URL: http://cokrnwallis.cf/
Submission: On January 02 via api from DE

Summary

This website contacted 27 IPs in 8 countries across 25 domains to perform 100 HTTP transactions. The main IP is 2606:4700:30::6818:78db, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is cokrnwallis.cf.
This is the only time cokrnwallis.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.108.39.160 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
9 2.16.181.41 20940 (AKAMAI-ASN1)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
1 3 2a03:2880:f21... 32934 (FACEBOOK)
3 2a01:4f8:110:... 24940 (HETZNER-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
16 172.217.21.194 15169 (GOOGLE)
1 1 23.14.94.22 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
17 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 35.240.50.85 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 172.217.22.6 15169 (GOOGLE)
1 95.142.20.17 20645 (PUREPEAK-ASN)
3 2a00:1450:400... 15169 (GOOGLE)
2 3 104.111.224.123 16625 (AKAMAI-AS)
3 178.250.0.130 44788 (ASN-CRITE...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 62.103.124.31 6799 (OTENET-GR...)
1 178.250.0.165 44788 (ASN-CRITE...)
100 27
Domain Requested by
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
cokrnwallis.cf
15 img9-api.yallarec.com cokrnwallis.cf
8 cokrnwallis.cf cokrnwallis.cf
7 files.missbloom.gr cokrnwallis.cf
4 pagead2.googlesyndication.com cokrnwallis.cf
pagead2.googlesyndication.com
4 www.googletagservices.com cokrnwallis.cf
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 talos.adman.gr static.adman.gr
talos.adman.gr
3 static.criteo.net widget.yallarec.com
cokrnwallis.cf
3 logw312.ati-host.net 2 redirects cokrnwallis.cf
3 cdn.ampproject.org securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
cokrnwallis.cf
3 www.vidads.gr cokrnwallis.cf
www.vidads.gr
3 www.instagram.com 1 redirects cokrnwallis.cf
www.instagram.com
2 static.adman.gr cokrnwallis.cf
static.adman.gr
2 ad.doubleclick.net 1 redirects cokrnwallis.cf
2 www.facebook.com cokrnwallis.cf
connect.facebook.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net cokrnwallis.cf
connect.facebook.net
2 widget.yallarec.com cokrnwallis.cf
widget.yallarec.com
2 www.missbloom.gr 1 redirects cokrnwallis.cf
2 cdnjs.cloudflare.com cokrnwallis.cf
1 obj.adman.gr cokrnwallis.cf
1 bidder.criteo.com static.criteo.net
1 api.yallarec.com widget.yallarec.com
1 ajax.googleapis.com widget.yallarec.com
1 d.agkn.com js.agkn.com
1 imasdk.googleapis.com www.vidads.gr
1 app.exitbee.com cokrnwallis.cf
1 adservice.google.de www.googletagservices.com
1 www.google-analytics.com cokrnwallis.cf
1 cdn.onesignal.com cokrnwallis.cf
1 js.agkn.com cokrnwallis.cf
1 www.capital.gr cokrnwallis.cf
1 platform.instagram.com 1 redirects
1 tag.aticdn.net cokrnwallis.cf
0 t.qds.ninja Failed cokrnwallis.cf
100 36
Subject Issuer Validity Valid
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
tag.aticdn.net
GeoTrust RSA CA 2018
2019-01-25 -
2020-03-25
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
capital.gr
Let's Encrypt Authority X3
2019-12-03 -
2020-03-02
3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2019-12-08 -
2020-03-06
3 months crt.sh
ssl2.nemohq.gr
Let's Encrypt Authority X3
2019-11-24 -
2020-02-22
3 months crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-10-11 -
2020-04-18
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-12-06 -
2020-03-05
3 months crt.sh
app.exitbee.com
SSL.com RSA SSL subCA
2019-07-08 -
2020-10-04
a year crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
misc-sni.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.ati-host.net
DigiCert SHA2 Secure Server CA
2019-01-24 -
2020-04-24
a year crt.sh
*.criteo.net
DigiCert ECC Secure Server CA
2019-12-03 -
2021-04-06
a year crt.sh
*.adman.gr
COMODO RSA Domain Validation Secure Server CA
2018-10-15 -
2020-11-04
2 years crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2019-12-05 -
2021-04-08
a year crt.sh

This page contains 9 frames:

Primary Page: http://cokrnwallis.cf/
Frame ID: 819EB8FBE73A44977D1044368B668CA8
Requests: 80 HTTP requests in this frame

Frame: https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcokrnwallis.cf&rp=%2F
Frame ID: C6CE9D13EBC7A74B5EFF62B7962B506E
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=847158031&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fcokrnwallis.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: C44312FF4AC5158302803F8C46304753
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 4B35C98F12A20489C64A315C97656B9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcokrnwallis.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577996166596&bpp=16&bdt=914&fdt=55&idt=55&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8104631528384&frm=20&pv=2&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&ga_fc=0&iag=0&icsg=35325077094435&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=4367039811638339&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=67
Frame ID: 400E6456ABE000351B8766080D010BD9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV_oBMIircMdD2yisQMGbycT5Lfuz2fcmdtBkaYXNpcp9RmPqsbbTdZReRxAusM46PxSgnNFJpf8LN4QugOvsuYqVhDImNAmF9qEG6QB3IwEyJye6cttOQ1DSDFVOLie-oLMHS5GKaGypPY_sDQECWkNdHnTn_LFKOPBL47f9LPxlHZG_fFqDR160uFLg50gCnzNFwQG3ijZjHsai2Ycq371ULjr6xw7z0n9MxPJk1HpVhcFuHh0Bpxlv7brgJdagjpDebS3pazsbXuPtk0CXoKLaUig&sai=AMfl-YQj0v4lI8XSxWfNgh44vVrCWZHJ3LOlQBN_MA7ycKwfRKo32ofhm17XJ8m-HphFxlz7AVTFr7IdhghSFbqcb1grgFoFb4M5Qy3dUT29kA&sig=Cg0ArKJSzLeRJKiHTQOZEAE&urlfix=1&adurl=
Frame ID: BEF17D9566B8C93B71D04F9FE6331226
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Frame ID: C7B3310CBCBC59BBDD4CBB2EF694DE9B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: ED76D4AC3F1032681BF7DC5726F8F169
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaW2SKPgeKnont7CRZgMUfgvQYya0L8r7C-QJoNTm0ZiPeeeoHctvl7BYC7srHrEFfGVfDhbpKvCCLqIsy7f8tT-EkfWfkjt7Y19j7osqVNAOe6e1QwHdwdujI5qXcRECb8J7PgNltY1qmlIGsDaTRk0Hiun7ZD6Ux7ulNwDH5AL0XrhluC0mP-AolR-9sUQsy8q1goFijhpHFrZUgiSw0bd9Dx1gXnRSkFXGV92J8R6ljPBXhMG50pwCnDtDolTEmBrsv4gQqBUAT&sai=AMfl-YSJD55im7Sd06MxCNiQ8oCdPDcwDB4uocxBv1l9YdWzygkvq1H-fhM6knXdyERG5miyLKf3p8i-y8elvHrZMC3vKVB_8btHzN5eFyYSrQ&sig=Cg0ArKJSzLc9A_r8_wAkEAE&urlfix=1&adurl=
Frame ID: 6249F77222085A61DCD097CE0EE33FFD
Requests: 8 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

100
Requests

65 %
HTTPS

61 %
IPv6

25
Domains

36
Subdomains

27
IPs

8
Countries

1871 kB
Transfer

4605 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://platform.instagram.com/en_US/embeds.js HTTP 307
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
Request Chain 27
  • http://www.missbloom.gr/xtcore.js HTTP 301
  • https://www.missbloom.gr/xtcore.js
Request Chain 59
  • https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_pre=CKej7Ofd5eYCFZuMdwod0tIBuA;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Request Chain 69
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref= HTTP 302
  • https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref= HTTP 302
  • https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=&Rdt=On

100 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
cokrnwallis.cf/
49 KB
15 KB
Document
General
Full URL
http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c

Request headers

Host
cokrnwallis.cf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d224775a8ad7eef0c428f5b4c3b1492f31577996165; expires=Sat, 01-Feb-20 20:16:05 GMT; path=/; domain=.cokrnwallis.cf; HttpOnly; SameSite=Lax
Last-Modified
Sun, 10 Feb 2019 16:02:05 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54ef68a28ced6437-FRA
Content-Encoding
gzip
579d0.single.include.4e2fc8.css
cokrnwallis.cf/wp-content/cache/minify/
69 KB
15 KB
Stylesheet
General
Full URL
http://cokrnwallis.cf/wp-content/cache/minify/579d0.single.include.4e2fc8.css
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
37abe9a77eb72a3ffb717f9c9290b00b258ca583e84a2c35f9ea7411343f3831

