www.elfagr.com Open in urlscan Pro
2606:4700:3035::681b:a6f2 Public Scan

URL:
https://www.elfagr.com/
Submission: On November 05 via api (November 5th 2020, 8:11:29 am UTC) from IL

Summary HTTP 85 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 17 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3035::681b:a6f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.elfagr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time www.elfagr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3035::681b:a6f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	104.75.88.112 104.75.88.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
1	13.226.132.94 13.226.132.94	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:303... 2606:4700:3037::681c:949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4009:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.132.83 13.226.132.83	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3033::6818:64a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.75.89.172 104.75.89.172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:ca00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	52.73.235.201 52.73.235.201	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
85	22

29 2606:4700:3035::681b:a6f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.elfagr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.94 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-94.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::681c:949 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cr.synceg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4009:801::2002 (London, United Kingdom)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-83.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6818:64a1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sfegypt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.172 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-89-172.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:ca00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.235.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-235-201.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	elfagr.com www.elfagr.com	545 KB
16	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	118 KB
14	googlesyndication.com pagead2.googlesyndication.com 81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com tpc.googlesyndication.com	290 KB
4	synceg.net 2 redirects cr.synceg.net	866 B
4	addthis.com s7.addthis.com m.addthis.com	191 KB
3	googletagservices.com www.googletagservices.com	82 KB
3	google.de www.google.de adservice.google.de	1 KB
3	google.com 1 redirects www.google.com adservice.google.com	1 KB
2	googleadservices.com partner.googleadservices.com	704 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	addthisedge.com v1.addthisedge.com	776 B
1	chartbeat.com static.chartbeat.com	14 KB
1	moatads.com z.moatads.com	1 KB
1	sfegypt.com www.sfegypt.com	1 KB
85	17

	Domain	Requested by
29	www.elfagr.com	www.elfagr.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	www.elfagr.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.elfagr.com securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	cr.synceg.net	2 redirects www.elfagr.com
3	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	s7.addthis.com	www.elfagr.com s7.addthis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ssl.google-analytics.com	1 redirects www.elfagr.com
2	cdn.jsdelivr.net	www.elfagr.com
1	ping.chartbeat.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	static.chartbeat.com	www.elfagr.com
1	81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	z.moatads.com	s7.addthis.com
1	www.sfegypt.com	www.elfagr.com
1	certify.alexametrics.com	www.elfagr.com
1	www.google.de	www.elfagr.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	certify-js.alexametrics.com	www.elfagr.com
85	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.synceg.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.elfagr.com/
Frame ID: 65A0A96C287010FD166006F4115B51E6
Requests: 56 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: 1713A86E4C72053F7ED321857AB417AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: 5C765B117DBBEFFA3208DDA52A476789
Requests: 1 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: A47342E856695A2CFA596E0C222CA814
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1604563703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604563872191&bpp=14&bdt=312&idt=327&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6261066043995&frm=20&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=347
Frame ID: 717661AF452D302599A4E79C232BA461
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1604563703&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1604563872205&bpp=4&bdt=325&idt=346&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=r9SprOhYb3&p=https%3A//www.elfagr.com&dtd=352
Frame ID: 97C9C6508673B722026EB6DFBCCB4FAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=873&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xA7LcbqKG5&p=https%3A//www.elfagr.com&dtd=27
Frame ID: B6DD4D8F40B71DFB6B898EC0A1F9E09C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=H1yfBlxUQA&p=https%3A//www.elfagr.com&dtd=33
Frame ID: C77A5183530C58FDAD081D14F28D376E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=uCFfjerBEx&p=https%3A//www.elfagr.com&dtd=39
Frame ID: A6E765B246E096E0498FC3C23EB91D96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Oonp5YT3lD&p=https%3A//www.elfagr.com&dtd=45
Frame ID: C8927D2CE5670537619CF39CA8364465
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=l2V4uHQSGj&p=https%3A//www.elfagr.com&dtd=50
Frame ID: 381555A357B6CFD44D10EE7194DB9D0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=5&bdt=873&idt=5&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=5QLOQvPCpz&p=https%3A//www.elfagr.com&dtd=56
Frame ID: 8855514A1FE15227192D664F69510DD5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyvWv3m4AxIRCJwPa56p3Mjlncv_a0LioEa5BQEfLPsld5qa4R9EVWIGIOoqW-RsA7POmT1KjD-r0Z6O_TU0y5JkZscaZqf5110JaGOVObqo75lt_VvfzDz6UsVcdxN9rjCsjXDdZSPYUNyM9KMnUgi7ownQ4NxA6QLhXbCFOKFbvIHz8IW8kMlc3BgTBoUkJnhi-CGQs6dZi2Uvj3l0gBUN-wbW2KfP9LixA2mRBLKwQ9-scLkRM49ZKBiFyzYxA2&sig=Cg0ArKJSzF4DIE7iDpyyEAE&urlfix=1&adurl=
Frame ID: C7EB6E9BE8A0E1F6914020956B41404E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604563872990&bpp=2&bdt=145&idt=105&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D96cb2d56a9ac9ce1-224ca90719b900c3%3AT%3D1604563872%3ART%3D1604563872%3AS%3DALNI_MY7-clT_utv-tp2cFKvNuagNOqNNg&correlator=6261066043995&frm=23&ife=4&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=1647401638&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=42530672%2C182984000%2C182984200%2C21068084%2C21068434%2C44730557&oid=3&pvsid=4419287789562007&pem=670&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oxp4aiqxjli&fsb=1&dtd=111
Frame ID: 4E02CEBCA3A9CBD77C163D0EA05D447D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 51349AE536AF90D97CAA053330B0B13D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AAE73EBE00DFD65F77792AD14A9502AE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: EA3BC78CB4B7FF4AAAE529FC3646DE3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 95F7438485119D1E21D3CE5167758109
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

85
Requests

99 %
HTTPS

70 %
IPv6

17
Domains

25
Subdomains

22
IPs

6
Countries

1278 kB
Transfer

3463 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ElfagrNewsOfficiall/

Search URL Search Domain Scan URL

URL: https://twitter.com/ElfagrNews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8cY0vwqMMa8rYKczO0v8cQ

