rec-advisors.org Open in urlscan Pro
2606:4700:30::681f:5a50 Public Scan

URL:
http://rec-advisors.org/
Submission: On December 10 via api (December 10th 2019, 1:44:07 am UTC) from DE

Summary HTTP 115 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 28 domains to perform 115 HTTP transactions. The main IP is 2606:4700:30::681f:5a50, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is rec-advisors.org.

This is the only time rec-advisors.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:30:... 2606:4700:30::681f:5a50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.45.99.146 23.45.99.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2.16.186.152 2.16.186.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a03:2880:f21... 2a03:2880:f21c:80c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 3	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a01:4f8:110:... 2a01:4f8:110:5005::2	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:4200:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
19	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2.16.186.248 2.16.186.248	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28d::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	35.240.50.85 35.240.50.85	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681f:4d17	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2600:9000:215... 2600:9000:2156:c200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
3	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	104.111.224.123 104.111.224.123	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2607:f8b0:400... 2607:f8b0:4002:c09::5e	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2a02:26f0:6c0... 2a02:26f0:6c00:287::3b8c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	52.218.98.194 52.218.98.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681f:4c17	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
115	34

8 2606:4700:30::681f:5a50 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

rec-advisors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.99.146 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-99-146.deploy.static.akamaitechnologies.com

tag.aticdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.152 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-152.deploy.static.akamaitechnologies.com

files.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.capital.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f21c:80c4:face:b00c:0:43fe (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f21c:80e5:face:b00c:0:4420 (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:110:5005::2 (Heidelberg, Germany)

ASN24940 (HETZNER-AS, DE)

www.vidads.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:4200:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.217.22.34 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.248 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-248.deploy.static.akamaitechnologies.com

www.missbloom.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28d::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

widget.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.240.50.85 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 85.50.240.35.bc.googleusercontent.com

app.exitbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:4d17 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.madinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)

a1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)
PTR: ip-95-142-20-17.purepeak.com

api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.224.123 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-224-123.deploy.static.akamaitechnologies.com

logw312.ati-host.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c09::5e (United States)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:6c00:287::3b8c (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

img9-api.yallarec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.98.194 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-3-w.amazonaws.com

madinad-data.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:4c17 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api-v3.madinad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net	141 KB
18	yallarec.com widget.yallarec.com api.yallarec.com img9-api.yallarec.com	249 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	475 KB
9	missbloom.gr 1 redirects files.missbloom.gr www.missbloom.gr	76 KB
8	rec-advisors.org rec-advisors.org	295 KB
7	adform.net a1.adform.net s1.adform.net	105 KB
5	ampproject.org cdn.ampproject.org	198 KB
5	googletagservices.com www.googletagservices.com	131 KB
4	instagram.com 2 redirects platform.instagram.com www.instagram.com	5 KB
3	amazonaws.com madinad-data.s3.amazonaws.com	3 KB
3	criteo.net static.criteo.net	27 KB
3	vidads.gr www.vidads.gr	84 KB
2	ati-host.net 1 redirects logw312.ati-host.net	661 B
2	facebook.com www.facebook.com	318 B
2	googleapis.com ajax.googleapis.com imasdk.googleapis.com	120 KB
2	madinad.com static.madinad.com api-v3.madinad.com	3 KB
2	facebook.net connect.facebook.net	111 KB
2	agkn.com js.agkn.com d.agkn.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	8 KB
1	criteo.com bidder.criteo.com	145 B
1	gstatic.com csi.gstatic.com	304 B
1	exitbee.com app.exitbee.com
1	google.de adservice.google.de	782 B
1	google-analytics.com www.google-analytics.com	17 KB
1	onesignal.com cdn.onesignal.com	3 KB
1	capital.gr www.capital.gr	25 KB
1	aticdn.net tag.aticdn.net	20 KB
0	qds.ninja Failed t.qds.ninja Failed
115	28

	Domain	Requested by
19	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net rec-advisors.org
15	img9-api.yallarec.com	rec-advisors.org
8	rec-advisors.org	rec-advisors.org
7	files.missbloom.gr	rec-advisors.org
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net rec-advisors.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	rec-advisors.org securepubads.g.doubleclick.net
4	a1.adform.net	securepubads.g.doubleclick.net s1.adform.net
3	madinad-data.s3.amazonaws.com	static.madinad.com
3	static.criteo.net	widget.yallarec.com rec-advisors.org
3	s1.adform.net	a1.adform.net s1.adform.net rec-advisors.org
3	pagead2.googlesyndication.com	rec-advisors.org pagead2.googlesyndication.com
3	www.vidads.gr	rec-advisors.org www.vidads.gr
3	www.instagram.com	1 redirects rec-advisors.org www.instagram.com
2	logw312.ati-host.net	1 redirects rec-advisors.org
2	ad.doubleclick.net	1 redirects rec-advisors.org
2	www.facebook.com	rec-advisors.org connect.facebook.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	rec-advisors.org connect.facebook.net
2	widget.yallarec.com	rec-advisors.org widget.yallarec.com
2	www.missbloom.gr	1 redirects rec-advisors.org
2	cdnjs.cloudflare.com	rec-advisors.org
1	api-v3.madinad.com	static.madinad.com
1	imasdk.googleapis.com	www.vidads.gr
1	bidder.criteo.com	static.criteo.net
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	api.yallarec.com	widget.yallarec.com
1	ajax.googleapis.com	widget.yallarec.com
1	d.agkn.com	js.agkn.com
1	static.madinad.com	rec-advisors.org
1	app.exitbee.com	rec-advisors.org
1	adservice.google.de	www.googletagservices.com
1	www.google-analytics.com	rec-advisors.org
1	cdn.onesignal.com	rec-advisors.org
1	js.agkn.com	rec-advisors.org
1	www.capital.gr	rec-advisors.org
1	platform.instagram.com	1 redirects
1	tag.aticdn.net	rec-advisors.org
0	t.qds.ninja Failed	rec-advisors.org
115	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.missbloom.gr
www.yupiii.gr
www.shape.gr
www.madamefigaro.gr
www.capital.gr
gr.askmen.com
atticamediagroup.gr

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
tag.aticdn.net GeoTrust RSA CA 2018	`2019-01-25` - `2020-03-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
capital.gr Let's Encrypt Authority X3	`2019-12-03` - `2020-03-02`	3 months	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2019-11-23` - `2020-02-21`	3 months	crt.sh
ssl2.nemohq.gr Let's Encrypt Authority X3	`2019-11-24` - `2020-02-22`	3 months	crt.sh
ssl898578.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-10-11` - `2020-04-18`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
app.exitbee.com SSL.com RSA SSL subCA	`2019-07-08` - `2020-10-04`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
sni225665.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-10` - `2020-03-18`	6 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://rec-advisors.org/
Frame ID: F5946299E21AF24C92BAF79491CBCE1B
Requests: 83 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Frec-advisors.org&rp=%2F
Frame ID: B16E2CE477297234A7B9802BAB404D84
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: F1C36BA4EA6305092855BF73A992C2CD
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcacZNd2pTnZAqfk_8GAEn96NUngsEQrJNIB3AJbKBL5e8hHNnEq_YEBsgQpAgUf6bwQ6wS0aKuErhcf2asPHNuRsfNyLA-6-1mNFWP0lQ3dzuki2Ie77ZywN_2zhBy2YnJmBlsZ-iHKXtsgOfUjurACUCG_KG7jF-yy4zOAmJHg8EkXcxTZK3W-U209psDOfmXBzgP-A5kemvwWs5A1p57h8rvrSbdCAmg4mc1uf5R3j5w-Am9-Uazmts2lLJILzw3Y8F_L-j20XNRW7sw3NeAA&sai=AMfl-YQPHz6dIWuf1pZrQrATDBhjEjGIUKixaoxVWfyuNQhYlezHYLBCCSb-KEVS5DtTp8IYpexht0-WERrd-7EJk_MgnMOWdg5CDKkte5Fyyg&sig=Cg0ArKJSzAf5sQCxrhXXEAE&urlfix=1&adurl=
Frame ID: 2BB9B7EA42A1B9615F7F0F09818EFBE2
Requests: 5 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=296299130&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Frec-advisors.org%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: FAB6843240B94D82B8F83EDE654907FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 7E91AE45F077981B8F15721E21F10078
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Frec-advisors.org%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575942225475&bpp=14&bdt=485&fdt=110&idt=110&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8190634284564&frm=20&pv=2&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&ga_fc=0&iag=0&icsg=703828146782243&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21065125%2C26835106&oid=3&pvsid=2803438771948734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=1040&bc=23&ifi=11&uci=a!b&fsb=1&dtd=120
Frame ID: 00FF9714ED7637985AFB4264A5C8E4D2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: AF19C16AC40A2FEB9E359985FDE8DCF8
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvduDop3pwXtTHb09sDZjIfuZ9pRFEwyjMYa9FU-BvJ6zWb_Wk513rfk9FlP1h78VvAQbmbjXZbT40TCEJEPBfgjQtum-29Q2Y0TlaUGlIfFb_FqQd5LwgMnNFqq0ukHkuSVcAdSQwUyrnc3ra8wlWMcfGatz8YYEG4Q8a_RNyLQLOjaQYXhMakTNBCISE5UabTkPZC5ex5Voz2kkRap--jTvSQjntA8y2-8Qp5kWRnIUClhwBWfzE67TrQf4yQaJwnlAw8qLiX&sai=AMfl-YREBbh771GGO6yFpw4B8rA0P9MEGK1vCP8EFD-z7KM9vYhtluZB97T9-CtNXYtRKbcOjwYyIfdPXzLpHELJz3lrU4sif9lP6NPfXdQF&sig=Cg0ArKJSzCoJOwuQIi2GEAE&urlfix=1&adurl=
Frame ID: 752C0EC061FB513A9027493637F393D7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3F84FD72A7068F5A4175C9E9254378E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8387164425E95BB904940FA880F51D70
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEj78lyWgA6ODTVBwOMIxRtk8DrSS72GyMkED4lilAPntk1uCB2xPIJlj1ddpXac5PED1d-d_RZ6CKWnlHC3QkAEiGjIB9qT65oVHC5GAUmsr4FtZ6-6rta8D1mxur0vVVWYtKg6qKY-Szx5XCD3MDTzNLYgO6l-5ETWggNCGfSSjw0YxS4wHi3zt6hAJOdLb_4L9MS8iuGXWnAkdvI6pVgo7dKW9GkT2Cw2PLPDC6XG0B9e1xZ4duPng5NDQ3Unx2omVKkvymXwk&sai=AMfl-YRtqMo64EUuICFogvGqxt658j86nir8RTESJEyKxTzWHHHgTTf7XX8XF14imIZfJu_qcMSug4jJ8NeDBSypSSXaLIS_KgIEa-63uP2DwQ&sig=Cg0ArKJSzDdKUfc0A-xXEAE&urlfix=1&adurl=
Frame ID: EF3528A55A0859DF097B69B0564848D3
Requests: 5 HTTP requests in this frame