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:06 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a39bacc286-FRA
579d0.default.include.3de91f.js
cokrnwallis.cf/wp-content/cache/minify/
193 KB
31 KB
Script
General
Full URL
http://cokrnwallis.cf/wp-content/cache/minify/579d0.default.include.3de91f.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1774776862071d2068d5a365dba67548f391530a10459f4022ff7da3a1bc21eb

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a39da0beec-FRA
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:05 GMT
content-encoding
br
cf-cache-status
HIT
age
5490392
cf-ray
54ef68a38f50c272-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 22 Dec 2020 20:16:05 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:05 GMT
content-encoding
br
cf-cache-status
HIT
age
13955301
cf-ray
54ef68a38f57c272-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 22 Dec 2020 20:16:05 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
style.css
cokrnwallis.cf/wp-content/themes/mb17s/css/
79 KB
17 KB
Stylesheet
General
Full URL
http://cokrnwallis.cf/wp-content/themes/mb17s/css/style.css?v=20180727
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3174003a7f82a954d93d77cb0164bbfce6139b9640bb2276337d8f1d6c599eda

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a398d9d6b5-FRA
smarttag.js
tag.aticdn.net/
69 KB
20 KB
Script
General
Full URL
https://tag.aticdn.net/smarttag.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.39.160 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-39-160.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
184792214632ebdae4de5519287f27b514411716fdd31ca174412d787d41cb87

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Oq_j.VJ8L8q7RfA.uKlmpkdrtHr.ZLew
Content-Encoding
gzip
Last-Modified
Wed, 11 Dec 2019 10:10:08 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=600
Date
Thu, 02 Jan 2020 20:16:06 GMT
Connection
keep-alive
Content-Length
20194
X-Amz-Cf-Id
DB5rJegXHTRm3x6i7C14xSKFZXzhOnsenbJd-Dnw-9Z6jznc29IAXg==
gpt.js
www.googletagservices.com/tag/js/
52 KB
16 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
937cd65358bb06e56592a15d0d8ea8cf835f21d222584495c02b93975a0710b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"386 / 171 of 1000 / last-modified: 1577995655"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15894
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:05 GMT
main.js
cokrnwallis.cf/wp-content/themes/mb17s/js/
151 KB
31 KB
Script
General
Full URL
http://cokrnwallis.cf/wp-content/themes/mb17s/js/main.js?v=20180727
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1669b8e04aabf7547e96dfe1f693dacb413ee8a22570ba5bb6af9b79c749e0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:05 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a39e8fd6fd-FRA
missbloom-logo-p.svg
cokrnwallis.cf/wp-content/themes/mb17s/images/logo/
39 KB
39 KB
Image
General
Full URL
http://cokrnwallis.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:05 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a3be3fdfeb-FRA
Screenshot_1-6.jpg
files.missbloom.gr/2016/09/
68 KB
68 KB
Image
General
Full URL
https://files.missbloom.gr/2016/09/Screenshot_1-6.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=86400
last-modified
Mon, 05 Sep 2016 10:31:56 GMT
server
nginx
etag
"57cd499c-10f17"
content-type
image/jpeg
status
200
cache-control
max-age=8640000
date
Thu, 02 Jan 2020 20:16:06 GMT
accept-ranges
bytes
content-length
69399
expires
Sat, 11 Apr 2020 20:16:06 GMT
bf4a12bd69f3.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • http://platform.instagram.com/en_US/embeds.js
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
15 KB
5 KB
Script
General
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 07:52:51 GMT
x-fb-trip-id
1679558926
access-control-allow-origin
*
etag
"bf4a12bd69f3"
vary
Accept-Encoding
content-type
text/javascript
status
200
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4925

Redirect headers

status
302
date
Thu, 02 Jan 2020 20:16:06 GMT
x-fb-trip-id
1679558926
cache-control
max-age=21600
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
content-type
text/html; charset=utf-8
4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
files.missbloom.gr/2016/09/
0
0
Image
General
Full URL
https://files.missbloom.gr/2016/09/4553_DOYKISA_NOMIKOY_1982016-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

gb-200x200.jpg
files.missbloom.gr/2016/09/
0
0
Image
General
Full URL
https://files.missbloom.gr/2016/09/gb-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

va_content.vast.js
www.vidads.gr/scripts/
291 KB
76 KB
Script
General
Full URL
https://www.vidads.gr/scripts/va_content.vast.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 14:18:29 GMT
server
nginx/1.16.1
etag
"48ac3-59685fd6653e4-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600
x-route
http1
accept-ranges
bytes
expires
Thu, 02 Jan 2020 21:16:06 GMT
64508-lily%20james-smile-200x200.jpg
files.missbloom.gr/pics/
0
0
Image
General
Full URL
https://files.missbloom.gr/pics/64508-lily%20james-smile-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

67238-ABACA_521931_091-200x200.jpg
files.missbloom.gr/pics/
0
0
Image
General
Full URL
https://files.missbloom.gr/pics/67238-ABACA_521931_091-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

25031-jon-hamm-default-200x200.jpg
files.missbloom.gr/pics/
0
0
Image
General
Full URL
https://files.missbloom.gr/pics/25031-jon-hamm-default-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

IMG_9544-200x200.jpg
files.missbloom.gr/2016/05/
0
0
Image
General
Full URL
https://files.missbloom.gr/2016/05/IMG_9544-200x200.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

preloadBar.gif
www.capital.gr/Content2017/images/
25 KB
25 KB
Image
General
Full URL
https://www.capital.gr/Content2017/images/preloadBar.gif
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 /
Resource Hash
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
last-modified
Tue, 04 Dec 2018 16:43:52 GMT
server
Microsoft-IIS/8.5
etag
"691c58af08bd41:0"
content-type
image/gif
status
200
cache-control
max-age=15552000
accept-ranges
bytes
content-length
25323
tag.js
js.agkn.com/prod/v0/
3 KB
4 KB
Script
General
Full URL
http://js.agkn.com/prod/v0/tag.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2600:9000:21f3:c600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 01:12:25 GMT
Via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Last-Modified
Tue, 22 Oct 2019 20:22:52 GMT
Server
AmazonS3
Age
84616
ETag
"f53f55cbab099be3a970b446a66c496a"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
X-Amz-Cf-Pop
FRA2-C2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3167
X-Amz-Cf-Id
JWKt8ukHR5iOV654A1MFjmexExjACOflc7Xl8z4weIzV862YHppE-g==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
104 KB
38 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:06 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
5281130449454371869
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
37934
X-XSS-Protection
0
Expires
Thu, 02 Jan 2020 20:16:06 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1054
etag
W/"2a5de8dd720175aa229445a5937a6c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
54ef68a8bb50dfbf-FRA
expires
Fri, 03 Jan 2020 08:16:06 GMT
wp-embed.min.js
cokrnwallis.cf/wp-includes/js/
121 KB
26 KB
Script
General
Full URL
http://cokrnwallis.cf/wp-includes/js/wp-embed.min.js?ver=4.9.7
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
146c3422a9d7e5fe83f717646225d152b89863e9fd0e10a4e1efdd171dac13e5

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:06 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a4df11c286-FRA
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
6149
date
Thu, 02 Jan 2020 18:33:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 02 Jan 2020 20:33:37 GMT
pubads_impl_2019121002.js
securepubads.g.doubleclick.net/gpt/
163 KB
60 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
60922
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
integrator.sync.js
adservice.google.de/adsid/
113 B
178 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=cokrnwallis.cf
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
482
t.qds.ninja/t/
0
0

xtcore.js
www.missbloom.gr/
Redirect Chain
  • http://www.missbloom.gr/xtcore.js
  • https://www.missbloom.gr/xtcore.js
19 KB
8 KB
Script
General
Full URL
https://www.missbloom.gr/xtcore.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.181.41 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-181-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
last-modified
Thu, 26 Nov 2015 09:49:24 GMT
server
nginx
etag
"5656d5a4-4ae0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
7522
expires
Thu, 16 Jan 2020 20:16:06 GMT