Search URL Search Domain Scan URL

URL: http://www.synceg.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

Request Chain 28

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1215024051&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&utmhid=54832030&utmr=-&utmp=%2F&utmht=1604563872178&utmac=UA-24442537-1&utmcc=__utma%3D95024968.476495374.1604563872.1604563872.1604563872.1%3B%2B__utmz%3D95024968.1604563872.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=314087939&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051&slf_rd=1&random=3857788358

Request Chain 35

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.elfagr.com/ 103 KB
19 KB 115ms
92ms Document
text/html 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 68a4ac472c4700cc76d4cd27c384d1c5d598ac94ec43cd0b45fcc94d4589ee7c

Request headers

:method: GET
:authority: www.elfagr.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 05 Nov 2020 08:11:11 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d830dacfc8d8b53740a623f2bac34af081604563871; expires=Sat, 05-Dec-20 08:11:11 GMT; path=/; domain=.elfagr.com; HttpOnly; SameSite=Lax
cache-control: public, max-age=133
expires: Thu, 05 Nov 2020 08:13:23 GMT
last-modified: Thu, 05 Nov 2020 08:08:23 GMT
vary: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06390ec02c0000d70540892000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HaitnHR25sPmYU34GWZFPhy%2Fw5eHCDiIwfcDVDiajcS%2BnzZaBl2uHc0uaQQzjcaUDxnBs0um%2Bmm2JzFeMR8kFqYgh%2BohB%2BZNoW0Ljd%2FeBFyBLx6fxbG%2BnaN%2F2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ed51a46ab59d705-FRA
content-encoding: br

GET
H2 200 bootstrap.css
www.elfagr.com/themes/new/css/ 362 KB
49 KB 29ms
28ms Stylesheet
text/css 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 96701
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec08c0000d70531074000000001
last-modified: Sun, 20 Oct 2019 14:31:38 GMT
server: cloudflare
etag: W/"0c1e6145387d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VNPbVS4vV33aedc0G138wDVJi%2F4%2BE8SEgkx%2FOmrIdcHCnROFeMzn4qazneRF2kgQnWTaYXAKgCH2T7uWg7sXbFuxAOmgQMpBuKUiJzauTJ5J%2BMdKLC7W4aFkMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=374740
cf-ray: 5ed51a474ca3d705-FRA
cf-bgj: minify

GET
H2 200 app-min.js Show response
www.elfagr.com/themes/new/js/ 286 KB
79 KB 42ms
41ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/js/app-min.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283087
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec0940000d705e9b43000000001
last-modified: Sat, 19 Oct 2019 16:38:06 GMT
server: cloudflare
etag: W/"0eb49959b86d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S5MMdCnWFd9Sord3A7HUIJWo0%2BwziYHtB70vw6SK4TmVgF7Oq48bATN%2FSkvi4pSpLv3kpk2JLAzPv2958xyq6%2FpOdoO%2B1rkI7MaDRhzwIl5WZ24sZVwVdrl%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-ray: 5ed51a474ca7d705-FRA

GET
H2 200 fb.js Show response
www.elfagr.com/fb/ 14 KB
5 KB 25ms
20ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283088
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1020000d7054a1cd000000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"0433147ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AtJW8nw%2BwkQ1978GIp5h1yv1uCYQkEaqJzunyamswNmE%2BXL%2F488vX1%2FRhZJoMJ2cnDW0Reof4Jg%2Fz%2Ftch7RsJTXJHTd8UQ1yJdbiBy%2F3NCVMOlD5gFmjr8QDSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=14319
cf-ray: 5ed51a480e35d705-FRA
cf-bgj: minify

GET
H2 200 common.js Show response
www.elfagr.com/scripts/ 1 KB
900 B 26ms
21ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/common.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283088
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1030000d705f80de000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1uHXvk%2B3sS8PRX8UXeReSi9KdHkaSdQJJbUfIHiJYmAtnW85skBqegTj5pGL4WmyUWmplB9QuoByvCi8Lkq%2BfWNqiyaVEyyMj7RH%2BlitYRNGM1hDB0JdUvRDtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=1609
cf-ray: 5ed51a480e36d705-FRA
cf-bgj: minify

GET
H2 200 swfo.js Show response
www.elfagr.com/scripts/ 7 KB
2 KB 24ms
19ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/swfo.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12343
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1030000d7054f922000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XA%2FiNp%2FGJUvxw6XhNz9AUSotMp%2FGB3D6SBgJ3VYOaoPhvFuxd%2FDrsaY7Z7KOJH%2FnxJljQHEsRSbHiZszIp2s5j4tFS8CLUBnWQ7RX3brGxfx4XhvbvokU2qvNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=7976
cf-ray: 5ed51a480e38d705-FRA
cf-bgj: minify

GET
H2 200 fb.css
www.elfagr.com/fb/ 5 KB
1 KB 25ms
24ms Stylesheet
text/css 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94912
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec08d0000d7055eaa7000000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"0433147ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BYYtPKaYEzMUHf%2FHBbS28cQV18K%2Fdl8hv6GTZRERifeKWFk0yvDYjA1X5Lf0YOlFPIdMJsOdBNnD%2BBiy6ElEUAYjvRd78HHUKbvQ0uv1u1mps%2B378QTwbSsAeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=6419
cf-ray: 5ed51a474ca6d705-FRA
cf-bgj: minify

GET
H2 200 / Show response
www.elfagr.com/ 103 KB
19 KB 87ms
87ms Script
text/html 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 763467b278f869938360731efab2b575627fd2c722c980cf430936240959e302

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec08d0000d705fcaa4000000001
last-modified: Thu, 05 Nov 2020 08:08:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KSezKS8ZRr92lNTTiOi278ZwQM0dv6nH%2FTwiZrj6CZhC1ARy6zvY8u18MBN4a%2BiNIRT0KMdHpAnNuA%2FnqFfI3GDKAgwgG7PBhBmxyF0FwlkWqk3LXUWcEEDSHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public, max-age=133
cf-ray: 5ed51a474ca5d705-FRA
expires: Thu, 05 Nov 2020 08:13:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
46 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46518
x-xss-protection: 0
server: cafe
etag: 9272287904180736456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H2 200 jq.lz.js Show response
www.elfagr.com/scripts/ 2 KB
984 B 20ms
16ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/jq.lz.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 720388
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1030000d7053a3d5000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LUkChzjw%2BFd5zZLQTlue1L%2FM8Txj2X%2Fz0fFTha3OzCu5%2FtAPnskaTqLLk0DFyGFCTf%2Bfp887Ch8VXyZBXbeUsIVADkGnhtcj3QXub2m8bA%2FIwoax2nHR%2B6DxRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=2820
cf-ray: 5ed51a480e39d705-FRA
cf-bgj: minify

