urlscan.io logo urlscan.io
SecurityTrails logo

elfsight.com
104.22.68.95  Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
Submitted URL: http://service-reviews-ultimate.elfsight.com/ 6yr old
Effective URL: https://elfsight.com/ 10yr old
Submission: On December 02 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 34 HTTP transactions. The main IP is 104.22.68.95, located in and belongs to CLOUDFLARENET, US. The main domain is elfsight.com. The Cisco Umbrella rank of the primary domain is 12364. 10yr old
TLS certificate: Issued by E6 on October 21st 2024. Valid for: 3mo.
This is the only time elfsight.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 104.22.68.95 13335 (CLOUDFLAR...)
1 142.250.81.238 15169 (GOOGLE)
2 142.251.40.136 15169 (GOOGLE)
2 31.13.71.7 32934 (FACEBOOK)
3 150.171.27.10 8075 (MICROSOFT...)
1 104.16.80.73 13335 (CLOUDFLAR...)
1 216.239.34.181 15169 (GOOGLE)
1 142.251.179.154 15169 (GOOGLE)
1 142.251.40.162 15169 (GOOGLE)
1 142.250.176.195 15169 (GOOGLE)
2 13.107.246.40 8075 (MICROSOFT...)
2 31.13.71.36 32934 (FACEBOOK)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 1 13.107.21.237 8068 (MICROSOFT...)
3 20.119.174.243 8075 (MICROSOFT...)
34 15
14    104.22.68.95 (None, )

ASN13335 (CLOUDFLARENET, US)
service-reviews-ultimate.elfsight.com 6yr old
elfsight.com 10yr old
dash.elfsight.com 4yr old
1    142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net
www.googleoptimize.com 9yr old
2    142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net
www.googletagmanager.com 56yr old
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net 56yr old
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com 56yr old
1    104.16.80.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com 7yr old
1    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com 8yr old
1    142.251.179.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net
stats.g.doubleclick.net 56yr old
1    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
td.doubleclick.net 3yr old
1    142.250.176.195 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f3.1e100.net
www.google.ca 9yr old
2    13.107.246.40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms 8yr old
2    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com 56yr old
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms 5yr old
1    13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com 13yr old
3    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms 3yr old
Apex Domain
Subdomains		 Transfer
14 elfsight.com
service-reviews-ultimate.elfsight.com — Cisco Umbrella Rank: 15648 6yr old
elfsight.com — Cisco Umbrella Rank: 12364 10yr old
dash.elfsight.com — Cisco Umbrella Rank: 657159 4yr old
260 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625 8yr old
c.clarity.ms — Cisco Umbrella Rank: 1269 5yr old
r.clarity.ms — Cisco Umbrella Rank: 9018 3yr old
31 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 359 56yr old
c.bing.com — Cisco Umbrella Rank: 205 13yr old
17 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120 56yr old
210 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135 56yr old
td.doubleclick.net — Cisco Umbrella Rank: 182 3yr old
551 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192 56yr old
76 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 56yr old
266 KB
1 google.ca
www.google.ca — Cisco Umbrella Rank: 11557 9yr old
63 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 142 8yr old
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617 7yr old
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 3827 9yr old
70 KB
34 11
Domain Requested by
12 elfsight.com elfsight.com
static.cloudflareinsights.com
3 r.clarity.ms www.clarity.ms
3 bat.bing.com elfsight.com
bat.bing.com
2 c.clarity.ms 1 redirects
2 www.facebook.com elfsight.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 connect.facebook.net elfsight.com
connect.facebook.net
2 www.googletagmanager.com elfsight.com
www.googleoptimize.com
1 c.bing.com 1 redirects
1 dash.elfsight.com elfsight.com
1 www.google.ca elfsight.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 static.cloudflareinsights.com elfsight.com
1 www.googleoptimize.com elfsight.com
1 service-reviews-ultimate.elfsight.com 1 redirects
34 17

This site contains links to these domains. Also see Links.