Redirect headers

Location
https://www.missbloom.gr/xtcore.js
Date
Thu, 02 Jan 2020 20:16:06 GMT
Cache-Control
max-age=0
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Expires
Thu, 02 Jan 2020 20:16:06 GMT
ads
securepubads.g.doubleclick.net/gampad/
378 B
364 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_skin&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166499&dlt=1577996165682&idt=790&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=470&adk=3307054402&uci=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=21&icsg=49836&std=0&csl=63&vis=1&scr_x=0&scr_y=0&psz=1584x463&msz=1584x1&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
62143c604af1e6f5d9e6fb2e374a120b63a2c81122415a2d03106e18ace7f1c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019121002.js
securepubads.g.doubleclick.net/gpt/
64 KB
24 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Dec 2019 17:29:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24811
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

ads
securepubads.g.doubleclick.net/gampad/
4 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_prest&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166507&dlt=1577996165682&idt=790&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=471&adk=1273862343&uci=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=23&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1584x464&msz=1x-1&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ccd7e42e7ffe5a4bdec8582335ae9f744256033da3b4c69fa203e5649bef1fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2200
x-xss-protection
0
google-lineitem-id
5252428520
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298518561
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
15 KB
5 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_728x90&sz=728x90%7C940x200%7C960x250%7C970x70%7C970x200%7C970x60%7C970x90%7C990x90%7C990x250%7C970x250%7C970x310%7C1000x250%7C1000x300&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166510&dlt=1577996165682&idt=790&frm=20&biw=1600&bih=1200&oid=3&adx=8&ady=472&adk=248121373&uci=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=26&icsg=2146988&std=0&csl=70&vis=1&scr_x=0&scr_y=0&psz=1584x90&msz=1584x90&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3c27fcc1e14fd8c7dfb09211be1bd79642e96087150c17ca5df8f0a3bbcc8ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4568
x-xss-protection
0
google-lineitem-id
5255843507
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298682321
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
383 B
360 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_button&sz=300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166515&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1128&adk=1522238017&uci=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=28&icsg=2146988&std=0&csl=65&vis=1&scr_x=0&scr_y=0&psz=1569x150&msz=1569x150&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
467fc66deb265d2d76cb1e3c4b24d081d94497ce9241e0d58c7e3edd88715af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
198
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
386 B
368 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_300*250A&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166518&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1278&adk=1354387185&uci=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=29&icsg=2146988&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
aedf1ea5c3eac68e1ef6ededcf7e70b58b7259d5314a710597e7ea052cbd7cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
207
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
395 B
372 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2FInRead_infeed_Missbloom_AdX&sz=192x256%7C256x192%7C144x256%7C320x50%7C256x256%7C300x250%7C320x180%7C300x100%7C320x250%7C256x144%7C640x480&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166525&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=1596&adk=2055048688&uci=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=30&icsg=2146988&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x308&msz=1569x256&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
c61e277f67e063bec4ff28f6f033d540a7dfe5503f40b30090d1f73fec6e8611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
211
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
_yalla_loader.js
widget.yallarec.com/
134 KB
28 KB
Script
General
Full URL
http://widget.yallarec.com/_yalla_loader.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
f5110a760bffe7bc4532d967f6a2b7c41ed5853ac0b42ad0b79b78641a151bae

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jan 2020 11:57:25 GMT
Server
nginx
ETag
W/"5e0c8925-21800"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
28346
Expires
Thu, 02 Jan 2020 22:16:06 GMT
ads
securepubads.g.doubleclick.net/gampad/
4 KB
2 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_300*250B&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166538&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3120&adk=3543098062&uci=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=37&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fc56bb3fa5b170d42f27874983f471c1e429a5dbde2ae30cdb6de6228af4c1d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2193
x-xss-protection
0
google-lineitem-id
5252324393
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138298414322
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
11 KB
6 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_300*250C&sz=300x250%7C300x600&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166541&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3370&adk=1034747580&uci=8&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=38&icsg=34351808&std=0&csl=74&vis=1&scr_x=0&scr_y=0&psz=1569x250&msz=1569x250&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
bc1e8c31b52d916e55aa1676e71253517977717138d5aba855421fe1e0dc2506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6359
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
386 B
361 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_textlink&sz=300x200%7C300x150%7C300x100%7C300x120%7C300x110&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166544&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=3620&adk=926066986&uci=9&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=39&icsg=34351808&std=0&csl=68&vis=1&scr_x=0&scr_y=0&psz=1569x200&msz=1569x200&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b4811cb5d1f52c9ab524f4b34b4c5302130d1d74c9efbc7aa96c048da48db558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
200
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
396 B
371 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2Fmissbloom_728x90_bottom&sz=728x90%7C970x200%7C990x250%7C970x250%7C1000x250%7C1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166557&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=5618&adk=1019512580&uci=a&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=40&icsg=34351808&std=0&csl=77&vis=1&scr_x=0&scr_y=0&psz=1569x90&msz=1569x90&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8489de8a67bbb3132eaee09eb911cff225d475918ce19175b7c03fbfae49c26f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
210
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
missbloom-logo-p.svg
cokrnwallis.cf/wp-content/themes/mb17s/images/logo/
64 KB
64 KB
Image
General
Full URL
http://cokrnwallis.cf/wp-content/themes/mb17s/images/logo/missbloom-logo-p.svg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:30::6818:78db , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:06 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 10 Feb 2019 16:02:03 GMT
Server
cloudflare
Age
1
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68a90efbd6fd-FRA
636
www.vidads.gr/get/video/vast3/
97 B
586 B
XHR
General
Full URL
https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcokrnwallis.cf%2F
Requested by
Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.2.26
Resource Hash
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
PHP/7.2.26
status
200
pragma
no-cache
x-route
http1
last-modified
Thu, 02 Jan 2020 20:16:06 GMT
server
nginx/1.16.1
vary
Accept-Encoding
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
x-time
0.028107166290283
expires
Mon, 26 Jul 1997 05:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
d0qXOrYyhbxmZwtYrddv4vmD9i9UpHXW+lu/LEQCq0ox9rwvMoT43iHAcJ+xJlvMpkeYEjWhNjLBDMFmWmNYfw==
x-fb-trip-id
1850256238
date
Thu, 02 Jan 2020 20:16:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
379 B
359 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4367039811638339&correlator=753084269167700&output=ldjh&impl=fif&adsid=NT&eid=21063636&vrg=2019121002&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200102&iu=%2F3346429%2FMB_Inread_Video&sz=1x1&cust_params=page%3Dros%252Ccelebrities%252Ccelebs-now%252Co-erotas-ine-akoma-zontanos-anamesa-stou%252C176722%26pagetype%3Darticle%26tags%3D&cookie_enabled=1&bc=23&abxe=1&lmt=1549814525&dt=1577996166583&dlt=1577996165682&idt=790&frm=20&biw=1585&bih=1200&oid=3&adx=8&ady=6663&adk=343001862&uci=b&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcokrnwallis.cf%2F&dssz=49&icsg=549628930&std=0&csl=81&vis=1&scr_x=0&scr_y=0&psz=1569x6655&msz=1x-1&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&fws=0&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
eb27d30d5f9aa349dd92fd1cdb4cf125b182bd965aa40000394937152212bdab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
197
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://cokrnwallis.cf
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
exitbee.js
app.exitbee.com/c/366/
0
0
Script
General
Full URL
https://app.exitbee.com/c/366/exitbee.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.240.50.85 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
85.50.240.35.bc.googleusercontent.com
Software
openresty/1.15.8.2 / PHP/7.2.13
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
server
openresty/1.15.8.2
access-control-allow-origin
*
x-powered-by
PHP/7.2.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
403
cache-control
no-cache, private
strict-transport-security
max-age=15724800; includeSubDomains
/
www.instagram.com/p/BJwAgHvAlt9/embed/captioned/ Frame C6CE
0
0
Document
General
Full URL
https://www.instagram.com/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcokrnwallis.cf&rp=%2F
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/bf4a12bd69f3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/p/BJwAgHvAlt9/embed/captioned/?cr=1&v=7&wp=658&rd=http%3A%2F%2Fcokrnwallis.cf&rp=%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cokrnwallis.cf/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/

Response headers

status
429
content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Thu, 02 Jan 2020 20:16:06 GMT
content-length
20614
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src https: data: blob:; font-src https: data:; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://*.cdninstagram.com https://api.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-aed
15
access-control-expose-headers
X-IG-Set-WWW-Claim
x-fb-trip-id
1679558926
va_content.vast.min.css
www.vidads.gr/css/
41 KB
7 KB
Stylesheet
General
Full URL
https://www.vidads.gr/css/va_content.vast.min.css?v=2.13
Requested by
Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:110:5005::2 Heidelberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 08:53:50 GMT
server
nginx/1.16.1
etag
"a554-58d63eec89310-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=5184000
x-route
http1
accept-ranges
bytes
content-length
6926
expires
Mon, 02 Mar 2020 20:16:06 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
267 KB
91 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.vidads.gr
URL: https://www.vidads.gr/scripts/va_content.vast.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
918c4485a28931feb333074355c2f4c2e915ffa51fe70b8797e9432c37b22b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
92690
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
Cookie set /
d.agkn.com/iframe/8613/ Frame C443
0
0
Document
General
Full URL
http://d.agkn.com/iframe/8613/?che=847158031&gdpr=&gdpr_consent=&ref=&bpid=atticagreece&c=%7B%22bpid%22%3A%22atticagreece%22%2C%22loc%22%3A%22http%3A%2F%2Fcokrnwallis.cf%2F%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22-1%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: http://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Server
2600:9000:21f3:5c00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://cokrnwallis.cf/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/