GET
H2 200 elfagr-logo10.gif
www.elfagr.com/themes/fagr/png/ 10 KB
10 KB 21ms
17ms Image
image/gif 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/fagr/png/elfagr-logo10.gif
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: edee9d3caa9ec34e06c5d23dc15d7813ea0f333a9d56eb9353aa9b1ec259eb32

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 195417
x-powered-by: ASP.NET
status: 200
content-length: 10187
cf-request-id: 06390ec1030000d7053107d000000001
last-modified: Thu, 01 Feb 2018 22:23:33 GMT
server: cloudflare
etag: "80605d4bab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6rnStwp3fCBkZrV3qlGFi2KHCyPfI3e3HSo%2FkyHs5I0GF8Nbb9ozaehjmg78heABi8MLzpyYWyBFnu2qg%2BvMfELb2ztAt5axKniOj6iBSsy0aB5%2FFwbUEvgJkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a480e3ad705-FRA

GET
H2 200 477$7cview
www.elfagr.com/adview/ 0
397 B 77ms
73ms Image
text/plain 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/477$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Co4qddgRPwJ7xJo7mWQiDu06uOgwXJ5UrPFLpqAgHX%2BP48sAU6%2Frnxg1ZhLkukm9eAqRTSrgVeshqfTHZl00zy8LSlCQ5Nu0JFjZNZQGpDTddrvGya8HLz0l5g%3D%3D"}],"group":"cf-nel","max_age":604800}
status: 200
cf-ray: 5ed51a480e3dd705-FRA
content-length: 0
cf-request-id: 06390ec1040000d7050fb99000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
18 KB 54ms
51ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

0d75578a770278b0a97c3957f067a38946a62449ea03f41b474caa7d5377fa07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "684 / 383 of 1000 / last-modified: 1604531427"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18214
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H2 200 no.jpg
www.elfagr.com/images/ 17 KB
18 KB 17ms
14ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/images/no.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 38bc0825ad91b0c113ec5049c733c1cea55b37c18f64ae2e73c38d8bc6221718

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94912
x-powered-by: ASP.NET
status: 200
content-length: 17916
cf-request-id: 06390ec1040000d705fcaaf000000001
last-modified: Sat, 19 Oct 2019 17:16:59 GMT
server: cloudflare
etag: "8077dd3a186d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mfYylXH2BRUJ0GPo5xOju%2FyVhjyHGv0QzE15s6PDZ4IGz8tk7n5BorcAP6gBMScM15BCT99WuF4ZoW9r6UJfc90fv5%2BmShKsyobwZEi44oo%2FWPZgE%2BkCsA9lTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a480e3fd705-FRA

GET
H2 200 483$7cview
www.elfagr.com/adview/ 0
271 B 74ms
71ms Image
text/plain 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/483$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NeFBANTrKpicv%2BA2LqJm0PI%2BtJv0p%2BHzfA2tkT3MTfsbaaVMrr4Xpt5YmAl4gUNiT6t5t%2Bg5L0z9Xq71uP3PsRpvGC4mZBfQArfH0ecObWyH4GXbMM2q0tpMrw%3D%3D"}],"group":"cf-nel","max_age":604800}
status: 200
cf-ray: 5ed51a480e42d705-FRA
content-length: 0
cf-request-id: 06390ec1040000d7050034d000000001

GET
H2 200 main.css
www.elfagr.com/coronapoll/ 4 KB
1 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 88827
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec0c20000d70544846000000001
last-modified: Sun, 29 Mar 2020 14:55:36 GMT
server: cloudflare
etag: W/"0e4851ada5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zZatS7uml8hgzpt8XruJvBRp9aknS7ytEbJxWCJNKpWMMhWwIPT0JgDz4EgRKOIGAf9ycmJVDr7a9Sih5eJcduabMWeanp0RXSPoEWUhXBjIqj4EnzLr9pBpWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 5ed51a479d6cd705-FRA
cf-bgj: minify

GET
H2 200 2.js Show response
www.elfagr.com/coronapoll/ 128 KB
39 KB 26ms
25ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/2.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 282704
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec0d90000d70501aa4000000001
last-modified: Sun, 29 Mar 2020 14:55:34 GMT
server: cloudflare
etag: W/"0b75419da5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P8LFLlKqlUjDM6zv25JP3fLRFxWMqesGoftccj%2BNc3rfrl39z5tQD%2ByuBS%2FEjPGQQIw2FJvCDEacbEgE%2BxeeuNMTVM3rCaOdm4eiWrIQSj7zDnXAr4qUHsLOXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=131291
cf-ray: 5ed51a47cda8d705-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
www.elfagr.com/coronapoll/ 79 KB
18 KB 23ms
22ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 282704
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec0fb0000d705e4b81000000001
last-modified: Sun, 29 Mar 2020 14:55:35 GMT
server: cloudflare
etag: W/"804ded19da5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FZaqCTPdfT0DBow89Vdg%2BEDTzWEjt9vlL%2BITrngJw0COMhRtfUqnj59LAGh7i6%2FjQolktS2%2BlOBP420K2u2sXLUjXUDSO9Jf%2F1i1M5TlXm2%2Bh9PD%2BdrvfazFHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=80660
cf-ray: 5ed51a47fe20d705-FRA
cf-bgj: minify

GET
H2 200 sync.svg
www.elfagr.com/themes/new/images/ 4 KB
2 KB 25ms
22ms Image
image/svg+xml 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/sync.svg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 282704
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1040000d705248c9000000001
last-modified: Fri, 18 Oct 2019 00:46:46 GMT
server: cloudflare
etag: W/"05f8b844d85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VsrHYidaVMNO756hlzkcNcOWOWHmPFCiG3DIOId%2Bc8GwF0oQwhHGuxQXrWZ%2FzYTBubYAAMY6SpA0NH2%2FaQhLP5STv2carS01senqcFqnRNfMunEOovYCeAd1Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=864000
cf-ray: 5ed51a480e44d705-FRA