Domain
help.elfsight.com
dash.elfsight.com
elfsig.ht
community.elfsight.com
Subject Issuer Validity Valid
elfsight.com
E6		 2024-10-21 -
2025-01-19		 3mo crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3mo crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-10 -
2024-12-09		 3mo crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6mo crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3mo crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3mo crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3mo crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3mo crt.sh
*.google.ca
WR2		 2024-10-21 -
2025-01-13		 3mo crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 1yr crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 1yr crt.sh

This page contains 2 frames:

Primary Page: https://elfsight.com/
Frame ID: 944B3DAE0AB755B48E6D63EFA5CC1689
Requests: 34 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-9MMWDSS0L5&gacid=698944160.1733115101&gtm=45je4bk0v888252314za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=631514375
Frame ID: 7DD80A2D2ED26BE35E6D544134B58C39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

90+ Website Widgets — To Grow Your Business — Elfsight Apps

Page URL History Show full URLs

  1. http://service-reviews-ultimate.elfsight.com/ HTTP 307
    https://service-reviews-ultimate.elfsight.com/ HTTP 302
    https://elfsight.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

17
Subdomains

15
IPs

2
Countries

726 kB
Transfer

2521 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://service-reviews-ultimate.elfsight.com/ HTTP 307
    https://service-reviews-ultimate.elfsight.com/ HTTP 302
    https://elfsight.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&RedC=c.clarity.ms&MXFR=1419455FD4D26E1739DE5016D0D26077 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&MUID=16D363C16B706CF6042576886A5A6D2A

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
elfsight.com/
Redirect Chain
  • http://service-reviews-ultimate.elfsight.com/
  • https://service-reviews-ultimate.elfsight.com/
  • https://elfsight.com/
353 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0c0f136e4624ee4576b55498ce7a649d9267bf20ad4867a2711059b4d602c6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
1042
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-apo-via
tcache
cf-cache-status
HIT
cf-ray
8eb8b4019cf0aaca-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 04:51:40 GMT
last-modified
Sun, 01 Dec 2024 19:52:01 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="HIT"
strict-transport-security
max-age=0
vary
Accept-Encoding
x-elfsight-ab-group
A
x-elfsight-ab-status
not-eligible
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-apo-via
origin,host
cf-cache-status
DYNAMIC
cf-ray
8eb8b4005c1faaca-YYZ
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 04:51:40 GMT
location
https://elfsight.com
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=0
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
optimize.js
www.googleoptimize.com/ 		195 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-NLMFLMW
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
74ea945060ae6b00def6ee19cbcb480529180250d5d255f6aea6e7c26635731c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1169:0"}],}
expires
Mon, 02 Dec 2024 04:51:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1169:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
71448
x-xss-protection
0
server
Google Tag Manager
main.css
elfsight.com/wp-content/themes/elfsight/frontend/assets/ 		293 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.css?ver=2.11.10
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f7cf7f6924e19b40db75945053e68f96e4ffb292a344bc7d25da1f48058d51
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"67360991-493b4"
age
3255
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 14:30:41 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b4021d53aaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
js
www.googletagmanager.com/gtag/ 		415 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9MMWDSS0L5
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
122a2f1d7a83d2f85cac610c9a7ef793341d384094d0dc66f16b4fe264f0aa3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 04:51:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135872
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-VGHVKizw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-VGHVKizw' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=5728, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
Q24uXFUlAV4eBQDeq8AseX+5ogU0Xsd8IGOZ9vViCqwlRX8mMaj3NvfA8nGLY8HFiYVmgjlH0iu6uK76qBojzQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A07F778A9734DF8A5357E8D043292E9 Ref B: YTO01EDGE0809 Ref C: 2024-12-02T04:51:40Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
home-hero.png
elfsight.com/wp-content/themes/elfsight/frontend/assets/img/ 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/img/home-hero.png
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5caa0c2969f40cb748896a68a4145f2442fe607424db255f3b5913bf2c936f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
cf-cache-status
HIT
etag
"62f1123d-1bea6"
age
229231
expires
Sat, 29 Nov 2025 13:10:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/webp
last-modified
Mon, 08 Aug 2022 13:40:13 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000
cf-ray
8eb8b403ee59aaca-YYZ
accept-ranges
bytes
content-length
114342
server
cloudflare
x-elfsight-ab-status
not-eligible
main.js
elfsight.com/wp-content/themes/elfsight/frontend/assets/ 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.js?ver=2.11.10
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482ac49444b6541867225341cb1e6d1691d2e8ab2fdb918f79c30a4ce5715850
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"67360991-26519"
age
4219
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 14 Nov 2024 14:30:41 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b403ee5caaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
lazyload.min.js
elfsight.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"661f8c62-22bc"
age
3255
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 17 Apr 2024 08:46:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b403fe5daaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://elfsight.com
Referer
https://elfsight.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8eb8b4055a5e39e1-YYZ
access-control-allow-origin
*
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
black-friday-slide-in-bg-2.jpg
elfsight.com/wp-content/themes/elfsight/frontend/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/img/black-friday-slide-in-bg-2.jpg
Requested by
Host: elfsight.com
URL: https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.css?ver=2.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b6afd1ba0e1c87f4a3b8011dd9a5f367f8edc24c5f31105f9175ca6f7689c3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.css?ver=2.11.10