Frame: https://madinad-data.s3.amazonaws.com/v3/campaign_assets/1866bce5-5b37-4676-99cd-32fd06ed9675/87582ef5-b59a-4226-b534-a975e7e78616/index.html?creative_id=87582ef5-b59a-4226-b534-a975e7e78616&campaign_id=1866bce5-5b37-4676-99cd-32fd06ed9675&website_id=56122d08-3ff8-4eeb-b504-ab78216d4ec8&auto_close_timeout=0
Frame ID: AF8E6C40AB05599E667EEBEEB5517078
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

115
Requests

72 %
HTTPS

63 %
IPv6

28
Domains

39
Subdomains

34
IPs

8
Countries

2100 kB
Transfer

5377 kB
Size

1
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MissBloom.gr
Title: γιατί μυρίζει το στόμα μου

Search URL Search Domain Scan URL

URL: https://twitter.com/missbloomgr
Title: τρια πεντε πηγαδια live cam

Search URL Search Domain Scan URL

URL: https://www.instagram.com/missbloomgr/
Title: ποτε θα παντρευτουμε μανωλιο μου

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCotisottYVdSch2d0Vy-bxg
Title: γερμανικα β γυμν βιβλιο μαθητη

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BJwAgHvAlt9/
Title: ταβερνα η κανουλα θεσσαλονικη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/moda/ti-forane-oi-stars/viky-kagia-aftos-einai-o-teleios-tropos-na-valeis-lefko-ton-cheimona
Title: Βίκυ Καγιά | Αυτός είναι ο τέλειος τρόπος να βάλεις λευκό τον χειμώνα

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/maria-iliaki-stelios-manousakis-des-to-stolismeno-spiti-tous-sti-zyrichi-kai-ta-kokkina-triantafylla-pou-tis-prosefere
Title: Ηλιάκη - Μανουσάκης | Δες το στολισμένο σπίτι τους στη Ζυρίχη

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/gossip/c135057/Dhmhtrhs_Oyggarezos-H_Sissy_Xrhstidoy_p.html
Title: Δημήτρης Ουγγαρέζος - «Η Σίσσυ Χρηστίδου πολύ σωστά υποστήριξε αυτό που υπηρετεί και πρεσβεύει...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/eleni-menegaki-i-proanangelia-tis-apochorisis-apo-ton-alpha-i-stamatina-tsimtsili-kai-to-happy-day-kai-ola-osa-prepei-na-ksereis-simera
Title: Ελένη Μενεγάκη | Η «προαναγγελία» της αποχώρησης από τον Alpha, η Σταματίνα Τσιμτσιλή και το...

Search URL Search Domain Scan URL

URL: https://www.shape.gr/diatrofi-adynatisma/syntages-me-liges-thermides/soufle-patatas-o-kalyteros-logos-gia-na-ksefygeis-apo-ti-diaita-sou
Title: Σουφλέ πατάτας: Ο καλύτερος λόγος για να ξεφύγεις από τη δίαιτά σου

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/sia-kosioni-i-proti-fotografia-sto-instagram-me-to-neo-tis-kourema-kai-to-forema-yperparagogi
Title: Σία Κοσιώνη | Η φωτογραφία με το κούρεμα και το φόρεμα υπερπαραγωγή

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/o-georgoulis-me-tin-entyposiaki-synodo-tou-i-popi-tsapanidou-me-ton-syntrofo-tis-kai-osa-prepei-na-ksereis-simera
Title: O Αλ. Γεωργούλης με την εντυπωσιακή συνοδό του, η Πόπη Τσαπανίδου με τον σύντροφό της και όσα...

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/?p=613085
Title: Νώντας Παπαντωνίου & Ασημίνα Χαρίτου | Η πρώτη κοινή δημόσια εμφάνιση του ζευγαριού! - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.madamefigaro.gr/sygxroni-zoi/sxeseis/111334/tria-koina-xaraktiristika-pou-den-se-kanoun-elkustiki-sumfona-me-tin-epistimi?fbclid=IwAR113fl806eJCvh60F9qQ_gpbI5mZWIcDSHQTb_rfEl0ForOgTZXRZgLy0g
Title: Τρία κοινά χαρακτηριστικά που δεν σε κάνουν ελκυστική σύμφωνα με την επιστήμη

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/antelina-varthakouri-afto-einai-to-ypsos-tis-kai-ta-kila-tis
Title: Αντελίνα Βαρθακούρη | Αυτό είναι το ύψος της και τα κιλά της

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/i-apli-kinisi-pou-apedeikse-oti-o-vasilis-kikilias-einai-foul-erotevmenos-me-tin-tzeni-mpalatsinou
Title: Η απόδειξη ότι ο Βασίλης Κικίλιας λατρεύει την Τζένη Μπαλατσινού

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/konstantina-spyropoulou-mas-deichnei-ton-stolismo-tou-spitiou-tis-kai-mia-akoma-ekpliksi
Title: Κωνσταντίνα Σπυροπούλου | Μας δείχνει τον στολισμό του σπιτιού της

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/celebrities/aleksandra-panagiotarou-des-pos-stolise-to-panakrivo-spiti-tis
Title: Αλεξάνδρα Παναγιώταρου | Δες πώς στόλισε το πανάκριβο σπίτι της - Missbloom.gr

Search URL Search Domain Scan URL

URL: https://www.missbloom.gr/omorfia/mallia/i-elena-asimakopoulou-metaniose-pou-evapse-ta-mallia-tis-i-nea-episkepsi-sto-kommotirio-kai-to-apotelesma
Title: Η ηθοποιός Έλενα Ασημακοπούλου έβαψε τα μαλλιά της

Search URL Search Domain Scan URL

URL: https://www.shape.gr/omorfia/mystika-omorfias/to-aneksodo-trik-tis-kate-moss-pou-katapolema-ta-prismena-matia
Title: Το ανέξοδο τρικ της Kate Moss που καταπολεμά τα πρησμένα μάτια

Search URL Search Domain Scan URL

URL: http://www.capital.gr/
Title:

Search URL Search Domain Scan URL

URL: http://gr.askmen.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.madamefigaro.gr/
Title:

Search URL Search Domain Scan URL

URL: https://www.shape.gr/
Title:

Search URL Search Domain Scan URL

URL: http://www.yupiii.gr/
Title:

Search URL Search Domain Scan URL

URL: http://atticamediagroup.gr/pres/
Title: ανώτερος κινητικός νευρώνας

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://platform.instagram.com/en_US/embeds.js HTTP 307
https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js

Request Chain 27

http://www.missbloom.gr/xtcore.js HTTP 301
https://www.missbloom.gr/xtcore.js

Request Chain 82

https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_pre=CJPJw6T6qeYCFZGLdwoddK0HQA;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 83

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref= HTTP 302
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref=&Rdt=On

115 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
rec-advisors.org/ 49 KB
15 KB 157ms
107ms Document
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

Host: rec-advisors.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d355d33d9022e34c9668b7e2ba1660d5a1575942224; expires=Thu, 09-Jan-20 01:43:44 GMT; path=/; domain=.rec-advisors.org; HttpOnly
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 542b87987c4bcbb4-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK 579d0.single.include.4e2fc8.css
rec-advisors.org/wp-content/cache/minify/ 211 KB
41 KB 162ms
162ms Stylesheet
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116890c2f62f32153ab0f046b698c6204086c35a9678a3d3ba219e681f517fdf

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879a3f1ccbb4-VIE

GET
H/1.1 200
OK 579d0.default.include.3de91f.js Show response
rec-advisors.org/wp-content/cache/minify/ 156 KB
30 KB 213ms
200ms Script
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc094c837491f955ee77cb90869ce0845d15be34a618720b291d863f8bf12f78

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879a5864cbbc-VIE

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 46ms
17ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 20576168
cf-ray: 542b879a6a74cbb0-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Sun, 29 Nov 2020 01:43:45 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.005

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 47ms
18ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 20576167
cf-ray: 542b879a6a75cbb0-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:36 GMT
server: cloudflare
etag: W/"5afd48ec-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sun, 29 Nov 2020 01:43:45 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.025

GET
H/1.1 200
OK style.css
rec-advisors.org/wp-content/themes/mb17s/css/ 381 KB
75 KB 159ms
147ms Stylesheet
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4875c5fe6282b0f39ab84caecd5bd9933de93f60586b3510dd120d8c784af02

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:20:56 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879a5fe0594c-VIE

GET
H/1.1 200
OK smarttag.js Show response
tag.aticdn.net/ 69 KB
20 KB 99ms
43ms Script
application/javascript 23.45.99.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.aticdn.net/smarttag.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.99.146 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-99-146.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 957f06c2b4c8b7860dfea6fc9c22b0ebbb93b0f578ab7ea119cfab3cc2a683b6

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: _96tQs5PhRQt6rOYPlMjPrGybObCiyA8
Content-Encoding: gzip
Last-Modified: Tue, 15 Oct 2019 10:09:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=600
Date: Tue, 10 Dec 2019 01:43:45 GMT
Connection: keep-alive
Content-Length: 20072
X-Amz-Cf-Id: wBhxbd2IvVzvuWP7QyRX22RR530Pa2SD7dUbMjSlP_uTGBKL_TKH1w==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
16 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

576e016aeb400b87d4af02d6ac1c1ca69f960c7e3233b778b91336df8604585a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "362 / 73 of 1000 / last-modified: 1575920697"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15830
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H/1.1 200
OK main.js Show response
rec-advisors.org/wp-content/themes/mb17s/js/ 144 KB
37 KB 149ms
137ms Script
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4248b10d5d3c8a949fe2f3e29bfcc5880f0739c74a925c075fe520cedc8c1d9