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 22 KB
6 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1551274
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 6313
etag: W/"567a-tAMo7gPY/QpmJ/daBEatlr7O9uA"
x-served-by: cache-fra19158-FRA, cache-hhn4032-HHN
date: Thu, 05 Nov 2020 08:11:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
2 KB 17ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8528966
x-cache: HIT, HIT
status: 200
content-length: 2145
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
x-served-by: cache-fra19172-FRA, cache-hhn4032-HHN
date: Thu, 05 Nov 2020 08:11:12 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancy_close.png
www.elfagr.com/fb/ 996 B
1 KB 24ms
21ms Image
image/webp 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/fb/fancy_close.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283087
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="fancy_close.webp"
content-length: 996
cf-request-id: 06390ec1050000d7054a906000000001
last-modified: Thu, 01 Feb 2018 22:23:27 GMT
server: cloudflare
etag: "80d9c947ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gb0RqGp%2BD1nTZw0G3urhPbRfEznaRWnCkrgakdGsHF4vpGKo9pgG4YKN955rUR2XhScV7LRI4yvFf1svvsA6PoNLUpnOwl69UMqZmYhPGEJx8OLmDXc%2FblqYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=864000
cf-polished: origFmt=png, origSize=1517
accept-ranges: bytes
cf-ray: 5ed51a480e47d705-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 main.js Show response
www.elfagr.com/scripts/ 4 KB
2 KB 19ms
16ms Script
application/javascript 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/main.js?r=11
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283088
x-powered-by: ASP.NET
status: 200
cf-request-id: 06390ec1050000d70501aa8000000001
last-modified: Fri, 06 Mar 2020 13:29:41 GMT
server: cloudflare
etag: W/"8010674abbf3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1uUXw4gqNY5BA97N1N8JV3PlV6FEkruvw6lwF1xmbS%2ByBRgpQbFNbvQP75l5IDFWbCN8Yrw8MIR%2BHCt30TA0fP9vpI%2BDpZ7KUZf%2FqOgXYJxvTxTe8zfxsvCFKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=5655
cf-ray: 5ed51a480e49d705-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 101ms
36ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Thu, 05 Nov 2020 08:11:12 GMT
x-host: s7.addthis.com
content-length: 116325
x-akamai-path-stats: [2:144280:3720:-],[3:141270:4294820026:-],[3:145148:4294827148:-],[3:141687:4294821609:-],[2:143939:4294826357:-]

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6108
date: Thu, 05 Nov 2020 06:29:24 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 05 Nov 2020 08:29:24 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 107ms
34ms Script
text/javascript 13.226.132.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.94 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3224185
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: VCcP4JU4HqBXbQer4Ymf3VPirww9RCe6vId8YMzDCQAE15cVG6PHqg==

GET
H2 200 fontawesome-webfont.woff2
www.elfagr.com/themes/new/fonts/ 75 KB
76 KB 98ms
97ms Font
application/font-woff2 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.elfagr.com
Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 77160
cf-request-id: 06390ec1050000d70518065000000001
last-modified: Thu, 17 Oct 2019 21:19:31 GMT
server: cloudflare
etag: "80f3b4903085d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8kmoBDsgEVWiRi0t7aakTrDl%2BA2MZmXKuR2exp4IJ3xxFj%2BY1iWPAf5emck732%2BLZAUdrCxp7%2Fs2fjeVdRenAoNUK%2BzDVlnl8KI2Eo%2BnG4E13c6OhVplz392AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a480e4bd705-FRA

GET
H2

200

/
cr.synceg.net/corona/ Frame 1713
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

47ms
47ms

Document
text/html

2606:4700:3037::681c:949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Thu, 05 Nov 2020 08:11:12 GMT
content-type: text/html
set-cookie: __cfduid=df88fc0a86563db26d8fdfadacbc8228c1604563872; expires=Sat, 05-Dec-20 08:11:12 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 05 Nov 2020 09:11:00 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06390ec17a000005d85a032000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=657XYjSo2fQkOGNwLpdz1nJqGhZu004vCu%2FCOk1JNgklh28Z3BIj1sgTEy1uS0wWkNYMVDg4k1BrdQ%2Be6hgyooMYrJGQP8Qv911i87QYeiOrnHEWIzN%2BhQbT"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ed51a48cc5305d8-FRA
content-encoding: br

Redirect headers

status: 301
date: Thu, 05 Nov 2020 08:11:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df88fc0a86563db26d8fdfadacbc8228c1604563872; expires=Sat, 05-Dec-20 08:11:12 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06390ec143000005d863a9c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nxsk2CnY08TnauFoH1YBUn5wJR8plNbb9UEd%2BQ00q3WPrUNSdzbg60Ag24YIkGm6tAg0OEzvXdRuzsU9xb25ce4G9krlroYU46HulpxqgNc4bwOoXmNUUZiX"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ed51a486b6f05d8-FRA

GET
H2 200 blank.png
www.elfagr.com/themes/new/images/ 9 KB
10 KB 15ms
14ms Image
image/png 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/blank.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0ad46922b053dc3e5d02cfe04b122cee77d46e633a6d046df619dc03923d4ee

Request headers

Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 387154
x-powered-by: ASP.NET
status: 200
content-length: 9664
cf-request-id: 06390ec1690000d705e4178000000001
last-modified: Fri, 18 Oct 2019 11:49:51 GMT
server: cloudflare
etag: "80994026aa85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DnWCTyOX25pxXh4mTuKc2MtNjigFd1T%2B2MOhmWxM%2BZIBb5mPIAlkoXqHWrAevF%2BU74c%2FQE%2F7J%2BCkbF98HI7LlVKxINg0Z%2BuUbc1T2fralKg4LSW9YvYRhwYmmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a48af70d705-FRA

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1215024051&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051&slf_rd=1&random=3857788358

42 B
106 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051&slf_rd=1&random=3857788358

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 08:11:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Nov 2020 08:11:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=476495374.1604563872&jid=314087939&_v=5.7.2&z=1215024051&slf_rd=1&random=3857788358
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ 230 KB
87 KB 76ms
52ms Script
text/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88237
x-xss-protection: 0
server: cafe
etag: 8916267561321754551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 5C76 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201029/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Nov 2020 02:23:42 GMT
expires: Thu, 19 Nov 2020 02:23:42 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 20850
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020110301.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 144ms
69ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068436