Response headers

x-elfsight-ab-group
A
cf-cache-status
HIT
etag
"656095be-4ca"
age
229221
expires
Sat, 29 Nov 2025 13:10:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/webp
last-modified
Fri, 24 Nov 2023 12:23:26 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000
cf-ray
8eb8b4043e80aaca-YYZ
accept-ranges
bytes
content-length
1226
server
cloudflare
x-elfsight-ab-status
not-eligible
js
www.googletagmanager.com/gtag/ 		415 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9MMWDSS0L5&l=dataLayer&cx=c&gtm=45Te4bk0za204
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NLMFLMW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3fc5d958c894490798402cbe7220fe03794303364c9b0227a23afea265ee7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 02 Dec 2024 04:51:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135977
x-xss-protection
0
server
Google Tag Manager
148024786.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/148024786.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e9925454ce9b512b42cf240b43d504b7425e8b28e0afb3347dab69359f9f096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B203F4A6608A41BB973636E507B320CE Ref B: YTO01EDGE0809 Ref C: 2024-12-02T04:51:40Z
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
black-friday-banner-2024.jpg
elfsight.com/wp-content/themes/elfsight/frontend/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/img/black-friday-banner-2024.jpg
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80d3e85dd08a65147ce5eda040043599921658369440d4f717b4f5907ae4693
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
cf-cache-status
HIT
etag
"67361390-1af6"
age
229221
expires
Sat, 29 Nov 2025 13:11:05 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/webp
last-modified
Thu, 14 Nov 2024 15:13:20 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000
cf-ray
8eb8b404cf27aaca-YYZ
accept-ranges
bytes
content-length
6902
server
cloudflare
x-elfsight-ab-status
not-eligible
logo.svg
elfsight.com/wp-content/themes/elfsight/frontend/assets/img/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/img/logo.svg
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd753cfb77a02daa46a97cde777aab865aeafff924bc96ab606ec3221f3f305
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"5defafb3-1af4"
age
3254
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Dec 2019 14:46:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b404cf2daaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
black-firday-slide-in-header-2024.png
elfsight.com/wp-content/themes/elfsight/frontend/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/img/black-firday-slide-in-header-2024.png
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ee9b85e74d944b1f61320c5fb63f220caed72a0ba70add1c6987a873c9aee9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
cf-cache-status
HIT
etag
"67360991-803"
age
229221
cf-bgj
imgq:85,h2pri
expires
Sat, 29 Nov 2025 13:11:05 GMT
cf-polished
origSize=2051, status=vary_header_present
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/png
last-modified
Thu, 14 Nov 2024 14:30:41 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=31536000
cf-ray
8eb8b404cf2faaca-YYZ
accept-ranges
bytes
content-length
2002
server
cloudflare
x-elfsight-ab-status
not-eligible
icons.59635de29ce0a19ddb071522ebcc6a89.svg
elfsight.com/wp-content/themes/elfsight/frontend/assets/sprite-icons/ 		72 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/wp-content/themes/elfsight/frontend/assets/sprite-icons/icons.59635de29ce0a19ddb071522ebcc6a89.svg
Requested by
Host: elfsight.com
URL: https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.js?ver=2.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab32e1980aeb1f4c5d669f4cd0ba876c67019b5f6648a8876e4077a7716de10
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"66b4c12d-11ec7"
age
4219
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Aug 2024 12:59:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b4051f7baaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-9MMWDSS0L5&gtm=45je4bk0v888252314za200&_p=1733115100625&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=698944160.1733115101&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1733115101&sct=1&seg=0&dl=https%3A%2F%2Felfsight.com%2F&dt=90%2B%20Website%20Widgets%20%E2%80%94%20To%20Grow%20Your%20Business%20%E2%80%94%20Elfsight%20Apps&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=889
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MMWDSS0L5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://elfsight.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9MMWDSS0L5&cid=698944160.1733115101&gtm=45je4bk0v888252314za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MMWDSS0L5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://elfsight.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 7DD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-9MMWDSS0L5&gacid=698944160.1733115101&gtm=45je4bk0v888252314za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=631514375
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MMWDSS0L5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://elfsight.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 04:51:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9MMWDSS0L5&cid=698944160.1733115101&gtm=45je4bk0v888252314za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=263546442
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 02 Dec 2024 04:51:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
get-me