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879a5bdc8ca4-VIE

GET
H/1.1 200
OK missbloom-logo-p.svg
rec-advisors.org/wp-content/themes/mb17s/images/logo/ 2 KB
2 KB 204ms
192ms Image
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rec-advisors.org/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879a5930cbac-VIE

GET
H2 200 Screenshot_1-6.jpg
files.missbloom.gr/2016/09/ 68 KB
68 KB 107ms
30ms Image
image/jpeg 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-16-186-152.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=86400
last-modified: Mon, 05 Sep 2016 10:31:56 GMT
server: nginx
etag: "57cd499c-10f17"
content-type: image/jpeg
status: 200
cache-control: max-age=8640000
date: Tue, 10 Dec 2019 01:43:45 GMT
accept-ranges: bytes
content-length: 69399
expires: Thu, 19 Mar 2020 01:43:45 GMT

GET
H2

200

bf4a12bd69f3.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

http://platform.instagram.com/en_US/embeds.js
https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js

15 KB
5 KB

6ms
6ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 18:00:39 GMT
x-fb-trip-id: 1679558926
access-control-allow-origin: *
etag: "bf4a12bd69f3"
vary: Accept-Encoding
content-type: text/javascript
status: 200
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4925

Redirect headers

status: 302
date: Tue, 10 Dec 2019 01:43:45 GMT
x-fb-trip-id: 1679558926
cache-control: max-age=21600
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
content-type: text/html; charset=utf-8

GET
H2 404 4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 74ms
71ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 gb-200x200.jpg
files.missbloom.gr/2016/09/ 0
0 92ms
89ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 va_content.vast.js Show response
www.vidads.gr/scripts/ 291 KB
76 KB 58ms
13ms Script
application/javascript 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/scripts/va_content.vast.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
last-modified: Mon, 04 Nov 2019 14:18:29 GMT
server: nginx/1.16.1
etag: "48ac3-59685fd6653e4-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-route: http1
accept-ranges: bytes
expires: Tue, 10 Dec 2019 02:43:45 GMT

GET
H2 404 64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/ 0
0 92ms
90ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/ 0
0 93ms
90ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/ 0
0 93ms
90ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 404 IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/ 0
0 93ms
91ms Image
text/html 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 preloadBar.gif
www.capital.gr/Content2017/images/ 25 KB
25 KB 34ms
32ms Image
image/gif 2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 /
Resource Hash: cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
last-modified: Tue, 04 Dec 2018 16:43:52 GMT
server: Microsoft-IIS/8.5
etag: "691c58af08bd41:0"
content-type: image/gif
status: 200
cache-control: max-age=15552000
accept-ranges: bytes
content-length: 25323

GET
H/1.1 200
OK tag.js Show response
js.agkn.com/prod/v0/ 3 KB
4 KB 14ms
6ms Script
application/javascript 2600:9000:2156:4200:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://js.agkn.com/prod/v0/tag.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2600:9000:2156:4200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Dec 2019 17:49:34 GMT
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Last-Modified: Tue, 22 Oct 2019 20:22:52 GMT
Server: AmazonS3
Age: 53622
ETag: "f53f55cbab099be3a970b446a66c496a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3167
X-Amz-Cf-Id: EkWvsMv_Rvt76LWoq26VRgsSdLo6V7nRruy5xBZVTaaUrQk4JnxTCw==

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
38 KB 25ms
18ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ab3f5cf60ad656cc5ac32599eec8414a69abef3fce339684e1cc2c978f3ac41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 6909715950835898840
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37911
X-XSS-Protection: 0
Expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 50ms
16ms Script
application/javascript 2606:4700::6812:e234
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 1468
etag: W/"967648c5f43f1acc3f64970983a5d03f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 542b879c8be7cbac-VIE
expires: Tue, 10 Dec 2019 13:43:45 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
rec-advisors.org/wp-includes/js/ 151 KB
31 KB 165ms
154ms Script
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://rec-advisors.org/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1669b8e04aabf7547e96dfe1f693dacb413ee8a22570ba5bb6af9b79c749e0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 10 Feb 2019 16:02:05 GMT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879b3a43cbac-VIE

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4208
date: Tue, 10 Dec 2019 00:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 10 Dec 2019 02:33:37 GMT

GET
H2 200 pubads_impl_2019112501.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 33ms
33ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

7445bbd2dbe2678c13788e4b231f28674b4a24170f8fab8fd2747edbfa546298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Nov 2019 14:07:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62279
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
782 B 36ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=rec-advisors.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET 482
t.qds.ninja/t/ 0
0

GET
H2

200

xtcore.js Show response
www.missbloom.gr/
Redirect Chain

http://www.missbloom.gr/xtcore.js
https://www.missbloom.gr/xtcore.js

19 KB
8 KB

31ms
31ms

Script
application/javascript

2.16.186.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.missbloom.gr/xtcore.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-152.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
last-modified: Thu, 26 Nov 2015 09:49:24 GMT
server: nginx
etag: "5656d5a4-4ae0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0
accept-ranges: bytes
content-length: 7522
expires: Tue, 10 Dec 2019 01:43:45 GMT

Redirect headers

Location: https://www.missbloom.gr/xtcore.js
Date: Tue, 10 Dec 2019 01:43:45 GMT
Cache-Control: max-age=0
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
Expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
4 KB 61ms
61ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225334&dlt=1575942224990&idt=319&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

923e3df8409577c2bd1d0464c45fb54ef1a822a6a44daf04d052fbcc199e1080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4354
x-xss-protection: 0
google-lineitem-id: 5229174451
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138295522090
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019112501.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 33ms
33ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

aa3d8c0bac814575a360461a2323eba6056173f68792df5d68892a0c8c687395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 25 Nov 2019 14:07:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24658
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 71ms
70ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225348&dlt=1575942224990&idt=319&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

b2d5219c3cf966c1c3249e3f1121270b8ddfd6c396ad9a0f3d219a5229a21cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2962
x-xss-protection: 0
google-lineitem-id: 5240334120
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296761614
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
4 KB 212ms
211ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225352&dlt=1575942224990&idt=319&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

a72174780909d99f6b2d8382fcb948d7437dddc0ab71d477ff4b178594c46818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4396
x-xss-protection: 0
google-lineitem-id: 5235379836
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296141450
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 385 B
369 B 206ms
206ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225359&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

264a516eb71dd0a58761b141916976809bb93eeb2ba76dfceb2351af28b62858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 199
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 264ms
263ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225362&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

4a299d9d6cf29bcd203ccdb8e8dba3b772e73b0c904c093b8a9ab0fa0c68097e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2212
x-xss-protection: 0
google-lineitem-id: 5239266929
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296495325
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 342ms
341ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225370&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

43bece01c9a33fb1773ea36dc6a1b015636f402cc22b450b228078bb3fc9c69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9084
x-xss-protection: 0
google-lineitem-id: 5243381433
pragma: no-cache
server: cafe
google-creative-id: 401219033457
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK _yalla_loader.js Show response
widget.yallarec.com/ 134 KB
28 KB 30ms
6ms Script
application/javascript 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/_yalla_loader.js
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: f5110a760bffe7bc4532d967f6a2b7c41ed5853ac0b42ad0b79b78641a151bae

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 16:15:17 GMT
Server: nginx
ETag: W/"5dee7315-21800"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 28346
Expires: Tue, 10 Dec 2019 03:43:45 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
8 KB 388ms
388ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225383&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3492&adk=3543098062&uci=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

8717984eae5054df74e129eb16b333ffd757fcc58d1a2ace917c938f85be14e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8298
x-xss-protection: 0
google-lineitem-id: 5243381433
pragma: no-cache
server: cafe
google-creative-id: 401243769589
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 388 B
363 B 460ms
459ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225388&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3742&adk=1034747580&uci=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

0dc41d4ae88e91347bda973815230c8ddfc870c357b681cdb5407d4c4716031e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 202
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 456ms
456ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225392&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3992&adk=926066986&uci=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

88b97f99230caae9f71ee79ae058e8d22496f4467950ae5227e9004462e44b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2427
x-xss-protection: 0
google-lineitem-id: 5243951518
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138297452014
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 392 B
479 B 574ms
574ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225416&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5804&adk=1019512580&uci=a&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=40&icsg=34351808&std=0&csl=77&vis=1&scr_x=0&scr_y=0&psz=1569x90&msz=1569x90&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

99c973f51d892f2c399baeb29c0caad19c4fde2c231e5e614086ef129128152d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 204
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK missbloom-logo-p.svg
rec-advisors.org/wp-content/themes/mb17s/images/logo/ 64 KB
64 KB 17ms
16ms Image
text/html 2606:4700:30::681f:5a50
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rec-advisors.org/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2606:4700:30::681f:5a50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Sun, 10 Feb 2019 16:02:06 GMT
Server: cloudflare
Age: 0
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 542b879cec7dcbac-VIE

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 26702
x-xss-protection: 0
pragma: public
x-fb-debug: oRDrgueUwpzkEOqksoIJrOqtI08zjcNRI0lvGDnRm7qMtq0YgEyzR8nr0XXFxz4WjjdN96VvmvSZv2HMEHgJYA==
x-fb-trip-id: 975780461
date: Tue, 10 Dec 2019 01:43:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 381 B
474 B 564ms
564ms XHR
text/plain 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2803438771948734&correlator=3869322572872128&output=ldjh&impl=fif&adsid=NT&eid=21062899%2C21064713%2C21065098&vrg=2019112501&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=0&sfv=1-0-37&ecs=20191210&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1575942225431&dlt=1575942224990&idt=319&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5931&adk=343001862&uci=b&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Frec-advisors.org%2F&dssz=49&icsg=549628930&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x5923&msz=1x-1&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

9310181a5c8f45594238dbdbcd66b8e3565616679e4567febb9b77a30ab2af2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 197
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 exitbee.js
app.exitbee.com/c/366/ 0
0 136ms
44ms Script
text/html 35.240.50.85
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://app.exitbee.com/c/366/exitbee.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