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

sffe /

Resource Hash

a1fd8f0219afdf6523ec555ee655319f7d936736e4ebd816a14a08c6939ed488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 09:55:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99111
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 110ms
34ms Image
image/gif 13.226.132.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&time=1604563872305&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.elfagr.com%2F&random_number=15402177035&sess_cookie=33ca421b1759775aa300ddfee26&sess_cookie_flag=1&user_cookie=33ca421b1759775aa300ddfee26&user_cookie_flag=1&dynamic=true&domain=elfagr.com&account=lKe+p1Fx9f207i&jsv=20130128&user_lang=en-US
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-83.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 04 Nov 2020 22:53:24 GMT
Via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 33469
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: vQH5BUKCk5N1nM7cPNCHNM8JLHetEPSTdcylDfWe8BbErXrZvpJa_Q==

GET
H2 200 ext.aspx Show response
www.sfegypt.com/ 1 KB
1 KB 111ms
60ms Script
text/html 2606:4700:3033::6818:64a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sfegypt.com/ext.aspx?z=82844991
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/scripts/main.js?r=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:64a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88UdUQOd22G%2F81Y%2BEOdl2ZTmbdJvK%2FkqgIMtOH7%2BCnIW1SO%2BMvpftXRFFYKYiDsFQcUM2uDrD%2B1jSux30Zc6DSX%2F%2Bfn7pSP7pmND8Pa47TbR5W%2B95UmaE9Z2OMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5ed51a4a4a9a1f21-FRA
cf-request-id: 06390ec26900001f21ec062000000001

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 97ms
31ms Script
application/x-javascript 104.75.89.172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.172 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-89-172.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=39922
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H2

200

/
cr.synceg.net/corona/ Frame A473
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

102ms
102ms

Document
text/html

2606:4700:3037::681c:949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:949 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Thu, 05 Nov 2020 08:11:12 GMT
content-type: text/html
set-cookie: __cfduid=df88fc0a86563db26d8fdfadacbc8228c1604563872; expires=Sat, 05-Dec-20 08:11:12 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 05 Nov 2020 09:11:00 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06390ec30b000005d81b260000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=69oohPeEtO1cRIvfiSs15NDMz4N8MddCL9lmgn4%2FyUp80mhJhsIDGhA6xwPlrg3Vc87OQA5Xa6CMfHyHs8%2FHBKf0C%2BD9JK6k%2FMrCnJrPqvFxEP9P%2FqeFtVJX"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ed51a4b4ac805d8-FRA
content-encoding: br

Redirect headers

status: 301
date: Thu, 05 Nov 2020 08:11:12 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df88fc0a86563db26d8fdfadacbc8228c1604563872; expires=Sat, 05-Dec-20 08:11:12 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06390ec2a3000005d8549ba000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P87rk4KVLmBRovg3dcuZeT2NPoQqTOahLBVD8GAyIXlUTGISj%2BdjHEfcm4Q0TP5LlbDC7uniMCUI9aqW2acu8dS7A2zphLHRF6%2F9agXDPT5efYZALlV7UZPQ"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5ed51a4a990005d8-FRA

GET
H2 200 358.jpg
www.elfagr.com/upload/photo/news/407/1/600x338o/ 42 KB
42 KB 92ms
92ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/1/600x338o/358.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: edfb162dc5c4d166aa3e958648d6ab4a886d1f778f15ecc558503ccb8534e3d6

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 43036
cf-request-id: 06390ec2e60000d705120c5000000001
last-modified: Thu, 05 Nov 2020 07:51:21 GMT
server: cloudflare
etag: "d0457f7348b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n5cBuUkmvukrEERcn2Xy73iLi5ytii0xKXCZWTKl4b3I%2Fjta3ZoSD05EpFXerMUcZGuHA4Vx8sQtD6%2BkGE6splhTwk6nO9KXYOVCjB4baR%2Fl65vKsw%2BnHaKAHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a4b0c39d705-FRA

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
489 B 78ms
78ms XHR
text/html 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=849&hid=0&_=1604563871945
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PxsggPhKbM1HLKRTeHhSgHZn%2BscpnWbhsT2dGsFqiZTm2IBKLKvZmFSCNE0g%2FI1VxzGzAdDqc5j0ls5vU4SuBDW0cyMvVgLVDjAN4DqSIgJ9OHuCkWdnQqtsuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5ed51a4b2c6ed705-FRA
cf-request-id: 06390ec2f60000d7050cbd0000000001

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
399 B 70ms
70ms XHR
text/html 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=849&hid=0&_=1604563871946
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OHfaVsubIrMymiMquyAdDWBrLwvY2e0Uz%2F97xsv8U6RlSDbMa63ZNZ2%2FO%2FJeQtcTHhRtiY4oWXEFer0%2BLK0eFblJXPSXi%2FGOXmkk3uY2wWnvtCK1Foe%2FlK41PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5ed51a4b2c71d705-FRA
cf-request-id: 06390ec2f60000d705248f0000000001

GET
H2 200 359.jpg
www.elfagr.com/upload/photo/news/407/1/400x225o/ 30 KB
30 KB 87ms
86ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/1/400x225o/359.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d5fb1357292640d3aea3bd10e3940d3c12165435660b887aa37855bd7138e4b6

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 30414
cf-request-id: 06390ec2f90000d7053a3fa000000001
last-modified: Thu, 05 Nov 2020 07:50:41 GMT
server: cloudflare
etag: "d156165c48b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xXDIy7Plq%2Bq%2BJDNSuoXlM8mK8IR%2F0AYtyibKHffh%2FxrAY7a2aaYpLrgX09wk%2FgsfNoVgtIlCDeusAKzrH8tilZNKIswMr4%2FI9LPQ0XsURVGx7UtuSfzvv3vy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a4b2c7ed705-FRA