dash.elfsight.com/core/identity-and-access/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dash.elfsight.com/core/identity-and-access/get-me
Requested by
Host: elfsight.com
URL: https://elfsight.com/wp-content/themes/elfsight/frontend/assets/main.js?ver=2.11.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:41 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
x-dns-prefetch-control
on
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8eb8b405dffeaaca-YYZ
x-ratelimit-remaining
99
x-ratelimit-reset
0
access-control-allow-origin
https://elfsight.com
x-xss-protection
0, 1; mode=block, 1; mode=block
x-ratelimit-limit
100
origin-agent-cluster
?1
cf-apo-via
origin,host
server
cloudflare
148024786
www.clarity.ms/tag/uet/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/148024786
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/148024786.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1717e49d417467067f69f80a4e964cf51db0cb10c36949b57e16421be8f41b46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
1027
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
application/x-javascript
x-azure-ref
20241202T045141Z-164dd7df59948dhwhC1YTOy4zc0000000ecg0000000034e7
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=148024786&Ver=2&mid=2d037053-ff1c-48c1-8c70-d61ea568b61a&bo=1&sid=1f101280b06911ef86d9d538839508d2&vid=1f103270b06911efa2a5f56d5ba404a3&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=90%2B%20Website%20Widgets%20%E2%80%94%20To%20Grow%20Your%20Business%20%E2%80%94%20Elfsight%20Apps&p=https%3A%2F%2Felfsight.com%2F&r=&lt=923&evt=pageLoad&sv=1&cdb=AQAQ&rn=725191
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 74E958DDBFBB49D3B76F414545F9B45F Ref B: YTO01EDGE0809 Ref C: 2024-12-02T04:51:41Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 02 Dec 2024 04:51:40 GMT
814039854171598
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/814039854171598?v=2.9.176&r=stable&domain=elfsight.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
da1b69a9b29d0f1eaa6a8e8d1f51732784ac67660283cb1ccdd645da18e95d8e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-Bbgks8jn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-Bbgks8jn' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=70, mss=1232, tbw=71552, tp=67, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
AxWWUsNlZwiY6BiAK0u9cKcn9ygjKftbRxbvj8C1wh5yUHbicbO7mWRBAhnwF/EsBqS6gKCr+u9lhBgtWZOnog==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
15030
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=814039854171598&ev=PageView&dl=https%3A%2F%2Felfsight.com%2F&rl=&if=false&ts=1733115101220&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733115101213.6866478274042745&cs_est=true&ler=empty&cdl=API_unavailable&it=1733115101133&coo=false&rqm=GET
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4463, tp=10, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=814039854171598&ev=PageView&dl=https%3A%2F%2Felfsight.com%2F&rl=&if=false&ts=1733115101220&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1733115101213.6866478274042745&cs_est=true&ler=empty&cdl=API_unavailable&it=1733115101133&coo=false&rqm=FGET
Requested by
Host: elfsight.com
URL: https://elfsight.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443672679326657461"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Efk0rOvKNRJIUrnGGYcBAb1vS2VZ5cEVto6qbai2WV3U01ReFrApYn82fjRy6ZzLo8CYLXkr1U1h8mCnRoCqRQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443672679326657461", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4783, tp=12, tpl=0, uplat=45, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
clarity.js
www.clarity.ms/s/0.7.56/ 		66 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.56/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/148024786
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-azure-ref
20241202T045141Z-164dd7df59948dhwhC1YTOy4zc0000000ecg0000000034ef
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD0EDC462F0477"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
b932d0db-c01e-0014-0c4e-4166b4000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 27 Nov 2024 12:08:58 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&RedC=c.clarity.ms&MXFR=1419455FD4D26E1739DE5016D0D26077
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&MUID=16D363C16B706CF6042576886A5A6D2A
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&MUID=16D363C16B706CF6042576886A5A6D2A
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"8d3dafd6e71fdb1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Mon, 02 Dec 2024 04:51:40 GMT
content-type
image/gif
last-modified
Wed, 16 Oct 2024 16:24:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=892B5515F6944B30BD1239DBA7220A6A&MUID=16D363C16B706CF6042576886A5A6D2A
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68A40F8012BD4E1FA8F36AAD1280ADBD Ref B: YTO01EDGE0808 Ref C: 2024-12-02T04:51:41Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Mon, 02 Dec 2024 04:51:40 GMT
x-powered-by
ASP.NET
rum
elfsight.com/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://elfsight.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8eb8b40859a1aaca-YYZ
access-control-allow-origin
https://elfsight.com
date
Mon, 02 Dec 2024 04:51:41 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
elfsight.com/ 		32 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://elfsight.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.68.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0909944b75d8c0aef33206be0f8e3ea9f6ea43d5f55d7a54fe3554d0d4722eb
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://elfsight.com/