85.50.240.35.bc.googleusercontent.com

Software

openresty/1.15.8.2 / PHP/7.2.13

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
server: openresty/1.15.8.2
access-control-allow-origin: *
x-powered-by: PHP/7.2.13
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 403
cache-control: no-cache, private
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 429 /
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame B16E 0
0 137ms
136ms Document
text/html 2a03:2880:f21c:80e5:face:b00c:0:4420
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Frec-advisors.org&rp=%2F

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Frec-advisors.org&rp=%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://rec-advisors.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

status: 429
content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Tue, 10 Dec 2019 01:43:45 GMT
content-length: 20614
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-aed: 14
access-control-expose-headers: X-IG-Set-WWW-Claim
x-fb-trip-id: 1679558926

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ 20 KB
7 KB 44ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10330
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Mon, 09 Dec 2019 22:51:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Dec 2020 22:51:35 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame F1C3 200 KB
54 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10235
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Mon, 09 Dec 2019 22:53:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Dec 2020 22:53:10 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame F1C3 151 KB
41 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10235
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Mon, 09 Dec 2019 22:53:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Dec 2020 22:53:10 GMT

GET
DATA 200
OK truncated
/ Frame F1C3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd4527d26e1b13db1a61c723e35cd1428f95e42692a10e24fafb6eb5561a9084

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2BB9 0
0 35ms
35ms Fetch
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcacZNd2pTnZAqfk_8GAEn96NUngsEQrJNIB3AJbKBL5e8hHNnEq_YEBsgQpAgUf6bwQ6wS0aKuErhcf2asPHNuRsfNyLA-6-1mNFWP0lQ3dzuki2Ie77ZywN_2zhBy2YnJmBlsZ-iHKXtsgOfUjurACUCG_KG7jF-yy4zOAmJHg8EkXcxTZK3W-U209psDOfmXBzgP-A5kemvwWs5A1p57h8rvrSbdCAmg4mc1uf5R3j5w-Am9-Uazmts2lLJILzw3Y8F_L-j20XNRW7sw3NeAA&sai=AMfl-YQPHz6dIWuf1pZrQrATDBhjEjGIUKixaoxVWfyuNQhYlezHYLBCCSb-KEVS5DtTp8IYpexht0-WERrd-7EJk_MgnMOWdg5CDKkte5Fyyg&sig=Cg0ArKJSzAf5sQCxrhXXEAE&urlfix=1&adurl=

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 madinad-sdk.min.js Show response
static.madinad.com/static/ 7 KB
2 KB 210ms
18ms Script
application/javascript 2606:4700:30::681f:4d17
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681f:4d17 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b77bea70e57eaae2f1d6c34b4d8a330f55959c607c7ed1a37ff402d37759deef

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
via: 1.1 8041ecf6e768a41bc9c64e0c75dc923d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2428
x-cache: Hit from cloudfront
status: 200
content-encoding: br
last-modified: Fri, 01 Mar 2019 09:31:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
x-amz-cf-pop: VIE50-C1
cf-ray: 542b879e5cf059a6-VIE
x-amz-cf-id: xEM7UDjWDXjWG4xXNFbw3lgcLWTWJkYsxrpHi2INWECIrvFxt5DczA==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BB9 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 8074391509229488019
tpc.googlesyndication.com/simgad/ Frame F1C3 183 KB
184 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8074391509229488019

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

816d711fcab3fb242c5a83a2feaf62f5a2aa7988e79b28ae9d0881d789b9f940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 22:09:19 GMT
x-content-type-options: nosniff
age: 1308866
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 187717
x-xss-protection: 0
last-modified: Fri, 22 Nov 2019 14:47:03 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Nov 2020 22:09:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1C3 0
256 B 40ms
34ms Image
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8pr2arhOVXiUgmF7n3moBTQJozUsm_LR3qr5kyP6SyP0f5TwIDbfJXo0nfGiOKRAQYAdGncNZqsvD6Ze0xux_zHJHkCH0dkGAYiJTLjZBMUywHIAzh8cbohuD9QAef7_JvpCOW4eo7zdhLi3kWFlVqdTGNYPMgpBTrhfHWbpadWPjuo1O3KtV9yoeHseO7jGGLDEawoj1FGM3uBimWu2-M1pgYdRjMzg_v1Gnp1lXJba2hU8KmNHovPbiekAsWcF_Hw&sai=AMfl-YSx0-qMcv_Ngc-ePQR8frwSQwvWOfXNyuM7TuRqOuL4RIZTwhv2hc_sLlQH4pzD0Biy7XR8SBai4QYKwiMLlbVbgNjvyYn7IekeELgH&sig=Cg0ArKJSzJSOG4G39FFQEAE&adurl=

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 636 Show response
www.vidads.gr/get/video/vast3/ 97 B
588 B 40ms
40ms XHR
text/xml 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Frec-advisors.org%2F

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx/1.16.1 / PHP/7.2.25

Resource Hash

abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: PHP/7.2.25
status: 200
pragma: no-cache
x-route: http1
last-modified: Tue, 10 Dec 2019 01:43:45 GMT
server: nginx/1.16.1
vary: Accept-Encoding
content-type: text/xml; charset=UTF-8
access-control-allow-origin: http://rec-advisors.org
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
x-time: 0.034244775772095
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame FAB6 0
0 16ms
10ms Document
text/html 2600:9000:2156:c200:19:fc2c:a140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=296299130&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Frec-advisors.org%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:c200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://rec-advisors.org/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

Content-Type: text/html;charset=UTF-8
Content-Length: 479
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Date: Tue, 10 Dec 2019 01:43:45 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AICtdtuuLofBWf%2FGFO0NF8qyTlH%2BJ16K1;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlgbTRJYG00QAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache: Miss from cloudfront
Via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: dcJhD7morarfDZnEvD0XAFmaAiZ6PDpy83IqktGaBzvXfSRlfo_axQ==

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 245 KB
90 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 91654
x-xss-protection: 0
server: cafe
etag: 2923717731764352670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 7E91 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191205/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://rec-advisors.org/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlh-c0R2Hj3QFDuwz392AqedApM36qrZqwuqi69o_RLJwQHXj7vTfYgglvp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Dec 2019 17:43:23 GMT
expires: Thu, 19 Dec 2019 17:43:23 GMT
content-type: text/html; charset=UTF-8
etag: 13309989325511048345
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6574
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 374422
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 Nov 2019 01:05:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 1816690
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29671
X-XSS-Protection: 0
Expires: Wed, 18 Nov 2020 01:05:35 GMT

GET
H2 200 1047335965285668 Show response
connect.facebook.net/signals/config/ 349 KB
85 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1047335965285668?v=2.9.14&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8c33a3c1fa742224fa740c87f3eb0e31f9d5d6ab4ef219c559c9bb53629abe4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 87060
x-xss-protection: 0
pragma: public
x-fb-debug: oe2DGyy+Xgof6WZMzVKKDs4zfR4/YJX8748+fPDzj0VfPPRtUfV1SpyBIXS6JGCqsPef9OXRPalh2pz3kFOvxw==
x-fb-trip-id: 975780461
date: Tue, 10 Dec 2019 01:43:45 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2BB9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: faea73d1988e95138d7eff1fe4e81a7d692f2117b996cdc6c78dd0dd457374e5

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2BB9 49 KB
19 KB 25ms
25ms Script
text/javascript 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

1c805bc236ef2efe999e3d29d8664ab4234308a1b4b83288fcf6e5330ff640bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 585
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19307
x-xss-protection: 0
server: cafe
etag: 7977128950854206969
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 02:34:00 GMT

GET
H2 400 ads
googleads.g.doubleclick.net/pagead/ Frame 00FF 0
0 17ms
17ms Document
text/html 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Frec-advisors.org%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575942225475&bpp=14&bdt=485&fdt=110&idt=110&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8190634284564&frm=20&pv=2&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&ga_fc=0&iag=0&icsg=703828146782243&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21065125%2C26835106&oid=3&pvsid=2803438771948734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=1040&bc=23&ifi=11&uci=a!b&fsb=1&dtd=120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Frec-advisors.org%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1575942225475&bpp=14&bdt=485&fdt=110&idt=110&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8190634284564&frm=20&pv=2&ga_vid=739303124.1575942225&ga_sid=1575942225&ga_hid=1163990423&ga_fc=0&iag=0&icsg=703828146782243&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1185&scr_x=0&scr_y=0&eid=21065125%2C26835106&oid=3&pvsid=2803438771948734&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=1040&bc=23&ifi=11&uci=a!b&fsb=1&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://rec-advisors.org/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlh-c0R2Hj3QFDuwz392AqedApM36qrZqwuqi69o_RLJwQHXj7vTfYgglvp; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

status: 400
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Dec 2019 01:43:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame AF19 200 KB
54 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10235
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Mon, 09 Dec 2019 22:53:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Dec 2020 22:53:10 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame AF19 151 KB
40 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10235
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Mon, 09 Dec 2019 22:53:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Dec 2020 22:53:10 GMT

GET
DATA 200
OK truncated
/ Frame AF19 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c9c9ec0ca19999de7080554a20c1ed3c101d25cc6f9f7a196bd9a2183b93dfe

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8841853847068052448
tpc.googlesyndication.com/simgad/ Frame AF19 139 KB
140 KB 12ms
11ms Image
image/gif 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8841853847068052448

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4dc4b6690119607d08ca2ab945adeb1fc1857c54722098f63046007c7bf02048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 16:06:14 GMT
x-content-type-options: nosniff
age: 898651
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 142703
x-xss-protection: 0
last-modified: Fri, 29 Nov 2019 15:49:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Nov 2020 16:06:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AF19 0
57 B 61ms
60ms Image
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUxFiMInhjmTyXb7p6-IZhINcJQA6p6sicS3fR0B28PavU3RwHtXYmZ7r_siOK5VY_0S0qHXZ6u2vjsVqJGWOrgHuI1y2m62ixfZaVhyqo-aBckQLA2KRxojGSl8zwEPxLCkL3VReRO__9UJmppvQvm9zcYUEwPPj03IdXeZw4lnMMXdg4sBgIUmyr5ZScqAdEBj8RnrtjgtlrPPbgkOfAYrAjL0gR-RHNAe9kSY9YihBLpdRQhwQGPOd8IIk2yd7Q&sai=AMfl-YQt2VrsrNxcCCP6RhmgaUe-Vmo59KiglkfwjXqJXrk693E_JspFRwpd84hWo5bmvIlW16SVvz16PEFlGse4y_1KdxN8dLOimjyIu9IF&sig=Cg0ArKJSzDhUt-wxu1MZEAE&adurl=