Response headers

Content-Type
text/html;charset=UTF-8
Content-Length
479
Connection
keep-alive
Cache-Control
no-cache, must-revalidate
Date
Thu, 02 Jan 2020 20:16:06 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AasFkQV2ZXwwC6ioIqp4x1d%2F4EPcKBwan;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAloQwGJaEMBgAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache
Miss from cloudfront
Via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
R1UNly85YXG05w9nQfDGUNMLqSV1h6Fa8N-RSq1IXzlQKA31_mV7fg==
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/
245 KB
90 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
91654
x-xss-protection
0
server
cafe
etag
2923717731764352670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 02 Jan 2020 20:16:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 4B35
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cokrnwallis.cf/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 02 Jan 2020 17:43:23 GMT
expires
Thu, 16 Jan 2020 17:43:23 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
9163
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
29 KB
Script
General
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 21 Nov 2019 11:19:29 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
3660997
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
29671
X-XSS-Protection
0
Expires
Fri, 20 Nov 2020 11:19:29 GMT
1047335965285668
connect.facebook.net/signals/config/
447 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1047335965285668?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
85026ed6e7c55531dbc8f499911737ac775594fa3648d49900d14f0b990c79e3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
115096
x-xss-protection
0
pragma
public
x-fb-debug
UEbb6SfzTuBT6akjFMXnBo9/pf2RO9WIMYm9fnwYH6Yzq8en1HZM2NIygEJVmyKGqPGb3Veruif85eSkglRdfw==
x-fb-trip-id
1850256238
date
Thu, 02 Jan 2020 20:16:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 400E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcokrnwallis.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577996166596&bpp=16&bdt=914&fdt=55&idt=55&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8104631528384&frm=20&pv=2&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&ga_fc=0&iag=0&icsg=35325077094435&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=4367039811638339&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=67
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?output=html&adk=1812271804&adf=3025194257&lmt=1549814525&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fcokrnwallis.cf%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1577996166596&bpp=16&bdt=914&fdt=55&idt=55&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=8104631528384&frm=20&pv=2&ga_vid=1317298124.1577996167&ga_sid=1577996167&ga_hid=1087811319&ga_fc=0&iag=0&icsg=35325077094435&dssz=59&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065125&oid=3&pvsid=4367039811638339&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=11&uci=a!b&fsb=1&dtd=67
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cokrnwallis.cf/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/

Response headers

status
400
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 02 Jan 2020 20:16:06 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 02-Jan-2020 20:31:06 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/
78 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1047335965285668&ev=PageView&dl=http%3A%2F%2Fcokrnwallis.cf%2F&rl=&if=false&ts=1577996166708&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1577996166708.865370886&it=1577996166626&coo=false&rqm=GET
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 02 Jan 2020 20:16:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BEF1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvV_oBMIircMdD2yisQMGbycT5Lfuz2fcmdtBkaYXNpcp9RmPqsbbTdZReRxAusM46PxSgnNFJpf8LN4QugOvsuYqVhDImNAmF9qEG6QB3IwEyJye6cttOQ1DSDFVOLie-oLMHS5GKaGypPY_sDQECWkNdHnTn_LFKOPBL47f9LPxlHZG_fFqDR160uFLg50gCnzNFwQG3ijZjHsai2Ycq371ULjr6xw7z0n9MxPJk1HpVhcFuHh0Bpxlv7brgJdagjpDebS3pazsbXuPtk0CXoKLaUig&sai=AMfl-YQj0v4lI8XSxWfNgh44vVrCWZHJ3LOlQBN_MA7ycKwfRKo32ofhm17XJ8m-HphFxlz7AVTFr7IdhghSFbqcb1grgFoFb4M5Qy3dUT29kA&sig=Cg0ArKJSzLeRJKiHTQOZEAE&urlfix=1&adurl=
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jan 2020 20:16:06 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
B23583862.263210618;dc_pre=CKej7Ofd5eYCFZuMdwod0tIBuA;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/ Frame BEF1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
  • https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_pre=CKej7Ofd5eYCFZuMdwod0tIBuA;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_...
42 B
120 B
Fetch
General
Full URL
https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_pre=CKej7Ofd5eYCFZuMdwod0tIBuA;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jan 2020 20:16:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 02 Jan 2020 20:16:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N7033.3291990ATTICAMEDIA/B23583862.263210618;dc_pre=CKej7Ofd5eYCFZuMdwod0tIBuA;dc_trk_aid=458708349;dc_trk_cid=126380590;ord=2088869856;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame BEF1
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:06 GMT
getrecs.json
api.yallarec.com/rec-api/
25 KB
8 KB
Script
General
Full URL
http://api.yallarec.com/rec-api/getrecs.json?cb=yallarec_cb_246382454435690&pubid=185585&webid=175457&wid=117200&recsnum=15&url=http%3A%2F%2Fcokrnwallis.cf%2F&cs=UTF-8&subid=&title=%CE%9D%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD%20%CE%BD%CF%84%CE%BF%CF%85%CF%81%CE%B1%CE%BD&kwrds=&sessionid=b71433c9-b6ed-998b-b602-666e84c8bde1&rndid=246382454435690&psid=b2019e9b-ed89-f4e5-e516-436d5bcd9892
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL),
Reverse DNS
ip-95-142-20-17.purepeak.com
Software
nginx /
Resource Hash
d86ff276fee64b49f31b67862cf0dbe846314a9edc025b72428a24e5641452d6

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jan 2020 20:16:06 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-language
en-US
cache-control
no-cache, no-store, max-age=0
transfer-encoding
chunked
content-type
application/javascript;charset=UTF-8
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame BEF1
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e073aad27fbc8bd40506bb0a43af86d85e13a761d947bbbd6312a236322c7e2d

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011912050130240/
20 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5178
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7140
x-xss-protection
0
server
sffe
date
Thu, 02 Jan 2020 18:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d61e8113ad0598ef"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jan 2021 18:49:48 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011912050130240/ Frame C7B3
200 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5163
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
55703
x-xss-protection
0
server
sffe
date
Thu, 02 Jan 2020 18:50:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d665c0313f255e6"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jan 2021 18:50:03 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011912050130240/v0/ Frame C7B3
152 KB
41 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/011912050130240/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
5178
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
41415
x-xss-protection
0
server
sffe
date
Thu, 02 Jan 2020 18:49:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"66b88e0b1300c1e3"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Jan 2021 18:49:48 GMT
truncated
/ Frame C7B3
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ad7c5ce648bd13e5eaeaa1351aec9a4a7541793e2d77c132e0e225155c7a539

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
1918771827541562234
tpc.googlesyndication.com/simgad/ Frame C7B3
228 KB
228 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1918771827541562234
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
638da9a3f9bc52bf7595b77b599fe2b1ae565a20776c07cf5eb83eb5f58dd1f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Dec 2019 12:34:34 GMT
x-content-type-options
nosniff
age
891692
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
233343
x-xss-protection
0
last-modified
Mon, 23 Dec 2019 12:26:53 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Dec 2020 12:34:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C7B3
0
152 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVNj-EUg0YE5Wr44NU56Yq_v-eleE10g29Hhbo5bJDVw6xTGUnG5fzkOvEPDEx8KjdPz5FYEghDlhxfiJIqohF6NPMTe2IjuL_ZgQjDRsshR8h6hLdMrSDW9R0wPXNZyY9xwvZzhKyY3kgqksYyrQqDDEhT5GkWqRKFT3miJSygE8kQLFYsQQIc8jIfsHsDAjmf-EbYebwjcOxXYXXHAK5_FkPEVEOEY0czdv9Y23NAs_Pg55eBEY4mP7bcjjaXxPS9JX_&sai=AMfl-YTHAz1Wa4LLiPE-jLbfs3UF-ngfIHEJ-OUjTKCoxSi86d9urEu13c4Y8fYW46aGqA2X8Fxh9ZPDwUHbTF0IxGH2ODEXblN2JQhB6j7a&sig=Cg0ArKJSzBSG3yp8LFWXEAE&adurl=
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:07 GMT
hit.xiti
logw312.ati-host.net/
Redirect Chain
  • http://logw312.ati-host.net/hit.xiti?s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=
  • https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=
  • https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=&Rdt=On
35 B
201 B
Image
General
Full URL
https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=&Rdt=On
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.224.123 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-224-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Connection
keep-alive
Content-Length
35
Strict-Transport-Security
max-age=3600
Content-Type
image/gif