Response headers

x-elfsight-ab-group
A
content-encoding
br
cf-cache-status
HIT
etag
W/"5776d1ec-80dc"
age
5597
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 04:51:41 GMT
content-type
image/x-icon
last-modified
Fri, 01 Jul 2016 20:26:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
max-age=14400
cf-ray
8eb8b40869a7aaca-YYZ
x-xss-protection
1; mode=block
server
cloudflare
x-elfsight-ab-status
not-eligible
collect
r.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://elfsight.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://elfsight.com
Date
Mon, 02 Dec 2024 04:51:41 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
r.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://elfsight.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://elfsight.com
Date
Mon, 02 Dec 2024 04:51:41 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
r.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://elfsight.com/

Response headers

Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
Access-Control-Allow-Origin
https://elfsight.com
Date
Mon, 02 Dec 2024 04:51:43 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

30 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 function| fbq function| _fbq object| uetq function| gtag object| dataLayer function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| lazyLoadOptions object| google_tag_manager object| google_tag_data function| UET function| UET_init function| UET_push object| ueto_c31c02f815 function| LazyLoad function| iFrameResize function| TextFx function| onYouTubeIframeAPIReady object| gaGlobal object| images boolean| is_image object| iframes object| rocket_lazy object| __cfBeacon object| popup function| clarity object| clarityuetq