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=http%3A%2F%2Frec-advisors.org%2F&rl=&if=false&ts=1575942225667&sw=1600&sh=1200&v=2.9.14&r=stable&ec=0&o=30&fbp=fb.1.1575942225666.598495195&it=1575942225516&coo=false&rqm=GET

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 752C 0
0 36ms
35ms Fetch
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvduDop3pwXtTHb09sDZjIfuZ9pRFEwyjMYa9FU-BvJ6zWb_Wk513rfk9FlP1h78VvAQbmbjXZbT40TCEJEPBfgjQtum-29Q2Y0TlaUGlIfFb_FqQd5LwgMnNFqq0ukHkuSVcAdSQwUyrnc3ra8wlWMcfGatz8YYEG4Q8a_RNyLQLOjaQYXhMakTNBCISE5UabTkPZC5ex5Voz2kkRap--jTvSQjntA8y2-8Qp5kWRnIUClhwBWfzE67TrQf4yQaJwnlAw8qLiX&sai=AMfl-YREBbh771GGO6yFpw4B8rA0P9MEGK1vCP8EFD-z7KM9vYhtluZB97T9-CtNXYtRKbcOjwYyIfdPXzLpHELJz3lrU4sif9lP6NPfXdQF&sig=Cg0ArKJSzCoJOwuQIi2GEAE&urlfix=1&adurl=

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 / Show response
a1.adform.net/adfscript/ Frame 752C 20 KB
10 KB 40ms
38ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.adform.net/adfscript/?bn=34465615;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvduDop3pwXtTHb09sDZjIfuZ9pRFEwyjMYa9FU-BvJ6zWb_Wk513rfk9FlP1h78VvAQbmbjXZbT40TCEJEPBfgjQtum-29Q2Y0TlaUGlIfFb_FqQd5LwgMnNFqq0ukHkuSVcAdSQwUyrnc3ra8wlWMcfGatz8YYEG4Q8a_RNyLQLOjaQYXhMakTNBCISE5UabTkPZC5ex5Voz2kkRap--jTvSQjntA8y2-8Qp5kWRnIUClhwBWfzE67TrQf4yQaJwnlAw8qLiX&sai=AMfl-YSPmbx_oEx682en_f1cYA5zgJ3X56y0tTxtSkIZrwhYFV412QtWQ4oBz3kyeR385k9qvLf2pDt8GVI24TbZMa0WleFw2b8Cves7tFC1&sig=Cg0ArKJSzA8wnRKaSTRDEAE&urlfix=1&adurl=
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f2a1bcdabeb5a42e5814fc077072b90600178a1007f0e54a463063ba0e91c8ff

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 9990
expires: -1

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 752C 77 KB
29 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3F84 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://rec-advisors.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 09 Dec 2019 23:13:14 GMT
expires: Tue, 08 Dec 2020 23:13:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9031
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK getrecs.json Show response
api.yallarec.com/rec-api/ 27 KB
9 KB 312ms
115ms Script
application/javascript 95.142.20.17
PUREPEAK-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_43643019008268770&pubid=185585&webid=175457&wid=117200&recsnum=15&url=http%3A%2F%2Frec-advisors.org%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=f1f0b628-80fa-17f5-5e3c-ac703bd265a4&rndid=43643019008268770&psid=5b59c509-256f-d135-5ac8-acfdb549ed0e
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS: ip-95-142-20-17.purepeak.com
Software: nginx /
Resource Hash: cca673acb618cf5b0e66e0a997721cbd2635b3c73c428b69c973a5f99dbadb67

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-language: en-US
cache-control: no-cache, no-store, max-age=0
transfer-encoding: chunked
content-type: application/javascript;charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/620/s1.adform.net/ Frame 752C 30 KB
15 KB 188ms
34ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Requested by: Host: a1.adform.net
URL: https://a1.adform.net/adfscript/?bn=34465615;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvduDop3pwXtTHb09sDZjIfuZ9pRFEwyjMYa9FU-BvJ6zWb_Wk513rfk9FlP1h78VvAQbmbjXZbT40TCEJEPBfgjQtum-29Q2Y0TlaUGlIfFb_FqQd5LwgMnNFqq0ukHkuSVcAdSQwUyrnc3ra8wlWMcfGatz8YYEG4Q8a_RNyLQLOjaQYXhMakTNBCISE5UabTkPZC5ex5Voz2kkRap--jTvSQjntA8y2-8Qp5kWRnIUClhwBWfzE67TrQf4yQaJwnlAw8qLiX&sai=AMfl-YSPmbx_oEx682en_f1cYA5zgJ3X56y0tTxtSkIZrwhYFV412QtWQ4oBz3kyeR385k9qvLf2pDt8GVI24TbZMa0WleFw2b8Cves7tFC1&sig=Cg0ArKJSzA8wnRKaSTRDEAE&urlfix=1&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 77ee1ad92dda433d656338d3b5e3cc17dc5fa3374b593f991f93afd5474b44fc

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:44:31 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Wed, 11 Dec 2019 04:52:19 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8387 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://rec-advisors.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 09 Dec 2019 23:13:14 GMT
expires: Tue, 08 Dec 2020 23:13:14 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 9031
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EF35 0
0 198ms
198ms Fetch
image/gif 172.217.22.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEj78lyWgA6ODTVBwOMIxRtk8DrSS72GyMkED4lilAPntk1uCB2xPIJlj1ddpXac5PED1d-d_RZ6CKWnlHC3QkAEiGjIB9qT65oVHC5GAUmsr4FtZ6-6rta8D1mxur0vVVWYtKg6qKY-Szx5XCD3MDTzNLYgO6l-5ETWggNCGfSSjw0YxS4wHi3zt6hAJOdLb_4L9MS8iuGXWnAkdvI6pVgo7dKW9GkT2Cw2PLPDC6XG0B9e1xZ4duPng5NDQ3Unx2omVKkvymXwk&sai=AMfl-YRtqMo64EUuICFogvGqxt658j86nir8RTESJEyKxTzWHHHgTTf7XX8XF14imIZfJu_qcMSug4jJ8NeDBSypSSXaLIS_KgIEa-63uP2DwQ&sig=Cg0ArKJSzDdKUfc0A-xXEAE&urlfix=1&adurl=

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF35 77 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:45 GMT

GET
H2 200 imgad
tpc.googlesyndication.com/pagead/ Frame EF35 25 KB
25 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCnrpPoCBABGAEyCF93WtuOefLr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019112501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

2375d8221e1bb40da79565249dc8437f67e8f190d12547b8008daeef69eee133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 08 Dec 2019 22:09:29 GMT
x-content-type-options: nosniff
server: cafe
age: 99256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=604800
content-type: image/jpeg
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25330
x-xss-protection: 0
expires: Sun, 15 Dec 2019 22:09:29 GMT

GET
H2

200

B23546795.261765615;dc_pre=CJPJw6T6qeYCFZGLdwoddK0HQA;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/ Frame EF35
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_pre=CJPJw6T6qeYCFZGLdwoddK0HQA;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag...

42 B
120 B

89ms
79ms

Image
image/gif

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_pre=CJPJw6T6qeYCFZGLdwoddK0HQA;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N2520.563336.MISSBLOOM.GR/B23546795.261765615;dc_pre=CJPJw6T6qeYCFZGLdwoddK0HQA;dc_trk_aid=457272728;dc_trk_cid=125452588;ord=1628502464;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

hit.xiti
logw312.ati-host.net/
Redirect Chain

http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref=
http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref=&Rdt=On

35 B
160 B

29ms
29ms

Image
image/gif

104.111.224.123
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref=&Rdt=On
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 104.111.224.123 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-224-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=0243451445025&jv=0&re=1600x1200&vtag=4.5.7&hl=2x43x45&r=1600x1200x24x24&ref=&Rdt=On
Date: Tue, 10 Dec 2019 01:43:46 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0
P3P: policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

POST
H2 204 csi
csi.gstatic.com/ Frame 2BB9 0
304 B 403ms
114ms Other
image/gif 2607:f8b0:4002:c09::5e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~k3z7b7zy&chm=1&ctx=2&gqid=UfjuXYvLFuOK7_UPrqi-0Ao&qqid=CJHfnqT6qeYCFSrFuwgd2xsBsw&met.4=fb.2~lb.28~ol.29~idt.61~dt.-2u&met.3=197.21~123.1z_9~117.29~118.2d_1~118.51~118.52_1~118.53~143.6f_1~118.7e~118.7e_1~118.7h~143.cm_1~118.en~118.eo~113.es_2~112.er_3&met.1=1.k3z7b7l6~14.0~15.0~16.0~17.0~18.0~19.0~20.29~21.29~22.2g~23.2g&met.7=CCoQChgBIAMoAzAtOCo~CCgQChgBIG4objDhAjjzAWjFAnDeAniemAGAAeuWAYgB94kDsAEBuAED
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::5e , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
a1.adform.net/wpf/v2/kla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt... Frame 752C 5 KB
3 KB 89ms
76ms Script
text/javascript 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.adform.net/wpf/v2/kla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAU9a29SLvBshgtshuTyjaY2ftckuyPBDjaY2.rIN87gq1a_Cq1dHYSNL1r.S9RdPQSzOy_Aw7UTlf_01kKHoNveAU.0Y.KI0K64WDJFvQjJz1_y3rl7pp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF3fKXV4.hL9.LxU...ZG/adfserve/?CC=1&bn=34465615;click=https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvduDop3pwXtTHb09sDZjIfuZ9pRFEwyjMYa9FU-BvJ6zWb_Wk513rfk9FlP1h78VvAQbmbjXZbT40TCEJEPBfgjQtum-29Q2Y0TlaUGlIfFb_FqQd5LwgMnNFqq0ukHkuSVcAdSQwUyrnc3ra8wlWMcfGatz8YYEG4Q8a_RNyLQLOjaQYXhMakTNBCISE5UabTkPZC5ex5Voz2kkRap--jTvSQjntA8y2-8Qp5kWRnIUClhwBWfzE67TrQf4yQaJwnlAw8qLiX&sai=AMfl-YSPmbx_oEx682en_f1cYA5zgJ3X56y0tTxtSkIZrwhYFV412QtWQ4oBz3kyeR385k9qvLf2pDt8GVI24TbZMa0WleFw2b8Cves7tFC1&sig=Cg0ArKJSzA8wnRKaSTRDEAE&urlfix=1&adurl=;js=1;adfxid=1x;1385;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|0;fd=0|2&CREFURL=http%3A%2F%2Frec-advisors.org%2F
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 1e96a23c7d04016dcec94f9f67e29901dc403f694bdf5471749f34893bcaded5

