialize function| Hammer object| desExport function| des function| des_createKeys function| stringToHex function| hexToString object| XD number| ACCOUNT_SIGNUP_ERROR number| CC_VERIFY_POST number| CC_VERIFY_SHOW_IFRAME number| CC_VERIFY_HIDE_IFRAME number| CC_VERIFY_GET_CC_DATA string| PROTOCOL string| COUPON_PROCESS_DOMAIN boolean| IN_DEBUG_MODE string| FORM_PROCESS_DOMAIN string| CC_VERIFY_DOMAIN function| _debugLog function| OPCapcha_filled function| OPCapcha_expired function| Globalize function| OptDateTimePicker string| _mri string| _mrq string| _mrsess_ undefined| _mr_cid object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible object| _mrTrackLinks

9 Cookies

Domain/Path Name / Value
capitalistexploits.at/ Name: lastvisit
Value: 1585052173
capitalistexploits.at/ Name: vid
Value:
capitalistexploits.at/ Name: opid
Value: 83
capitalistexploits.at/ Name: referral_page
Value:
capitalistexploits.at/ Name: aff_
Value: 254
capitalistexploits.at/ Name: PHPSESSID
Value: 250247886e430b797e2a29fee0c7b5db
capitalistexploits.at/ Name: sess_
Value: 85b6snbyg6wr6m616m5t
.vimeo.com/ Name: vuid
Value: pl68871186.186557552
capitalistexploits.at/hedgies-uncut Name: lpsplt_96
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.ontraport.com
capitalistexploits.at
capitalistexploits.ontraport.com
fonts.googleapis.com
fonts.gstatic.com
gethedgiesuncut.com
i.ontraport.com
optassets.ontraport.com
player.vimeo.com
104.16.20.19
151.101.12.217
198.11.211.200
209.170.211.179
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
35.214.15.128
0005af9ea67b44794dbb8f9d3a37181398f0e5dd84f05012fe6ef65f4d61e51a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
201585b188e0c2aae276a9b327d98f727c4a91f27134899f8cea336158898c1c
2659e4d82d5744403f6537be7a96b46daa2d5b6133c9c7ad0c4a3ab2979979c1
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
4c575d67f22342308c6bdc002dce3d2bf2eb03c3434846dd8aeb4b2b74b43d43
4d2f422a3617d5737f1467a249bf36d1f15cb222e35fbe87a5f1fee2a51a7ee7
4f7a02cb06fa227aa0a11db20377e8c32b39f8351be816461ef48d1d5b98f4eb
54d2125869c54228282d98cc4ab8fab02ef37d01a560b707467450a322e4c919
54f7c47345b898756c00a0b0631df1f64790d22d1888f7b3fa5c96d51b6ded2d
568e2a2b7ab6e924ca81cccd3f5e1b158fddeedd26adb4b2e7ec1300879a73f1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6082b1a896bfe3d3c564bd2193bb69cc4b699ae2850890eadeabac911bcbf43d
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
98babaaf52eacd4102d690a153ce4e30ffa3b62dc078206d4c8f8c519eb61f1e
a4adc57dfc2db3c3bfdbab0b137e5a690de3d99837c4e3c4b643c3b72575ef38
aefa15f104cdb965aaf8557a477005444e6513c78d895ba84aadbb3d8c277146
b13dd1fda91bced90d389fe6422f91fac02b8051f29f612e921a9e8828e24da0
b2fff3efc452953a931c1ea7c0ab1568acad0e7e38ee983aa738843ea00493ef
c8b3f86cccb47287248de5f814fff1cab4077a65aa491eb0ee399c5591f73675
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
e3314229077f92deb71dd43528a7d06b0648fb89c3ce656c274cd221f6c8d85b
e71689bd813896130fd29a78b45c2f7fc70942b7b88b99a08772da95bdf044a3
f1b0ef7ca992f1abce5159c7e47a87b83e3c0e29644536683e6e5ad9d3018ec1
f562f7c3428c8b266b1fce23b838d5d1d5c52cca6da2bd451bbc6c84a8e90037