Redirect headers

Location
https://logw312.ati-host.net/hit.xiti?fh=1&s=532002&p=&vrn=1&lng=en-US&idp=211606482178&jv=0&re=1600x1200&vtag=4.5.7&hl=21x16x6&r=1600x1200x24x24&ref=&Rdt=On
Date
Thu, 02 Jan 2020 20:16:07 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=3600
P3P
policyref="/w3c/p3p.xml",CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
yalla_crt_loader.js
widget.yallarec.com/
13 KB
3 KB
Script
General
Full URL
http://widget.yallarec.com/yalla_crt_loader.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/_yalla_loader.js
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:06 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jan 2020 11:57:26 GMT
Server
nginx
ETag
W/"5e0c8926-342f"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
3239
Expires
Thu, 02 Jan 2020 22:16:06 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2_126390_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/5b/c7/9b/
11 KB
12 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/5b/c7/9b/files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_2_126390_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3d5e8277d11585b95a52e38b2ee77ed197cfe9514d4ab052ec8c5d097c6936f

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 01 Jan 2020 08:27:45 GMT
Server
AmazonS3
x-amz-request-id
EA1E0C1F20FCC00F
ETag
"63f8cfdbe2c385a6ac98f5e1a4668054"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11655
x-amz-id-2
40spl8DhJ9wcHuhR+CVP/bdwbb8XaUiMAHU74xire7Z+JJFMHJZ805XYIcnP1T2BcWvMuM606Xw=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr._2D_3F_3F_3F_3F_3F_2Dscaled_2De1577975345425_2_101544_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/91/94/ff/
14 KB
15 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/91/94/ff/files.missbloom.gr._2D_3F_3F_3F_3F_3F_2Dscaled_2De1577975345425_2_101544_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54108893b94cfc0ad4b1a715aa8b419a1bd0da309428083e270ee518ab236dbc

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Thu, 02 Jan 2020 16:07:05 GMT
Server
AmazonS3
x-amz-request-id
F88FA80B94CB87BC
ETag
"76bc25ab815e3640e2a344e970a5630b"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14509
x-amz-id-2
Ti5nIQfLjnDJ1XaiCBpMg7qQl3nxxTH6fdDGGIEhLnwt6APGvBAtFhSEn5pwCcVzSBcYbWWP9Zs=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
yupiii.gr.63240970b091033b007663ed41d6161c_2_110775_2.jpg
img9-api.yallarec.com/98/c6/website_175458/cb/8b/29/
12 KB
12 KB
Image
General
Full URL
http://img9-api.yallarec.com/98/c6/website_175458/cb/8b/29/yupiii.gr.63240970b091033b007663ed41d6161c_2_110775_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e30fe8d84fa2dd58ca0f2a8911a0ce7aa3f4499554ba7863f9a54628f113e25

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 01 Jan 2020 06:16:12 GMT
Server
AmazonS3
x-amz-request-id
AB30E4AC2F51D934
ETag
"675dfa31eb4c9cdafd793fe7813cddd0"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11954
x-amz-id-2
hj9U5pVofJAgpCp3MhCv22nWvNu7qkmER0yyKtirKQ7YQLN4RgGmrjchSoYAWhuPO2R0B4b1nRA=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.stam_2Dtsim_2D1_2_133709_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/cc/0b/4a/
14 KB
14 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/cc/0b/4a/files.missbloom.gr.stam_2Dtsim_2D1_2_133709_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2889d59d95f1883b9be150da36b1648a39494587c66b19aa2e6a6c7b0c2ed64d

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Tue, 31 Dec 2019 10:46:50 GMT
Server
AmazonS3
x-amz-request-id
CD23E164461EF052
ETag
"d3345f6767ffdd6680576396dd00ea82"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14372
x-amz-id-2
7W1sYvWS08L92d0ZWUDQ+A5qUC656qp2mX3Irc6Ao6aTydgFem7vEawadAAHPqCuZip6IIzN8sg=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.alexandru_2Dzdrobau_2DjuESZxMhtXk_2Dunsplash_2_141923_2.jpg
img9-api.yallarec.com/dc/64/website_175460/57/7b/9c/
12 KB
12 KB
Image
General
Full URL
http://img9-api.yallarec.com/dc/64/website_175460/57/7b/9c/files.missbloom.gr.alexandru_2Dzdrobau_2DjuESZxMhtXk_2Dunsplash_2_141923_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c09730825ed3b72dd83efd6520e24465b7eebdda59eb7972c38a2a0818481d9d

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 04 Dec 2019 02:32:04 GMT
Server
AmazonS3
x-amz-request-id
9BAB061B535F6F1B
ETag
"186ce073775b4deec409652faef2bebd"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12247
x-amz-id-2
6CaZQIQQz/p4431xr2crySbU5b6A80Dq0Pr//gBCnLZtOS/vQLM97M8MqbVNp5czYGbP2oDkZPo=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.IRINI_5FKAZARIAN_5FMARIA_5FKAZARIAN_5F29122019_2D1_2Dscaled_2De1577867591490_2_123725_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/42/94/ca/
16 KB
16 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/42/94/ca/files.missbloom.gr.IRINI_5FKAZARIAN_5FMARIA_5FKAZARIAN_5F29122019_2D1_2Dscaled_2De1577867591490_2_123725_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aade48a789c66f45010ba6e0a55eaf00319bb066479f7701f58e0e5d128acfb4

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 01 Jan 2020 08:34:22 GMT
Server
AmazonS3
x-amz-request-id
07B964943505B605
ETag
"bdd4e45263bade6fb86a714d5d25a42a"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16060
x-amz-id-2
DBa5nIA3M9okqjoEMeytxFqnRTFHbTySDYdR7tTWcnbIPAP6EHuCHCaGTL6yNmWyD8pGo/awqFc=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_2D1_2_142725_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/51/7f/39/
12 KB
13 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/51/7f/39/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_2D1_2_142725_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f03572b083f35efcad9093fac4da9e34beec0a1b654d41c4d21b06652ab03c54

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Fri, 06 Dec 2019 11:47:41 GMT
Server
AmazonS3
x-amz-request-id
E70BC85CBE46A848
ETag
"d88675ecfa02872b47515e7f84d57d05"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12593
x-amz-id-2
qxcpVJ6V4s/uHMfqgQUlp/jGBwyo9rNrGSKB9z+1x/oDerc6qgsy6cVg0qP21NMyQFxalJCs07c=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.harapappa_5F34983268_5F236142053856355_5F5996064985652920320_5Fn_2_149522_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/c3/fb/86/
12 KB
13 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/c3/fb/86/files.missbloom.gr.harapappa_5F34983268_5F236142053856355_5F5996064985652920320_5Fn_2_149522_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf1bd4f99f53de9ac58a6f89327061e7fcd8089a22b8688e45baca419f2a936d

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 25 Dec 2019 10:15:03 GMT
Server
AmazonS3
x-amz-request-id
C79ADB81EA22886A
ETag
"b38c15ef03faf659cb95d0004163eaf5"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12551
x-amz-id-2
W977yWXuVsoIr/zL3YKnVIhVvx7vMJzyCU4xIMUc7dUX/oDIQ+UGR6a5E78tL4lcbXmfKWRJlto=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
madamefigaro.gr.ac1a9d533f3846749ff831d136f3d6fe_2_165569_2.jpg
img9-api.yallarec.com/c3/28/website_175461/d7/22/84/
10 KB
10 KB
Image
General
Full URL
http://img9-api.yallarec.com/c3/28/website_175461/d7/22/84/madamefigaro.gr.ac1a9d533f3846749ff831d136f3d6fe_2_165569_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4873fa1e4c258334138b206ddf95da9b968c990bb0b3cb0121c94a0f6ad6d6c5

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Mon, 30 Dec 2019 19:15:32 GMT
Server
AmazonS3
x-amz-request-id
CEEFBCBCBEB0EF80
ETag
"492b7e8c319615d17d0a2fedf4a023d6"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9729
x-amz-id-2
vbMGPegn6Ph1oxKKKUQrDGPOOinycovTGsEcIQcZ0Uv1TULTWxfJQqVDPt7bzZlfR9gByC8OOGg=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.BeFunky_2DCollage_2D14_2_113427_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/90/ff/d4/
10 KB
10 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/90/ff/d4/files.missbloom.gr.BeFunky_2DCollage_2D14_2_113427_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b8fa1b4b1895feff1e1be9ba6fe347931329241c622f403e268f0d2f53485a0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Fri, 13 Dec 2019 14:45:03 GMT
Server
AmazonS3
x-amz-request-id
6A81E6DB5C44C89F
ETag
"19d995d433eb6b6b5b49d0956f1f39f7"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9996
x-amz-id-2
3VYTS55Lda1u1HAlVU1AUuiWOKOc6OCflOAVY+Esi81+akaGLDaQvynnP6LaAn6/Risg7zEK4t8=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2DAntelina_2_189672_2.png
img9-api.yallarec.com/e4/6d/website_175457/ba/db/1d/
13 KB
14 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/ba/db/1d/files.missbloom.gr._3F_3F_3F_3F_3F_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_3F_2DAntelina_2_189672_2.png
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fa431a1cfd2e92cb4887b0c5b38494868a0a7ae7ecbd395a8a082379ce80c9e