25 Cookies

Domain/Path Name / Value
service-reviews-ultimate.elfsight.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlZYbVBxR3hwdUVrS1RjWEJCQ1hpZlE9PSIsInZhbHVlIjoiVjZHWFdFWGxxSmpUbkRSbVNSQ043VEprM3JqQjQ2d3dlVXFOeUZINEtvR2lIL1F1VS9GeXhRN3VwWWtwdDdSQUR4Z2tDOWFSTHdHM1FFSUJ5cDEwYXpMQSs5MGpxTVZ1ZkJhQ2w4Sm1WTHFUY0NDN3BTSVJ6c2FIVVQxdHU4U2kiLCJtYWMiOiJlNzVkYWNhODBkNWM1NzcwZTlhYWJlMDI0OTk1OWZjZGM1ODY4NDhiMTg4ZDkzNDMxYThkOWQ1ZDVlNTM3Zjc0In0%3D
service-reviews-ultimate.elfsight.com/ Name: reviews_service_session
Value: eyJpdiI6InJXaDFvWS8wZzVVNEFXM1BTZjNiM0E9PSIsInZhbHVlIjoibU94SzFENzVwSUprWDJkZWlNOFZJRmZMRHpOTS9BNG1SUi95Y1BYcm9lYytrT1A2YzBYbWhYNUszc2J4NFZlaDBVZmZLWUhCNHVOSTlVSUR5aXNvdDBvMHdnZTNEbjIrVFdyQUozbVNOSWVTWThPRTk1TnA5TjRPZk9ZVmNlWDgiLCJtYWMiOiIzMDU4NDkwYjViNWU5Y2VhYzllMGNkZGMxYTY3ZjllYzE0NTNmMTVhY2YxMzQzMThjMzZiZjQ0ZmZmZGU5ODI3In0%3D
.elfsight.com/ Name: elfsight_ab_group
Value: A
.elfsight.com/ Name: _ga_9MMWDSS0L5
Value: GS1.1.1733115101.1.0.1733115101.60.0.0
.elfsight.com/ Name: _ga
Value: GA1.1.698944160.1733115101
.elfsight.com/ Name: elfsight_sign_up_landing_page
Value: https://elfsight.com/
.elfsight.com/ Name: elfsight_tracked_clicks_active_session
Value: true
.elfsight.com/ Name: elfsight_tracked_clicks
Value: {%22clicks%22:[[null%2C%22https://elfsight.com/%22%2C%222024-12-02T04:51:41.076Z%22]]}
.elfsight.com/ Name: language
Value: en_US
.elfsight.com/ Name: _uetsid
Value: 1f101280b06911ef86d9d538839508d2
.elfsight.com/ Name: _uetvid
Value: 1f103270b06911efa2a5f56d5ba404a3
.bing.com/ Name: MUID
Value: 16D363C16B706CF6042576886A5A6D2A
.bat.bing.com/ Name: MR
Value: 0
.elfsight.com/ Name: _fbp
Value: fb.1.1733115101213.6866478274042745
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.clarity.ms/ Name: CLID
Value: 57682080a20a40b59d0f272ecc7ae465.20241202.20251202
dash.elfsight.com/ Name: STICKYCOOKIE
Value: 1733115102.281.5660.337846|180415f4afe0e3e9714c2b0020c8df94
.elfsight.com/ Name: _clck
Value: evm2io%7C2%7Cfrd%7C0%7C1797
.elfsight.com/ Name: _clsk
Value: 16qkf8o%7C1733115101711%7C1%7C1%7Cr.clarity.ms%2Fcollect
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 16D363C16B706CF6042576886A5A6D2A
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 16D363C16B706CF6042576886A5A6D2A
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
dash.elfsight.com
elfsight.com
r.clarity.ms
service-reviews-ultimate.elfsight.com
static.cloudflareinsights.com
stats.g.doubleclick.net
td.doubleclick.net
www.clarity.ms
www.facebook.com
www.google.ca
www.googleoptimize.com
www.googletagmanager.com
104.16.80.73
104.22.68.95
13.107.21.237
13.107.246.40
142.250.176.195
142.250.81.238
142.251.179.154
142.251.40.136
142.251.40.162
150.171.27.10
20.110.205.119
20.119.174.243
216.239.34.181
31.13.71.36
31.13.71.7
122a2f1d7a83d2f85cac610c9a7ef793341d384094d0dc66f16b4fe264f0aa3a
1717e49d417467067f69f80a4e964cf51db0cb10c36949b57e16421be8f41b46
482ac49444b6541867225341cb1e6d1691d2e8ab2fdb918f79c30a4ce5715850
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5caa0c2969f40cb748896a68a4145f2442fe607424db255f3b5913bf2c936f60
5e9925454ce9b512b42cf240b43d504b7425e8b28e0afb3347dab69359f9f096
74ea945060ae6b00def6ee19cbcb480529180250d5d255f6aea6e7c26635731c
75b6afd1ba0e1c87f4a3b8011dd9a5f367f8edc24c5f31105f9175ca6f7689c3
82f7cf7f6924e19b40db75945053e68f96e4ffb292a344bc7d25da1f48058d51
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bab32e1980aeb1f4c5d669f4cd0ba876c67019b5f6648a8876e4077a7716de10
c0909944b75d8c0aef33206be0f8e3ea9f6ea43d5f55d7a54fe3554d0d4722eb
ccd753cfb77a02daa46a97cde777aab865aeafff924bc96ab606ec3221f3f305
d80d3e85dd08a65147ce5eda040043599921658369440d4f717b4f5907ae4693
da1b69a9b29d0f1eaa6a8e8d1f51732784ac67660283cb1ccdd645da18e95d8e
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de0c0f136e4624ee4576b55498ce7a649d9267bf20ad4867a2711059b4d602c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc5d958c894490798402cbe7220fe03794303364c9b0227a23afea265ee7c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ee9b85e74d944b1f61320c5fb63f220caed72a0ba70add1c6987a873c9aee9
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a