GET
H2 200 344.jpg
www.elfagr.com/upload/photo/news/407/1/400x225o/ 21 KB
21 KB 93ms
92ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/1/400x225o/344.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1201a715464507d9c9cb8c351d330ff10a20a87f745b8462f732bb7cc9e569a8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 21372
cf-request-id: 06390ec2fa0000d7051b35d000000001
last-modified: Thu, 05 Nov 2020 07:19:00 GMT
server: cloudflare
etag: "2f109bee43b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KEtPloXUMj1xfHTBRDh7tffddeayvlNSY02T1IWexlh5tc4X25bIjEdekHDHb4WEMRR2GkgYbXmVZLwHRn6iLn6TaeakEZ1yLiy1UKsx8Npp2DabxX6N3%2FWt3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a4b2c7fd705-FRA

GET
H2 200 336.jpg
www.elfagr.com/upload/photo/news/407/1/400x225o/ 43 KB
43 KB 94ms
94ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/1/400x225o/336.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d167740614649790d47fb5a155964371ea2811185fcba2397893e470bdfbf61d

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 43792
cf-request-id: 06390ec2fa0000d7054f94a000000001
last-modified: Thu, 05 Nov 2020 06:51:27 GMT
server: cloudflare
etag: "c744ac1540b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U%2FvTpLuXJZgdh%2BJngKMYKVhJtrFlFnuAUwxZN6jq9MqhGFa50G7ca1HrjOPbLXQLz%2FCyRtjTZQ5VU1COaCVMHwQUbRebTZB%2FllZDAcDrSxF6U6w6ga6b4SJOdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a4b2c82d705-FRA

GET
H2 200 74.jpg
www.elfagr.com/upload/photo/writers/0/0/70x70o/ 3 KB
3 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/writers/0/0/70x70o/74.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8621be60f7693c4bbf7e854455331dbc3160ace29a32e9db250f1e9906470123

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 252809
x-powered-by: ASP.NET
status: 200
content-length: 3147
cf-request-id: 06390ec2fa0000d7052323c000000001
last-modified: Sat, 06 Jun 2020 07:00:02 GMT
server: cloudflare
etag: "12f1ee19d03bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FdbbVsXVHUOvMOej6I9ldmouHBFzRkhdOMjkGsGFMbzQJGqmQwEZCB7F%2Fq2UMRhvfSLpA6mqSWWn1caM7n2Xz69hOB8lTDPJtIPzUQi5%2BExrWatbi0oMSUEZvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a4b2c84d705-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
257 B 58ms
58ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elfagr.com&callback=_gfp_s_&client=ca-pub-1731129488393495

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d9c9ae9b701a02c8956f1dbe7814daa8c02c9a54c8490e44f1be11c27a0f409d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7176 0
0 66ms
65ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1604563703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604563872191&bpp=14&bdt=312&idt=327&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6261066043995&frm=20&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=347

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1604563703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1604563872191&bpp=14&bdt=312&idt=327&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6261066043995&frm=20&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=347
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 1182
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Nov-2020 08:26:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604493480950496"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 97C9 0
0 166ms
165ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1604563703&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1604563872205&bpp=4&bdt=325&idt=346&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=r9SprOhYb3&p=https%3A//www.elfagr.com&dtd=352

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1604563703&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1604563872205&bpp=4&bdt=325&idt=346&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=r9SprOhYb3&p=https%3A//www.elfagr.com&dtd=352
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 05-Nov-2020 08:26:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 177ms
177ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3366420072318016&correlator=2877032180216574&output=ldjh&impl=fif&eid=21068436&vrg=2020110301&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201105&iu_parts=15918106%2Celfagr%2Cheader&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C336x280%7C300x250&eri=4&cookie_enabled=1&cdm=www.elfagr.com&bc=31&abxe=1&dt=1604563872620&dlt=1604563871879&idt=699&frm=20&biw=1600&bih=1200&oid=3&adxs=240&adys=89&adks=194120428&ucis=1&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.elfagr.com&loc=https%3A%2F%2Fwww.elfagr.com%2F&dssz=41&icsg=565217677979404&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x112&msz=728x90&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=true&fws=4&ohw=728&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068436

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

44cf794e5051ab284037943db2d956f4d4197a69a3483e9048359a1d42d2fa92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2312
x-xss-protection: 0
google-lineitem-id: 5164664816
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286671658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elfagr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 48ms
16ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame B6DD 0
0 76ms
76ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=873&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xA7LcbqKG5&p=https%3A//www.elfagr.com&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=873&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xA7LcbqKG5&p=https%3A//www.elfagr.com&dtd=27
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUlgG5vjNZ3KhAOQ4ukplFLx5r0wzIosaH6vC8tZEjzu78oil6xk3E1rihkK; expires=Tue, 30-Nov-2021 08:11:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C77A 0
0 90ms
89ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=H1yfBlxUQA&p=https%3A//www.elfagr.com&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=H1yfBlxUQA&p=https%3A//www.elfagr.com&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUkw7tutaRzeKxHeBc6l5ImT6vgfllKsYW5A3ffki-Zi2R9SXeXlIwE1Bjv8; expires=Tue, 30-Nov-2021 08:11:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A6E7 0
0 76ms
76ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=uCFfjerBEx&p=https%3A//www.elfagr.com&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=uCFfjerBEx&p=https%3A//www.elfagr.com&dtd=39
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUlTt_r6sOWKZBwZKsxeOuhDPMdDi-6Bci8oUFbOZlkvzbhR4wI8vjNBxsiZ; expires=Tue, 30-Nov-2021 08:11:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C892 0
0 111ms
111ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Oonp5YT3lD&p=https%3A//www.elfagr.com&dtd=45

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=2&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=Oonp5YT3lD&p=https%3A//www.elfagr.com&dtd=45
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUmipXYXCpS-DBw20-JjZv0iVpKF-usbmC68ydsJC85RaxcIB9LxkgHiMkxO; expires=Tue, 30-Nov-2021 08:11:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3815 0
0 81ms
80ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=l2V4uHQSGj&p=https%3A//www.elfagr.com&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=1&bdt=874&idt=-M&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=l2V4uHQSGj&p=https%3A//www.elfagr.com&dtd=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUmO2dXiilSkSQLlYZiyRMOCaIywm0POmPKAdvwp5leRfNEdqUwDuqWuDcxh; expires=Tue, 30-Nov-2021 08:11:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Nov 2020 08:11:12 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8855 0
0 88ms
87ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=5&bdt=873&idt=5&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=5QLOQvPCpz&p=https%3A//www.elfagr.com&dtd=56