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Tue, 10 Dec 2019 16:04:02 GMT
Server
AmazonS3
x-amz-request-id
34E47699CF1F8B7D
ETag
"b7dee9aee590c59e60f6e050fa657c1f"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13403
x-amz-id-2
Oc1yp9LDSpkoGXKJO3P2EQwVgRLza1VtYaeQaKyX+d18FCV/kQbtjkbCrs5PCNsEaeKIFgZfrbw=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_2Dscaled_2De1575634051544_2_160518_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/70/ac/13/
22 KB
22 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/70/ac/13/files.missbloom.gr._3F_3F_3F_3F_3F_3F_3F_3F_2Dscaled_2De1575634051544_2_160518_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2523a903e27b147e56819708d7d78b7e59d914dc1620a4d6a85975ac31d6286e

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Fri, 06 Dec 2019 12:23:16 GMT
Server
AmazonS3
x-amz-request-id
8B9590DC6C282336
ETag
"1d3efaf51e7471353c8bb3480754f478"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22468
x-amz-id-2
UXT4Il/2bBgh7rTo0R57vPXk9/B6Pn8SaP7FoKoJr7j+27AV9YR3HJVY8qYss3r/Jn6xSSgjlOc=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.dailymedia_5F2018269_5F105001_5F466784_2_123167_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/e1/61/6d/
11 KB
11 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/e1/61/6d/files.missbloom.gr.dailymedia_5F2018269_5F105001_5F466784_2_123167_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87ecbc8a46e373b98e816b0c6565b80221d820fd47cf541c833c265a94df8ccd

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Wed, 25 Dec 2019 09:54:51 GMT
Server
AmazonS3
x-amz-request-id
E3E1C263CF60FE7F
ETag
"30d9281fc412c35854cc29ddd1f9a268"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10818
x-amz-id-2
2g+H9Z7d4NKKyrKCyyQcbMeS70hH8SQBPBPz5jl8hLxHtVX15j83LwUMrOs3ElJeuGOmBoFN+KI=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr._3F_3F_3F_3F_3F_2_147096_2.jpg
img9-api.yallarec.com/e4/6d/website_175457/5e/92/09/
14 KB
14 KB
Image
General
Full URL
http://img9-api.yallarec.com/e4/6d/website_175457/5e/92/09/files.missbloom.gr._3F_3F_3F_3F_3F_2_147096_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8430dd2e5dfa3252b9e818cf8132335a57ff8034c6dd0c00ee4377d513f4644

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Thu, 12 Dec 2019 13:55:42 GMT
Server
AmazonS3
x-amz-request-id
C8DFA9A025DDB66E
ETag
"954208f88fd4b0a9040d251cc3949c00"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13936
x-amz-id-2
yMExz1b3Rb0tNLizg7JJwkhvvqses7xccZNd+WQmi6/CZ/JrQsfdZHIoCMVfDnE3LczS9J/qs4c=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
files.missbloom.gr.Kate_2DMiddleton_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_2DWilliam_2D1_2_158518_2.jpg
img9-api.yallarec.com/dc/64/website_175460/ac/7d/1d/
15 KB
15 KB
Image
General
Full URL
http://img9-api.yallarec.com/dc/64/website_175460/ac/7d/1d/files.missbloom.gr.Kate_2DMiddleton_2D_3F_3F_3F_3F_3F_3F_3F_3F_3F_2DWilliam_2D1_2_158518_2.jpg
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2a02:26f0:10c:382::3b8c , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a466828239ad005df129c4686410c5e95964efb92933d275c023f224145db618

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
Last-Modified
Mon, 23 Dec 2019 03:52:30 GMT
Server
AmazonS3
x-amz-request-id
383309F7D3C6E40C
ETag
"77ba55c7c082af6cc3035c2a64128f70"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15400
x-amz-id-2
BA5VMhuldoefxs22gRwXKz2NAxGPAajFFRXReZ/0mP5PVBLcfGAK9fckxMVze4yZwu/DfvU6fXc=
Expires
Thu, 09 Jan 2020 20:16:07 GMT
publishertag.js
static.criteo.net/js/ld/
93 KB
28 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: widget.yallarec.com
URL: http://widget.yallarec.com/yalla_crt_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
fbc41d3e67802d67bafea737f75aba27b07eae707b51c5b78a89605fc2786ae9

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 17:19:26 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5dfd029e-17429"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 03 Jan 2020 20:16:07 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame ED76
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
http://cokrnwallis.cf/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://cokrnwallis.cf/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
2973
date
Thu, 02 Jan 2020 19:41:18 GMT
expires
Fri, 01 Jan 2021 19:41:18 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2089
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.facebook.com/tr/
0
78 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryKcK3ZECk5jMXMPO5

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
http://cokrnwallis.cf
date
Thu, 02 Jan 2020 20:16:07 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6249
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaW2SKPgeKnont7CRZgMUfgvQYya0L8r7C-QJoNTm0ZiPeeeoHctvl7BYC7srHrEFfGVfDhbpKvCCLqIsy7f8tT-EkfWfkjt7Y19j7osqVNAOe6e1QwHdwdujI5qXcRECb8J7PgNltY1qmlIGsDaTRk0Hiun7ZD6Ux7ulNwDH5AL0XrhluC0mP-AolR-9sUQsy8q1goFijhpHFrZUgiSw0bd9Dx1gXnRSkFXGV92J8R6ljPBXhMG50pwCnDtDolTEmBrsv4gQqBUAT&sai=AMfl-YSJD55im7Sd06MxCNiQ8oCdPDcwDB4uocxBv1l9YdWzygkvq1H-fhM6knXdyERG5miyLKf3p8i-y8elvHrZMC3vKVB_8btHzN5eFyYSrQ&sig=Cg0ArKJSzLc9A_r8_wAkEAE&urlfix=1&adurl=
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 02 Jan 2020 20:16:07 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:07 GMT
adman.js
static.adman.gr/ Frame 6249
115 KB
35 KB
Script
General
Full URL
http://static.adman.gr/adman.js
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35cc7cc9e17d617002ab936f1fdb9eef99893ef1c9116b0dfb83d0370bdd83b

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
gzip
CF-Cache-Status
HIT
last-modified
Mon, 23 Dec 2019 13:08:46 GMT
Server
cloudflare
Age
1911
etag
W/"5e00bc5e-1cdc7"
vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68adfeaddfdb-FRA
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 6249
77 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019121002.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29272
x-xss-protection
0
expires
Thu, 02 Jan 2020 20:16:07 GMT
adman.js
static.adman.gr/
115 KB
35 KB
Script
General
Full URL
http://static.adman.gr/adman.js
Requested by
Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol
HTTP/1.1
Server
2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b35cc7cc9e17d617002ab936f1fdb9eef99893ef1c9116b0dfb83d0370bdd83b