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 2449
expires: -1

GET
DATA 200
OK truncated
/ Frame EF35 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4fdc4225be0d1e88150f730c5c87851770bd0461b26f4254faed13863e7cd26

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 /
www.facebook.com/tr/ 0
71 B 18ms
11ms Other
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBLlULKqGCBWnHq1W

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: http://rec-advisors.org
date: Tue, 10 Dec 2019 01:43:46 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-24=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK yalla_crt_loader.js Show response
widget.yallarec.com/ 13 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:6c00:28d::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://widget.yallarec.com/yalla_crt_loader.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:28d::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Dec 2019 16:15:18 GMT
Server: nginx
ETag: W/"5dee7316-342f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 3239
Expires: Tue, 10 Dec 2019 03:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2_145106_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/fb/d2/17/ 11 KB
12 KB 165ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/fb/d2/17/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2_145106_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 260cf5d4d17e068773362b9d5577316f97a7408338c2fd97ab86b9dacf828a74

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Thu, 28 Nov 2019 11:34:06 GMT
Server: AmazonS3
x-amz-request-id: 5D7C8B93BBAAA284
ETag: "740e94256afdb2e72e0e33cb290fb2a9"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11375
x-amz-id-2: sUlYmZdbLMEFGu8TFSs50zQpSmuk1evcI/hc9VlMVpzoKJo/14RenrzGI6Nxd8dXS5Mxc0AM5KQ=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_2D_96_2D_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F__120910_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/62/9d/29/ 13 KB
14 KB 164ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/62/9d/29/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_2D_96_2D_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F__120910_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d56ea1d3003eef6edf02bd9c64cd1fbe7fbf3fed5eaf52bd1c14abc426ef75f

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:28:57 GMT
Server: AmazonS3
x-amz-request-id: 7F354EAC0D354654
ETag: "0cd044ce08b650cc3ea556522c10a512"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13791
x-amz-id-2: w0HnDp5FE+y9LoMXEUza0yMOHrw5YnvrLklQm+UP+r6BvvZ5+6hLWSluLLF68f89cLIOLYLLI+Q=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK yupiii.gr.1dfa0e7543acd564fd898ff7c6c30cd1_2_109502_2.jpg
img9-api.yallarec.com/98/c6/website_175458/23/40/ac/ 13 KB
14 KB 179ms
23ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/98/c6/website_175458/23/40/ac/yupiii.gr.1dfa0e7543acd564fd898ff7c6c30cd1_2_109502_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: becd9259217686a73b034917730ae4a364d6fbc7b4bba25add0e8d1aa8d911ff

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Mon, 09 Dec 2019 11:06:09 GMT
Server: AmazonS3
x-amz-request-id: D573A15472E2E38C
ETag: "cfd89bb694fec9cecfbd703a45a4955a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13541
x-amz-id-2: uES+5z13kSnfvCpCUSBjHMxXu2PxUkvsWcJdD19haGHwrqbycrd05C9W+yAvfjXvVSdxku3H2dU=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.icemax_5F700_5F2434c54feb901a8f14a2d61726c65390_2_187278_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/bb/1a/f5/ 13 KB
13 KB 163ms
7ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/bb/1a/f5/files.missbloom.gr.icemax_5F700_5F2434c54feb901a8f14a2d61726c65390_2_187278_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c64c8b6f4352fdf4ab136ad246bfd35d448c97380baec04d39f39c29e16629ee

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Mon, 02 Dec 2019 07:56:13 GMT
Server: AmazonS3
x-amz-request-id: 94D6A8D4C85AF7F4
ETag: "4dc0219abf727754aea92886db0fbabd"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12831
x-amz-id-2: axefzuaMT7j9rcv4VbbkF7Hxld8kubsmcS3H3XM6LBQVtduXoE4qsjVsRGk2t+dQNSih7qGE3Lc=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK i1.wp.com.204543_5F3000x2000_2Ejpg_3Ffit_3D696_252C464_26quality_3D98_26strip_3Dinfo_26ssl_187702_2.jpg
img9-api.yallarec.com/dc/64/website_175460/4f/bd/c2/ 17 KB
17 KB 167ms
11ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/4f/bd/c2/i1.wp.com.204543_5F3000x2000_2Ejpg_3Ffit_3D696_252C464_26quality_3D98_26strip_3Dinfo_26ssl_187702_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c35b402bb75207e7c3f938f914c60eb980b91462ff04a984c921f174681fc169

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Tue, 26 Nov 2019 02:25:56 GMT
Server: AmazonS3
x-amz-request-id: BB2D3C62E0DB7BF1
ETag: "1d56b2a843e728463d82e27512b5e3aa"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17290
x-amz-id-2: bmSBVfIRabZ1ETxZ2pBSWgD3eV9Xc4quJVEtA4Gz3pqCcGBbJ+HEMEe3B5SwmC9zklvElTI+sFM=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.kosioni_2Dmpakogoannis_2_140770_2.png
img9-api.yallarec.com/e4/6d/website_175457/b9/c3/30/ 16 KB
17 KB 164ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/b9/c3/30/files.missbloom.gr.kosioni_2Dmpakogoannis_2_140770_2.png
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e6ae64c22124a1624cf12413a6b50d3e3f6ef1ac27cf00307442439a096c5fb

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:29:30 GMT
Server: AmazonS3
x-amz-request-id: C6722DB9FEEF1770
ETag: "417970b416a7c746ab2dff8aa787b7a1"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16577
x-amz-id-2: bnjnvhXTHxu7Iw+IbGIQEZk9V9QPt3i4OGZ+got0+tKqj4n1CC2mt3Duxxpur/IMsxg0NjoBbtE=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.Yupiii_2_169991_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/64/fc/19/ 15 KB
15 KB 8ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/64/fc/19/files.missbloom.gr.Yupiii_2_169991_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c306410c40fd5b02c5c78c103a71fceb1d24e13a85a7fac6f0f6bba96aad6f73

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Thu, 05 Dec 2019 11:45:18 GMT
Server: AmazonS3
x-amz-request-id: 343C810365F22C93
ETag: "1cf80342c424c3482d7d7e49c420d09c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15308
x-amz-id-2: PVqV8VnHUbk2KX3YBVvvoOMemtpFNtUvKN1Vun1SRZoeNzO40lRxADfQ0BxQEw8MDiWWKgwBnJo=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F__112772_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/38/81/38/ 12 KB
12 KB 8ms
7ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/38/81/38/files.missbloom.gr._3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F__112772_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 710ea187232328f0c76fe8be0706ecf4b27bf51849d51432279927b360ecfc8e

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Mon, 02 Dec 2019 13:37:20 GMT
Server: AmazonS3
x-amz-request-id: B2F8D7A87155CA63
ETag: "a4fff6f9961e51443eb704b2379619f4"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12082
x-amz-id-2: 3r0GHITeMrIMqJcHb71tAVGnDHLDaLlG09exxXf5zE+d3TBLHMnG0WLU+2tnM6dXKtCJJlEtD44=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK madamefigaro.gr.a896e386877d43d9853120d235ba89ab_2_104981_2.jpg
img9-api.yallarec.com/c3/28/website_175461/0a/ac/ab/ 13 KB
14 KB 19ms
19ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/c3/28/website_175461/0a/ac/ab/madamefigaro.gr.a896e386877d43d9853120d235ba89ab_2_104981_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c15d30095cef7d2b7e63d5c857184e01b9d27c31f0ccfdb16f4422875c31c2e

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Tue, 03 Dec 2019 23:10:49 GMT
Server: AmazonS3
x-amz-request-id: 4E769F7AD45ABF28
ETag: "506f684a8356f650905f973c6c928719"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13727
x-amz-id-2: GUmSrMbd+RzlnjIiRu+USAtFAevlTnR4fY3m6GtWd2Of1kaPtPm+W2GBBo/TzdBsyfaTfMkOYtM=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_177892_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/3e/03/17/ 15 KB
15 KB 8ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/3e/03/17/files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_177892_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3e776e2f47dfd8f34d39f74e5df422347de63d223c8ebd0de142d6fea96fc96

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:59:10 GMT
Server: AmazonS3
x-amz-request-id: 13669065A2FA28E3
ETag: "0e48f76d84e629213c03b9548c33503c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15275
x-amz-id-2: 4z2p+zCjWBm2mcl3WiAjcbLfZmigKPknBIlevO0/jlZFq7zQHSF6z6c5xYJmdhHWAihz1JNKwKI=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.646797_2_174956_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/c4/c0/6a/ 14 KB
14 KB 8ms
7ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/c4/c0/6a/files.missbloom.gr.646797_2_174956_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc1839c7b03742d4dbcd1dbb53053026f5fde39c775563eb7233695550e17fe2

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:29:11 GMT
Server: AmazonS3
x-amz-request-id: 6E8E8F57BED9AB17
ETag: "b8546104b7bfc14786f94b46ba90fd3a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13841
x-amz-id-2: 0GGQ3dQxxyyeTOOOmLIlETJ6kwGajJSKnoUHjyMdRTXTMNB2X3vmCSE/uUcUvdoZjF4aObgpP68=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_167665_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/3c/08/ad/ 12 KB
13 KB 9ms
8ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/3c/08/ad/files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2_167665_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92a7b5f515524bcd223a232857febabef4d214abda1128633635a16c453d825a