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1604563703&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1604563872753&bpp=5&bdt=873&idt=5&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=6261066043995&frm=20&pv=1&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=54832030&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067166%2C21067467&oid=3&pvsid=3366420072318016&pem=670&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=5QLOQvPCpz&p=https%3A//www.elfagr.com&dtd=56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlODg5j1fMfQ5NFcamqNvntM0pN9RjQedmVt93UhkVxaRn-0PL-0MWak2M1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:12 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C7EB 0
0 56ms
55ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyvWv3m4AxIRCJwPa56p3Mjlncv_a0LioEa5BQEfLPsld5qa4R9EVWIGIOoqW-RsA7POmT1KjD-r0Z6O_TU0y5JkZscaZqf5110JaGOVObqo75lt_VvfzDz6UsVcdxN9rjCsjXDdZSPYUNyM9KMnUgi7ownQ4NxA6QLhXbCFOKFbvIHz8IW8kMlc3BgTBoUkJnhi-CGQs6dZi2Uvj3l0gBUN-wbW2KfP9LixA2mRBLKwQ9-scLkRM49ZKBiFyzYxA2&sig=Cg0ArKJSzF4DIE7iDpyyEAE&urlfix=1&adurl=

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:12 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C7EB 134 KB
45 KB 33ms
32ms Script
text/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068436

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46518
x-xss-protection: 0
server: cafe
etag: 9272287904180736456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7EB 74 KB
28 KB 26ms
25ms Script
text/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110301.js?21068436

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d789ae1808dc2bc4fe0b8e52542b3ccb34ecff0d3f5491a82be29532e0317a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604493480950496"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28759
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:12 GMT

GET
DATA 200
OK truncated
/ Frame C7EB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8051deb8dad83f0f6a10066a3cbcb6df79f1cce0b749313a9f4aa723a212655

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ Frame C7EB 230 KB
86 KB 56ms
56ms Script
text/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88237
x-xss-protection: 0
server: cafe
etag: 8916267561321754551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Nov 2020 08:11:13 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C7EB 12 B
447 B 118ms
66ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elfagr.com&callback=_gfp_s_&client=ca-pub-9392826248043988&cookie=ID%3D96cb2d56a9ac9ce1-224ca90719b900c3%3AT%3D1604563872%3ART%3D1604563872%3AS%3DALNI_MY7-clT_utv-tp2cFKvNuagNOqNNg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame C7EB 109 B
810 B 64ms
39ms Script
application/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C7EB 109 B
810 B 64ms
39ms Script
application/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4E02 0
0 84ms
83ms Document
text/html 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604563872990&bpp=2&bdt=145&idt=105&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D96cb2d56a9ac9ce1-224ca90719b900c3%3AT%3D1604563872%3ART%3D1604563872%3AS%3DALNI_MY7-clT_utv-tp2cFKvNuagNOqNNg&correlator=6261066043995&frm=23&ife=4&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=1647401638&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=42530672%2C182984000%2C182984200%2C21068084%2C21068434%2C44730557&oid=3&pvsid=4419287789562007&pem=670&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oxp4aiqxjli&fsb=1&dtd=111

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604563872990&bpp=2&bdt=145&idt=105&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D96cb2d56a9ac9ce1-224ca90719b900c3%3AT%3D1604563872%3ART%3D1604563872%3AS%3DALNI_MY7-clT_utv-tp2cFKvNuagNOqNNg&correlator=6261066043995&frm=23&ife=4&pv=2&ga_vid=476495374.1604563872&ga_sid=1604563872&ga_hid=1647401638&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=42530672%2C182984000%2C182984200%2C21068084%2C21068434%2C44730557&oid=3&pvsid=4419287789562007&pem=670&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oxp4aiqxjli&fsb=1&dtd=111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmipXYXCpS-DBw20-JjZv0iVpKF-usbmC68ydsJC85RaxcIB9LxkgHiMkxO
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 05 Nov 2020 08:11:13 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7EB 72 KB
27 KB 29ms
29ms Script
text/javascript 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604493480950496"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:13 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C7EB 0
44 B 58ms
58ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss26mO_CC-P7rIv4PuFRO0uXMws5TXBfKxTTr3Csxn6i9MrPbWjbM6JmfKTejQSn0W88oEQpDmWqAPGHooCRL9_fKa8wBdNQOcxX8TwfTEULsorWqhCXaw3ntt-oRYQ1AimWfilnUTck4pKJiCROwxsGvN-IbdJxDFTm7JzOPTouFAnxkhfo99zvKF3bI_Vix6YyXcWLa-OUVRv4eHUR15QXhlhWs_55t5CTdfIgTa1XwWol2G7K_QPeTC9ibNT4mdpfaQ&sig=Cg0ArKJSzJGFTKSCLQtyEAE&urlfix=1&adurl=

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:13 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C7EB 8 KB
6 KB 65ms
41ms XHR
application/json 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43ee7ce4d76bfad67999096f305d9ca4ee32f9dd9401694ea6a2d0abc31eac94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6476
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 30ms
9ms Script
application/x-javascript 2600:9000:2182:ca00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:ca00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 15:43:28 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 03:23:55 GMT
server: nginx
age: 59265
etag: W/"5f866f4b-8e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CYtG28ycfOqD4_wEiXsTmq7jM5kGp-cBOEmpMVT85-XiAizzwg4emw==
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
expires: Thu, 05 Nov 2020 15:43:28 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-59ef5e079e818335/ 2 KB
776 B 126ms
124ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-59ef5e079e818335/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
etag: 187095746--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=37, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 602