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:07 GMT
content-encoding
gzip
CF-Cache-Status
HIT
last-modified
Mon, 23 Dec 2019 13:08:46 GMT
Server
cloudflare
Age
1911
etag
W/"5e00bc5e-1cdc7"
vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
54ef68ae1f42dfdb-FRA
/
talos.adman.gr/gbanner/ Frame 6249
177 B
636 B
Script
General
Full URL
https://talos.adman.gr/gbanner/?1577996167378|38204/300x250?10572:=1577996167378@300x600x24?/&cab=_&v=6
Requested by
Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),
Reverse DNS
voss.phaistosnetworks.gr
Software
ADMAN /
Resource Hash
4727a65302115c49cf96fe6c870093989b20dc121e3c7e7a4b09bd481d5b1b9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
Server
ADMAN
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection
close
Content-Type
application/javascript; charset=iso-8859-7
Content-Length
177
cdb
bidder.criteo.com/
0
143 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=79&profileId=184&cb=33281684509
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Thu, 02 Jan 2020 20:16:07 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://cokrnwallis.cf
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/
43 B
260 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 27 Dec 2020 20:16:07 GMT
pixel.gif
static.criteo.net/images/
43 B
260 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 20:16:07 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 27 Dec 2020 20:16:07 GMT
/
talos.adman.gr/gbanner/ Frame 6249
556 B
1 KB
Script
General
Full URL
https://talos.adman.gr/gbanner/?1577996167|38204/300x250?10572:=1577996167378@300x600x24?/&cab=_&v=6/testcookie1
Requested by
Host: talos.adman.gr
URL: https://talos.adman.gr/gbanner/?1577996167378|38204/300x250?10572:=1577996167378@300x600x24?/&cab=_&v=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),
Reverse DNS
voss.phaistosnetworks.gr
Software
ADMAN /
Resource Hash
7c4f068160a7a074c0e6435d1ec904b860ecfea23665e27a0b5ccb07b45172a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
Server
ADMAN
ETag
"b2NwhWnrflf"
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Connection
close
Content-Type
application/javascript; charset=iso-8859-7
Content-Length
556
activeview
pagead2.googlesyndication.com/pcs/ Frame C7B3
42 B
115 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSGMO0OFSjc95Dqqpokc9jLOX5uNYS0gjTSkWIIF0b_r1YNeB1mWc1CgjOTyyzw-Lx0Z306WR66NGffp-Qyq4-_iqes50ZHq2xAMERl5w&sig=Cg0ArKJSzLdYRP_xAA1zEAE&id=ampim&o=8,471&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=87&tls=1088&g=100&h=100&tt=1088&r=v&adk=248121373&avms=ampa
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jan 2020 20:16:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BEF1
42 B
113 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8pbQF1ifk9TmnXgCmT15DW1BcrtP89FSM6T7TrIQS4xm6p8r-aeX6Kq6Q2a2U_oaMIxD4cs_CnuOyPfBRqIZzs-I3lILQqoDUqiDQnrQ&sig=Cg0ArKJSzK9sKaux5nHhEAE&adk=1273862343&tt=-1&bs=1585%2C1200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&p=488,8,489,9&mcvt=1025&rs=0&ht=0&tfs=233&tls=1258&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&lm=2&rst=1577996166732&dlt&rpt=44&isd=0&msd=0&ext&imams=1&xdi=0&eocm=1&ps=1585%2C7918&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-5-13-5-12-12-0-0-0&tvt=1254&is=1%2C1&iframe_loc=http%3A%2F%2Fcokrnwallis.cf%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&wf=0&cac=1&cd=0x0&itpl=19&v=20191206
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Jan 2020 20:16:08 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ACE20-banner300x600.gif
obj.adman.gr/talos/2019/tempo/20267/ Frame 6249
121 KB
122 KB
Image
General
Full URL
http://obj.adman.gr/talos/2019/tempo/20267/ACE20-banner300x600.gif
Requested by
Host: cokrnwallis.cf
URL: http://cokrnwallis.cf/
Protocol
HTTP/1.1
Server
2606:4700:10::6814:5d4d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2441afba175643a520c90838b6c26b08e21f3ab405b0f9f4971e1f8f44b5a7b8

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Jan 2020 20:16:08 GMT
CF-Cache-Status
HIT
last-modified
Thu, 19 Dec 2019 15:00:40 GMT
Server
cloudflare
Age
5460
etag
"5dfb9098-2319b"
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
max-age=1800
Cf-Polished
origSize=143771
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
54ef68b3edcec27c-FRA
Content-Length
124209
Cf-Bgj
imgq:100
truncated
/ Frame 6249
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f5220ccfc766dfb9849b9b203ec1f4511fa824957c77f9bba7ac5f8dd7ba99c

Request headers

Referer
http://cokrnwallis.cf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
phaistos
talos.adman.gr/rm/55399/38204/1434063104/ Frame 6249
43 B
522 B
Other
General
Full URL
http://talos.adman.gr/rm/55399/38204/1434063104/phaistos?rnd=1577996168324
Requested by
Host: static.adman.gr
URL: http://static.adman.gr/adman.js
Protocol
HTTP/1.1
Server
62.103.124.31 , Greece, ASN6799 (OTENET-GR Athens - Greece, GR),
Reverse DNS
voss.phaistosnetworks.gr
Software
ADMAN /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cokrnwallis.cf/
Origin
http://cokrnwallis.cf
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

X-Content-Type-Options
nosniff
Server
ADMAN
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
http://cokrnwallis.cf
Cache-Control
max-age=0, private, proxy-revalidate, must-revalidate, no-cache
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/gif
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.qds.ninja
URL
https://t.qds.ninja/t/482

Verdicts & Comments Add Verdict or Comment

204 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| cookieconsent function| DOMReady string| GoogleAnalyticsObject function| ga object| ATInternet function| ATCustomEvent number| site__has__skin number| site__has__728a object| googletag object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleTokenSync number| google_srt boolean| google_measure_js_timing string| targetCriteria string| pageType string| accountID object| slot23 object| slot24 object| slot11 object| slot12 object| slot13 object| slot1 object| slot2 object| slot3 object| slot4 object| slot21 object| slot22 object| slot31 object| slot32 boolean| google_noFetch number| __google_ad_urls_id object| _qds object| xtnv string| xtdmc string| xtsite string| xt_xtcpath number| google_unique_id object| gaGlobal object| __s object| instgrm function| VAContent_loaded string| RecsWidgetObject function| __recsWidget object| google_tag_data object| gaplugins object| gaData function| LoadSectionsFlowBoxes object| context object| vttjs function| WebVTT function| VAVideoJS object| ProgressBar object| VAProgressBar function| VidAdsScenery function| VidAdsContent function| VidAdsVertigo function| setUpAgknTag object| adsbygoogle function| fbq function| _fbq function| documentInitOneSignal object| OneSignal function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet object| google_ad_modifications object| google_logging_queue function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars object| _oneSignalInitOptions object| _RECS_WIDGETS boolean| _ENG_is_google_tag_ran boolean| _ENG_is_sr_started_loading boolean| _ENG_is_feed_js_loaded object| _ENG_OPTOUT_MODAL_ELM string| _ENG_PAGE_SESSION_ID function| _RECS_WIDGET function| _RECS_WIDGET_VIDEO function| _eng_do_async_click function| _eng_fire_async_pixels function| _RECS_MULTI_WIDGETS function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired object| _google_rum_ns_ function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google function| yallarec_cb_246382454435690 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Xtconf function| Xtcore string| xtLogDom number| xttredir object| xw object| xd string| xtv string| xt1 string| xt7 string| xt8 string| xt9 string| xt8b string| xtp string| xt44 object| xt21 function| xtf1 function| xt_addchain function| wck function| xtf3 function| xt_mvt function| xt_med boolean| xtfirst function| xt_ad function| xt_adi function| xt_adc function| xt_click function| xt_form function| xt_rm string| xtidpg string| xt16 function| xt_addProduct function| xt_rd function| xt_addProduct_v2 function| xt_addProduct_load function| xt_ParseUrl function| xt_ParseUrl3 object| AT_click object| AT_hit string| xtvid object| xt29 string| Xt_id object| attag object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP string| widgetCss string| __eng__ppids_brnd object| _ENG_CRT_OBJS function| parseCriteoBids function| ENG_CRT function| _eng_open_link object| _eng_crt object| Criteo object| crt_q function| _engcrtCB boolean| _admanDeployed object| webpackAdmanV2 object| core function| htmlParser function| postscribe function| _getBody function| _getScrollTop function| _getScrollLeft function| _getWidth function| _getHeight function| _getScrollWidth function| _getScrollHeight string| _br number| _brV boolean| _isFramed function| isSameOrigin object| Adman boolean| _admanIsListening object| AdmanQueue object| criteo_pubtag object| BidsQueuedEvents

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnl7rdtcVGAcx8OkaJexN81_7FmW-9KqvjR3J4-tKJjlSmxgY_zpgALNHd3
.agkn.com/ Name: ab
Value: 0001%3AasFkQV2ZXwwC6ioIqp4x1WrpanidhzBE4Loljjv9Sp0eO%2Fuz5JTUeQ%3D%3D
.agkn.com/ Name: u
Value: C|0AEAloQwGJaEMBgAAAAAAAg1RAQCADVIBAIA
.cokrnwallis.cf/ Name: __gads
Value: ID=30bbba2fc01b2811:T=1577996166:S=ALNI_MbvDIwSTqP_QyzO82iav3zWKf9X_w
.cokrnwallis.cf/ Name: _fbp
Value: fb.1.1577996166708.865370886
.cokrnwallis.cf/ Name: __cfduid
Value: d224775a8ad7eef0c428f5b4c3b1492f31577996165
.cokrnwallis.cf/ Name: _gid
Value: GA1.2.902990330.1577996167
.cokrnwallis.cf/ Name: _ga
Value: GA1.2.1317298124.1577996167