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:29:16 GMT
Server: AmazonS3
x-amz-request-id: 143B684DA375496C
ETag: "54d5a2cac6958793357ac07074862318"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12588
x-amz-id-2: J3nup8lj4q2LGVn6C7BhGH+3Anx75qajPYqrg4Xm/ZuHZUuMigBSAyFcBt0YgneGiEjZbCt2ox8=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.Untitled_2D41_2_163518_2.png
img9-api.yallarec.com/e4/6d/website_175457/d3/ab/57/ 11 KB
12 KB 10ms
9ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/d3/ab/57/files.missbloom.gr.Untitled_2D41_2_163518_2.png
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ea390ef97ab3392f04e9ccd35d1ea56f4bdecd140ad348df52a505b19e93fc2

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Tue, 03 Dec 2019 10:13:18 GMT
Server: AmazonS3
x-amz-request-id: F5B7C99CAD5740C3
ETag: "0b748581f91aeb1079909acccb7da965"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11346
x-amz-id-2: 2ftlGEUkV6EaFuR2kn4VQH3Ld6dY7c2UD1kSBNSlIZH3lnqm/xUDqY8sHz1D9I5rrPsb0CheHfI=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.21480432_5F340668156390247_5F267225473518403584_5Fn_2_190285_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/2a/1f/de/ 14 KB
15 KB 23ms
22ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/e4/6d/website_175457/2a/1f/de/files.missbloom.gr.21480432_5F340668156390247_5F267225473518403584_5Fn_2_190285_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1f1acac2c15b1907a7ed794258c648c0b9c1b6da970bb398c8cb67f767cd45d

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 27 Nov 2019 11:31:28 GMT
Server: AmazonS3
x-amz-request-id: 895C86F263D9B3E7
ETag: "7cf1a30eb21b04e739525bc81a275594"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14510
x-amz-id-2: 8D/4nAYpXhCFHTQWW2AGc/pcWGGkqTHudJbPaMN1cPf5zJ823iaTKTzAxkBDHqg1a5TVcbuZID0=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
H/1.1 200
OK files.missbloom.gr.kate_2Dmoss_2_186488_2.jpg
img9-api.yallarec.com/dc/64/website_175460/ba/cd/d7/ 12 KB
12 KB 7ms
7ms Image
image/jpeg 2a02:26f0:6c00:287::3b8c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img9-api.yallarec.com/dc/64/website_175460/ba/cd/d7/files.missbloom.gr.kate_2Dmoss_2_186488_2.jpg
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:287::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af44accef61b7a0a8954f6eafe5a8c54c71ebedd5a18aa2867b8538d6bac2a0d

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:46 GMT
Last-Modified: Wed, 13 Nov 2019 03:29:04 GMT
Server: AmazonS3
x-amz-request-id: 441CB40B8F1F5A2D
ETag: "f68ebba938da329fba1c09e0a6d5ad36"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12274
x-amz-id-2: 0PSxpx1Q1AX8iehZu2LkZsMBMKCfVH4alWX1TjfZ2X53UysDZRR8mVY4+bW53vj0FbYrRuI62tw=
Expires: Tue, 17 Dec 2019 01:43:46 GMT

GET
DATA 200
OK truncated
/ Frame 752C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bb5bfa0c708b318edb4bbe3688b1d49f03f23e6012399a9c09ed956a5d59174

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 87 KB
27 KB 25ms
25ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: widget.yallarec.com
URL: http://widget.yallarec.com/yalla_crt_loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 30524ff4955653cc592d92ff6faff230d201fe166242858d5aa5027e9f1fe429

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 14:27:47 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5dc186e3-15c08"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 11 Dec 2019 01:43:46 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
145 B 19ms
19ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=77&profileId=184&cb=38948500602
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 10 Dec 2019 01:43:45 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://rec-advisors.org
timing-allow-origin: *
vary: Origin

GET
H2 200 Standard Show response
s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.182/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/ Frame 752C 85 KB
36 KB 40ms
40ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/620/s1.adform.net/load/v/0.0.182/e/.wSBgiD/i/8IC-4gAAAAKAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:44:31 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Wed, 11 Dec 2019 04:53:53 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 20ms
20ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 04 Dec 2020 01:43:46 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 19ms
19ms Image
image/gif 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: rec-advisors.org
URL: http://rec-advisors.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 04 Dec 2020 01:43:46 GMT

POST
H2 200 /
a1.adform.net/csimpr/ Frame 752C 35 B
423 B 34ms
32ms Other
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.adform.net/csimpr/?bn=34465615&csi=QhhiWZSZLlEabtpyStDiJsH0CgS0bNRB5ON6uynYDNpUcNbPD7jKuYDEJ7wmFnWMqrwFuBqxQ_-WVKA8SKxVIWJYLlp6K61QvBbYQBdqw4stuKyS9IdHUw2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
server: nginx
access-control-allow-origin: http://rec-advisors.org
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 36084104.jpg
s1.adform.net/Banners/36084104/ Frame 752C 39 KB
40 KB 38ms
36ms Image
image/jpeg 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/36084104/36084104.jpg?bv=2

Requested by

Host: rec-advisors.org
URL: http://rec-advisors.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f67142b7f43fec11c70224c4ec8b460ca582c8a9cfdde5b495ecc7dd8f7e8242

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
last-modified: Mon, 02 Dec 2019 21:51:58 GMT
server: nginx
access-control-allow-origin: *
etag: "5de5877e-9d7e"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 40318

GET
H/1.1 200
OK madinad_props.js Show response
madinad-data.s3.amazonaws.com/v3/static/ 2 KB
2 KB 163ms
48ms Script
application/javascript 52.218.98.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://madinad-data.s3.amazonaws.com/v3/static/madinad_props.js
Requested by: Host: static.madinad.com
URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.98.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c175b480708b29b5e865112b7a0fedaa03b53211125f0c913eb9ff781034dc32

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:47 GMT
Last-Modified: Thu, 21 Nov 2019 11:02:32 GMT
Server: AmazonS3
x-amz-request-id: 03C849A77883DBD1
ETag: "2fbb79f4a62f030825387399661d3dba"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1792
x-amz-id-2: FOtzlQerhB3n2aXBVh7ePuiK3upgk0pufkOEFAIbGHQZqWdPQ+U0rCO0P0JNCfIz9D8eWtXvjzc=

GET
H2 200 va_content.vast.min.css
www.vidads.gr/css/ 41 KB
7 KB 7ms
7ms Stylesheet
text/css 2a01:4f8:110:5005::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vidads.gr/css/va_content.vast.min.css?v=2.13
Requested by: Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
last-modified: Thu, 11 Jul 2019 08:53:50 GMT
server: nginx/1.16.1
etag: "a554-58d63eec89310-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=5184000
x-route: http1
accept-ranges: bytes
content-length: 6926
expires: Sat, 08 Feb 2020 01:43:46 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 267 KB
91 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2756cf2cd474375aa3bbbec452aabc1c016c3379bc8198710b41a02fc8faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92689
x-xss-protection: 0
expires: Tue, 10 Dec 2019 01:43:46 GMT

GET
H2 200 ad-tag Show response
api-v3.madinad.com/ads/ 2 KB
1 KB 274ms
233ms XHR
application/json 2606:4700:30::681f:4c17
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v3.madinad.com/ads/ad-tag?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8&device=desktop&os=other

Requested by

Host: static.madinad.com
URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:4c17 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3781d068a6be81fd71ccdd9ca4188b08bc1b3a9b01b4196c73512a848fd037

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org

Response headers

date: Tue, 10 Dec 2019 01:43:46 GMT
content-encoding: br
status: 200
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 542b87a4dd8acba4-VIE

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F1C3 42 B
112 B 14ms
14ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyiPKKNIxshpcK0l9swO_zm9NZbKInbTwlBhhd-u1UtWhwuj3fVVztofEMLFIGvB7Mc7PJy0Rr3NpUCoIT5QsWKQ4EuDqEYcnXJRw53wA&sig=Cg0ArKJSzFgRDGoJvwPUEAE&id=ampim&o=8,470&d=1920,1000&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=195&tls=1196&g=58.72682332992554&h=58.72682332992554&pt=533&tt=1196&rpt=533&rst=1575942225444&r=v&adk=3307054402&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:46 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html
madinad-data.s3.amazonaws.com/v3/campaign_assets/1866bce5-5b37-4676-99cd-32fd06ed9675/87582ef5-b59a-4226-b534-a975e7e78616/ Frame AF8E 0
0 84ms
42ms Document
text/html 52.218.98.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://madinad-data.s3.amazonaws.com/v3/campaign_assets/1866bce5-5b37-4676-99cd-32fd06ed9675/87582ef5-b59a-4226-b534-a975e7e78616/index.html?creative_id=87582ef5-b59a-4226-b534-a975e7e78616&campaign_id=1866bce5-5b37-4676-99cd-32fd06ed9675&website_id=56122d08-3ff8-4eeb-b504-ab78216d4ec8&auto_close_timeout=0
Requested by: Host: static.madinad.com
URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.98.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Host: madinad-data.s3.amazonaws.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://rec-advisors.org/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://rec-advisors.org/

Response headers

x-amz-id-2: NIbpeFyUHhpxp8WTcD0T6sh/V0q7O7AwCP7iO6Z0Bm2xA+5JUqcZ+QBio8U82kZ8u5qhqzfe0wM=
x-amz-request-id: 94D3C9F3040001E2
Date: Tue, 10 Dec 2019 01:43:47 GMT
Last-Modified: Thu, 05 Dec 2019 13:48:55 GMT
ETag: "f11298cde096fde368d69dbf81fee3cf"
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Type: text/html
Content-Length: 33353
Server: AmazonS3

GET
H/1.1 200
OK FP.js Show response
madinad-data.s3.amazonaws.com/v3/static/ 682 B
1 KB 42ms
42ms Script
application/javascript 52.218.98.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://madinad-data.s3.amazonaws.com/v3/static/FP.js
Requested by: Host: static.madinad.com
URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.98.194 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-3-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0adcd277e0388b813cf864309d51fa9d1b57596daf74823f6e8aebdeeec9273d

Request headers

Referer: http://rec-advisors.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 01:43:47 GMT
Last-Modified: Mon, 21 May 2018 14:18:24 GMT
Server: AmazonS3
x-amz-request-id: 8F7FFAAA8D54605F
ETag: "2f2f5a18c7667874434e1cc44959edf9"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 682
x-amz-id-2: dgDK154GvHuXhDmjgtiN8S1BmhzimtJJ9v3pC0+sxc/cn91VYYLZ6zPrIhabC00r/ViQd8hAPjE=

POST
H2 200 /
a1.adform.net/serving/unload/ Frame 752C 35 B
414 B 33ms
33ms Other
image/gif 37.157.2.239
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.adform.net/serving/unload/?version=15&unload=-974847926989435957@@34465615,811794660777853503,0|0|0|0|0|0|0|0|0||0|0|||||1|0|0|9xWNexEWVZY-L997hsw8LJVOnXOTOEdAtiRSCq4fs3u_E54P27AIdSgsPa3ZkcMAZ3HX3-jNxZE1|||11|0
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/620/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://rec-advisors.org/
Origin: http://rec-advisors.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 01:43:51 GMT
server: nginx
access-control-allow-origin: http://rec-advisors.org
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.qds.ninja
URL: https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 05:45:43	Name: test_cookie Value: CheckForPermission

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://rec-advisors.org/(Line 53) Message: has skin
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds [object Object]
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Frec-advisors.org%2F
console-api	info	URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48) Message: VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Frec-advisors.org%2F
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 http://rec-advisors.org/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8(Line 1) Message: incomplete
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 http://rec-advisors.org/
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: http://rec-advisors.org/(Line 78) Message: [object Object]
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019112501.js(Line 1) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	log	URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8(Line 1) Message: https://api-v3.madinad.com/ads/ad-tag?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8&device=desktop&os=other
console-api	log	URL: https://static.madinad.com/static/madinad-sdk.min.js?adtag=69143451-361e-460a-a695-40e1493eb28f&a=56122d08-3ff8-4eeb-b504-ab78216d4ec8(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1.adform.net
ad.doubleclick.net
adservice.google.de
ajax.googleapis.com
api-v3.madinad.com
api.yallarec.com
app.exitbee.com
bidder.criteo.com
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
files.missbloom.gr
googleads.g.doubleclick.net
imasdk.googleapis.com
img9-api.yallarec.com
js.agkn.com
logw312.ati-host.net
madinad-data.s3.amazonaws.com
pagead2.googlesyndication.com
platform.instagram.com
rec-advisors.org
s1.adform.net
securepubads.g.doubleclick.net
static.criteo.net
static.madinad.com
t.qds.ninja
tag.aticdn.net
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
t.qds.ninja
104.111.224.123
172.217.21.230
172.217.22.34
178.250.2.130
178.250.2.152
2.16.186.152
2.16.186.248
23.45.99.146
2600:9000:2156:4200:15:efbc:e300:93a1
2600:9000:2156:c200:19:fc2c:a140:93a1
2606:4700:30::681f:4c17
2606:4700:30::681f:4d17
2606:4700:30::681f:5a50
2606:4700::6811:4004
2606:4700::6812:e234
2607:f8b0:4002:c09::5e
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:816::200a
2a00:1450:4001:817::2002
2a00:1450:4001:824::200a
2a01:4f8:110:5005::2
2a02:26f0:6c00:287::3b8c
2a02:26f0:6c00:28d::3b8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80c4:face:b00c:0:43fe
2a03:2880:f21c:80e5:face:b00c:0:4420
35.240.50.85
37.157.2.239
37.157.2.248
52.218.98.194
95.142.20.17
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
0adcd277e0388b813cf864309d51fa9d1b57596daf74823f6e8aebdeeec9273d
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
0dc41d4ae88e91347bda973815230c8ddfc870c357b681cdb5407d4c4716031e
0ea390ef97ab3392f04e9ccd35d1ea56f4bdecd140ad348df52a505b19e93fc2
0f2756cf2cd474375aa3bbbec452aabc1c016c3379bc8198710b41a02fc8faec
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116890c2f62f32153ab0f046b698c6204086c35a9678a3d3ba219e681f517fdf
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
1c805bc236ef2efe999e3d29d8664ab4234308a1b4b83288fcf6e5330ff640bf
1c9c9ec0ca19999de7080554a20c1ed3c101d25cc6f9f7a196bd9a2183b93dfe
1e96a23c7d04016dcec94f9f67e29901dc403f694bdf5471749f34893bcaded5
2375d8221e1bb40da79565249dc8437f67e8f190d12547b8008daeef69eee133
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
260cf5d4d17e068773362b9d5577316f97a7408338c2fd97ab86b9dacf828a74
264a516eb71dd0a58761b141916976809bb93eeb2ba76dfceb2351af28b62858
30524ff4955653cc592d92ff6faff230d201fe166242858d5aa5027e9f1fe429
3c3781d068a6be81fd71ccdd9ca4188b08bc1b3a9b01b4196c73512a848fd037
43bece01c9a33fb1773ea36dc6a1b015636f402cc22b450b228078bb3fc9c69d
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
44aae6fbe386483965d5e393b0618b2bf5e27a6910b8f3e9ff3cadd62bacbabd
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4a299d9d6cf29bcd203ccdb8e8dba3b772e73b0c904c093b8a9ab0fa0c68097e
4c15d30095cef7d2b7e63d5c857184e01b9d27c31f0ccfdb16f4422875c31c2e
4dc4b6690119607d08ca2ab945adeb1fc1857c54722098f63046007c7bf02048
555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129
576e016aeb400b87d4af02d6ac1c1ca69f960c7e3233b778b91336df8604585a
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
710ea187232328f0c76fe8be0706ecf4b27bf51849d51432279927b360ecfc8e
71b52274b1b43661e6523b2774c9fa98a673e1861703bea5f32d75a32a850394
7445bbd2dbe2678c13788e4b231f28674b4a24170f8fab8fd2747edbfa546298
77ee1ad92dda433d656338d3b5e3cc17dc5fa3374b593f991f93afd5474b44fc
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
816d711fcab3fb242c5a83a2feaf62f5a2aa7988e79b28ae9d0881d789b9f940
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
8717984eae5054df74e129eb16b333ffd757fcc58d1a2ace917c938f85be14e3
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5
88b97f99230caae9f71ee79ae058e8d22496f4467950ae5227e9004462e44b09
8c33a3c1fa742224fa740c87f3eb0e31f9d5d6ab4ef219c559c9bb53629abe4e
8d56ea1d3003eef6edf02bd9c64cd1fbe7fbf3fed5eaf52bd1c14abc426ef75f
8e6ae64c22124a1624cf12413a6b50d3e3f6ef1ac27cf00307442439a096c5fb
923e3df8409577c2bd1d0464c45fb54ef1a822a6a44daf04d052fbcc199e1080
92a7b5f515524bcd223a232857febabef4d214abda1128633635a16c453d825a
9310181a5c8f45594238dbdbcd66b8e3565616679e4567febb9b77a30ab2af2a
957f06c2b4c8b7860dfea6fc9c22b0ebbb93b0f578ab7ea119cfab3cc2a683b6
99c973f51d892f2c399baeb29c0caad19c4fde2c231e5e614086ef129128152d
9bb5bfa0c708b318edb4bbe3688b1d49f03f23e6012399a9c09ed956a5d59174
9d1669b8e04aabf7547e96dfe1f693dacb413ee8a22570ba5bb6af9b79c749e0
a72174780909d99f6b2d8382fcb948d7437dddc0ab71d477ff4b178594c46818
aa3d8c0bac814575a360461a2323eba6056173f68792df5d68892a0c8c687395
ab3f5cf60ad656cc5ac32599eec8414a69abef3fce339684e1cc2c978f3ac41a
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
af44accef61b7a0a8954f6eafe5a8c54c71ebedd5a18aa2867b8538d6bac2a0d
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1acac2c15b1907a7ed794258c648c0b9c1b6da970bb398c8cb67f767cd45d
b2d5219c3cf966c1c3249e3f1121270b8ddfd6c396ad9a0f3d219a5229a21cff
b77bea70e57eaae2f1d6c34b4d8a330f55959c607c7ed1a37ff402d37759deef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc094c837491f955ee77cb90869ce0845d15be34a618720b291d863f8bf12f78
becd9259217686a73b034917730ae4a364d6fbc7b4bba25add0e8d1aa8d911ff
c175b480708b29b5e865112b7a0fedaa03b53211125f0c913eb9ff781034dc32
c306410c40fd5b02c5c78c103a71fceb1d24e13a85a7fac6f0f6bba96aad6f73
c35b402bb75207e7c3f938f914c60eb980b91462ff04a984c921f174681fc169
c64c8b6f4352fdf4ab136ad246bfd35d448c97380baec04d39f39c29e16629ee
cca673acb618cf5b0e66e0a997721cbd2635b3c73c428b69c973a5f99dbadb67
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
d4248b10d5d3c8a949fe2f3e29bfcc5880f0739c74a925c075fe520cedc8c1d9
d4fdc4225be0d1e88150f730c5c87851770bd0461b26f4254faed13863e7cd26
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
dd17c0eca20e66ff39e41204e550b90d9d424cba9045f06f45f1660803c66f2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a1bcdabeb5a42e5814fc077072b90600178a1007f0e54a463063ba0e91c8ff
f3e776e2f47dfd8f34d39f74e5df422347de63d223c8ebd0de142d6fea96fc96
f4875c5fe6282b0f39ab84caecd5bd9933de93f60586b3510dd120d8c784af02
f5110a760bffe7bc4532d967f6a2b7c41ed5853ac0b42ad0b79b78641a151bae
f67142b7f43fec11c70224c4ec8b460ca582c8a9cfdde5b495ecc7dd8f7e8242
f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246
faea73d1988e95138d7eff1fe4e81a7d692f2117b996cdc6c78dd0dd457374e5
fc1839c7b03742d4dbcd1dbb53053026f5fde39c775563eb7233695550e17fe2
fd4527d26e1b13db1a61c723e35cd1428f95e42692a10e24fafb6eb5561a9084

rec-advisors.org Open in urlscan Pro 2606:4700:30::681f:5a50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

115 Requests

72 %HTTPS

63 %IPv6

28 Domains

39 Subdomains

34 IPs

8 Countries

2100 kBTransfer

5377 kBSize

1 Cookies

26 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

rec-advisors.org Open in urlscan Pro
2606:4700:30::681f:5a50 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

72 %
HTTPS

63 %
IPv6

28
Domains

39
Subdomains

34
IPs

8
Countries

2100 kB
Transfer

5377 kB
Size

1
Cookies

115 HTTP transactions
6 data transactions