18 Console Messages

Source Level URL
Text
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds [object Object]
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds loading: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcokrnwallis.cf%2F
console-api info URL: https://www.vidads.gr/scripts/va_content.vast.js(Line 48)
Message:
VidAds Getting: https://www.vidads.gr/get/video/vast3/636?inread=1&url=http%3A%2F%2Fcokrnwallis.cf%2F
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api info URL: https://cdn.ampproject.org/rtv/011912050130240/amp4ads-v0.js(Line 412)
Message:
Powered by AMP ⚡ HTML – Version 1912050130240 http://cokrnwallis.cf/
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api log URL: http://cokrnwallis.cf/(Line 78)
Message:
[object Object]
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api log URL: http://static.adman.gr/adman.js(Line 1)
Message:
Deploying adman.js to top window.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019121002.js(Line 6)
Message:
getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.de
ajax.googleapis.com
api.yallarec.com
app.exitbee.com
bidder.criteo.com
cdn.ampproject.org
cdn.onesignal.com
cdnjs.cloudflare.com
cokrnwallis.cf
connect.facebook.net
d.agkn.com
files.missbloom.gr
googleads.g.doubleclick.net
imasdk.googleapis.com
img9-api.yallarec.com
js.agkn.com
logw312.ati-host.net
obj.adman.gr
pagead2.googlesyndication.com
platform.instagram.com
securepubads.g.doubleclick.net
static.adman.gr
static.criteo.net
t.qds.ninja
tag.aticdn.net
talos.adman.gr
tpc.googlesyndication.com
widget.yallarec.com
www.capital.gr
www.facebook.com
www.google-analytics.com
www.googletagservices.com
www.instagram.com
www.missbloom.gr
www.vidads.gr
t.qds.ninja
104.108.39.160
104.111.224.123
172.217.21.194
172.217.22.6
178.250.0.130
178.250.0.165
2.16.181.41
23.14.94.22
2600:9000:21f3:5c00:19:fc2c:a140:93a1
2600:9000:21f3:c600:15:efbc:e300:93a1
2606:4700:10::6814:5d4d
2606:4700:30::6818:78db
2606:4700::6811:4104
2606:4700::6812:e134
2a00:1450:4001:800::2001
2a00:1450:4001:806::200e
2a00:1450:4001:815::200a
2a00:1450:4001:818::2002
2a00:1450:4001:821::2001
2a01:4f8:110:5005::2
2a02:26f0:10c:382::3b8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
35.240.50.85
62.103.124.31
95.142.20.17
0289758c8c964fbe0ec421527203b54fa728f037f3e023b002691158c82d7f98
05a0114a707e2c9a3e39211eea7befe543363802db6cca43191b8fa51d8f6cd5
0ae5e1fde1f00b885a6f0f95e666fb9023d06aaaaeb8b4a37724a8ec1609ac24
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127f0e63cfe81a8cfe83a77408f6e1de24decee3f28a36a53f253808f323288c
146c3422a9d7e5fe83f717646225d152b89863e9fd0e10a4e1efdd171dac13e5
1774776862071d2068d5a365dba67548f391530a10459f4022ff7da3a1bc21eb
184792214632ebdae4de5519287f27b514411716fdd31ca174412d787d41cb87
186466980a2394e09d866c4b8210699f9ce8e5029dc856e6ed28cafcfb3d8f8c
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1fa431a1cfd2e92cb4887b0c5b38494868a0a7ae7ecbd395a8a082379ce80c9e
216fd62bccc74ef4e4d35292cd4874e7072a4fb30685afb6235d894a3ec1a2df
2424d4d0676494244257b830643c905eac8254d373e00bc0cf6a13158626921b
2441afba175643a520c90838b6c26b08e21f3ab405b0f9f4971e1f8f44b5a7b8
2523a903e27b147e56819708d7d78b7e59d914dc1620a4d6a85975ac31d6286e
2889d59d95f1883b9be150da36b1648a39494587c66b19aa2e6a6c7b0c2ed64d
3174003a7f82a954d93d77cb0164bbfce6139b9640bb2276337d8f1d6c599eda
37abe9a77eb72a3ffb717f9c9290b00b258ca583e84a2c35f9ea7411343f3831
3c27fcc1e14fd8c7dfb09211be1bd79642e96087150c17ca5df8f0a3bbcc8ee2
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
467fc66deb265d2d76cb1e3c4b24d081d94497ce9241e0d58c7e3edd88715af8
4727a65302115c49cf96fe6c870093989b20dc121e3c7e7a4b09bd481d5b1b9a
4873fa1e4c258334138b206ddf95da9b968c990bb0b3cb0121c94a0f6ad6d6c5
4c52ed8f9039265ffed7fdca0b967b2624325e6356433f437e044b0dd332cddf
4e30fe8d84fa2dd58ca0f2a8911a0ce7aa3f4499554ba7863f9a54628f113e25
54108893b94cfc0ad4b1a715aa8b419a1bd0da309428083e270ee518ab236dbc
555d5d3bcf88de2650acc3de969c2453da3c9c53fdd7491c23bb3bd09e12a129
5d30e39309923dfbd5e04218cf454cdedd9c76933128252b05fe0813014d4537
5f5220ccfc766dfb9849b9b203ec1f4511fa824957c77f9bba7ac5f8dd7ba99c
62143c604af1e6f5d9e6fb2e374a120b63a2c81122415a2d03106e18ace7f1c9
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
638da9a3f9bc52bf7595b77b599fe2b1ae565a20776c07cf5eb83eb5f58dd1f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7ad7c5ce648bd13e5eaeaa1351aec9a4a7541793e2d77c132e0e225155c7a539
7b8fa1b4b1895feff1e1be9ba6fe347931329241c622f403e268f0d2f53485a0
7c4f068160a7a074c0e6435d1ec904b860ecfea23665e27a0b5ccb07b45172a7
8489de8a67bbb3132eaee09eb911cff225d475918ce19175b7c03fbfae49c26f
85026ed6e7c55531dbc8f499911737ac775594fa3648d49900d14f0b990c79e3
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
87ecbc8a46e373b98e816b0c6565b80221d820fd47cf541c833c265a94df8ccd
88a6c0de42002ab0f042b863e02e360efc4dbf8393e2a8d48b5e1e895defc7b5
918c4485a28931feb333074355c2f4c2e915ffa51fe70b8797e9432c37b22b8f
937cd65358bb06e56592a15d0d8ea8cf835f21d222584495c02b93975a0710b2
9d1669b8e04aabf7547e96dfe1f693dacb413ee8a22570ba5bb6af9b79c749e0
a466828239ad005df129c4686410c5e95964efb92933d275c023f224145db618
aade48a789c66f45010ba6e0a55eaf00319bb066479f7701f58e0e5d128acfb4
ab99b94ce42722a9b966906754075df92c870cb9ff1aa1c48920008806079153
abe6af6a23f989b0623689a5d2a8df531c4f84c1e9785db0bad82155e9ef7f92
aedf1ea5c3eac68e1ef6ededcf7e70b58b7259d5314a710597e7ea052cbd7cf7
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b0b41ead7d73c51545a6b97022fdf4a60c64d4910136516f2f8832d2f11d7bed
b0e077c071d8cadd7f559a3bfba9b136c071a5a0bc7cb6d952171b5f427cfa11
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35cc7cc9e17d617002ab936f1fdb9eef99893ef1c9116b0dfb83d0370bdd83b
b4811cb5d1f52c9ab524f4b34b4c5302130d1d74c9efbc7aa96c048da48db558
b8430dd2e5dfa3252b9e818cf8132335a57ff8034c6dd0c00ee4377d513f4644
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1e8c31b52d916e55aa1676e71253517977717138d5aba855421fe1e0dc2506
bf1bd4f99f53de9ac58a6f89327061e7fcd8089a22b8688e45baca419f2a936d
c09730825ed3b72dd83efd6520e24465b7eebdda59eb7972c38a2a0818481d9d
c61e277f67e063bec4ff28f6f033d540a7dfe5503f40b30090d1f73fec6e8611
ccd7e42e7ffe5a4bdec8582335ae9f744256033da3b4c69fa203e5649bef1fbc
cf0eac8ca56caaadf4fc1e4ec8081f0ba14c59d22bf12f766d59845078950e86
d3d5e8277d11585b95a52e38b2ee77ed197cfe9514d4ab052ec8c5d097c6936f
d86ff276fee64b49f31b67862cf0dbe846314a9edc025b72428a24e5641452d6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
e073aad27fbc8bd40506bb0a43af86d85e13a761d947bbbd6312a236322c7e2d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eb27d30d5f9aa349dd92fd1cdb4cf125b182bd965aa40000394937152212bdab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03572b083f35efcad9093fac4da9e34beec0a1b654d41c4d21b06652ab03c54
f5110a760bffe7bc4532d967f6a2b7c41ed5853ac0b42ad0b79b78641a151bae
f70ad153801756c3955f63469a9bc8a3a7112e1fca7156bf72448b77d8155246
fbc41d3e67802d67bafea737f75aba27b07eae707b51c5b78a89605fc2786ae9
fc56bb3fa5b170d42f27874983f471c1e429a5dbde2ae30cdb6de6228af4c1d0