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 134ms
132ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fa3b3a01c078581&bkl=0&bl=1&pdt=141&sid=5fa3b3a01c078581&pub=ra-59ef5e079e818335&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.elfagr.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%2C%D8%B9%D8%A7%D8%AC%D9%84%2C%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9%2C%D8%AA%D9%82%D8%A7%D8%B1%D9%8A%D8%B1%2C%D8%AD%D9%88%D8%A7%D8%AF%D8%AB%2C%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%A7%D8%AA%2C%D8%AA%D8%AD%D9%82%D9%8A%D9%82%D8%A7%D8%AA%2C%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%2C%D9%83%D8%B1%D8%A9%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%2C%D8%B9%D8%B1%D8%A8%2C%D8%A7%D9%84%D9%85%D8%B2%D9%8A%D8%AF%2C%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%20%D9%88%D8%A8%D9%88%D8%B1%D8%B5%D8%A9%2C%D8%B9%D8%A7%D9%84%D9%85%2C%D9%83%D8%A7%D8%B1%D9%8A%D9%83%D8%A7%D8%AA%D9%8A%D8%B1%2C%D9%81%D9%86%2C%D8%AA%D9%84%D9%8A%D9%81%D8%B2%D9%8A%D9%88%D9%86%2C%D8%AB%D9%82%D8%A7%D9%81%D8%A9%2C%D9%85%D8%B1%D8%A3%D8%A9%20%D9%88%20%D9%85%D9%86%D9%88%D8%B9%D8%A7%D8%AA%2C%D8%B5%D8%AD%D8%A9%2C%D8%A3%D9%84%D8%A8%D9%88%D9%85%D8%A7%D8%AA%2C%D9%85%D9%82%D8%A7%D9%84%D8%A7%D8%AA%2C%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%2C%D8%B5%D8%AD%D8%A7%D9%81%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D8%B7%D9%86%2C%D9%86%D8%B4%D8%B1%D8%A9%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1&colc=1604563873245&jsl=131105&uvs=5fa3b3a0906cd6fd000&skipb=1&callback=addthis.cbs.jsonp__145519479906605960
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e4634af9cb2e3b9342eae41ae463a6480ac8175996bbac8a3bc7c3a0378a05d1

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 05 Nov 2020 08:11:13 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 5134 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame AAE7 0
0 41ms
41ms Document
text/html 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 05 Nov 2020 08:11:13 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 47ms
40ms XHR
application/json 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7884888404a2e1f80493d9ccdad8f4168cfbbecb62640f579f97011436e496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6510
x-xss-protection: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 336ms
110ms Image
image/gif 52.73.235.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=elfagr.org&p=%2F&u=BW5LwH8I_e5DktKId&d=elfagr.com&g=64566&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8824&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1472&t=C6TD2cDZR-emQ9uyaMXbp6CiV-er&V=121&i=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&tz=-60&sn=1&sv=DiQae-McrDYDDro9pCFuWoeCkVwrz&sd=1&im=06030403&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.235.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-235-201.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 05 Nov 2020 08:11:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C7EB 16 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 05 Nov 2020 08:11:13 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame EA3B 0
0 33ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 05 Nov 2020 06:49:47 GMT
expires: Fri, 05 Nov 2021 06:49:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4886
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
34ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 05 Nov 2020 08:11:13 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617
x-akamai-path-stats: [1:66104:20896]

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 95F7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 05 Nov 2020 06:49:47 GMT
expires: Fri, 05 Nov 2021 06:49:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4886
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
682 B 30ms
29ms Image
image/gif 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=3366420072318016&bg=!ubqluprNAAU7ZAKtO1iCzIH9mhb0KAIAAACEUgAAABNoAQcKAMC_WYq-AtHoaZu2Z2vi3zvg6epUdpbxv7eH-f4VpZMgYgYjACzCZXzqLphBTlv7cY_zWyXcsUZGY5eFCHEv7X5kQOfCKZrLH2HO6klyomc62IOeOjuS2VLO-QKaXULNGDeFMKms28RO1z_wdxXoO7rjCIBPDpWBwamiHJErrh7HU1dOhsCYerXBAAzwujARFZscjT5eYR9O14Q4eK7xhNp_y7vh99E0djYlP5R_LupLmpPV68tjyasJwnCeoee13kCZAacRsg69pK95S6dIQnRZD3ZON1CbC7iRgxJSdERhJNb_r3IKjs92WrmS8Nqm9PJ3Q8J8ThHdfeRPgIP6KcMdUhRY3tJuQx9F0hyBx9UbrZGgSLXArwuJFyx7_6Lq6G6pMmfve41H1a-YsuWzv9l4g9tj5EyJroDij-1-NdvOSq_DcOrVncTToX6DZz52bdlJzo8csSls_q876TPxuJK8-jQrq8d0myZZYv_Mg9twDPI7pEFf0WaAX29lfzHn0uRIjGe4Gpn1TaHP1QrjmwURPu54bKV6t-88vjO23egTCSW3LZjQGrVJSkh3cGDRF6zDYUfFwAqRSJtBJw_YMOGKz5icfjNQ3lqkkPYB4eHqafIzjgASC9N5Epmo7LGI6fRROfT1-KRj2uq9uc26vclcjWvzApT3cwqVYa7JFBPgUyy5dfpO7y6KqAbIYEXuQeJuqnE6bIGU4e3k5WaViwRQaFlWN6mxvaWY39QLCLV5iL_grbZO6Br5zlBEX2pUcauX14y-Ac1VaITxipsigcsVmKFbTE8nCnEgAi1imo61uViJi5zfJxMSVkU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 08:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7EB 0
22 B 30ms
30ms Image
image/gif 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=4419287789562007&bg=!b2ylbEzNAAU7ZAKtO1hwiNt0XC4sSAIAAACSUgAAABdoAQcKAXJjtkeUFPZjlW78hB687gKTGkUjP4z9Ydf09lm6QWTw8o0efiIeTARoiUZeBMQ3sEEOJpiYzfpGKj1qn0rgmFgbameCyB1Cbwmp0bOlcq4LlqyaZkTDpVCOKzrdS9J7QJLpQp4pCsjg6wCbG_SGmo2XDuN9YLJKMQUhsEc8tSRz7hyQexMIqdDn9kUqRC9cngZHyLLUGRgsuvug6GnarF1h-eIiZSVs0DcFxh8D4RKi1LVbzqcnIj70s2drQUWkCt5wsvhai_75lJrnyVuOes_BK_PSM01i5wu_N_pV5u9pDcUOr38wiITUhyw-xiVT5T4uRAOKZTufVJNlgjfmNx9NzpEG9vrOldNrv0h1fmST9HaDfam_2KFHYXkUqfatgK_im14P7N_Ku8gIN2fcWiP6UAVIH3D34kPaENQIU8N17qyJDXsNQsWM80X86uUTYN-wnAv-tFsnkBFtGkTCCXnIBg8yM7eQh8ijMzDh-OSpTypMmQGt961pkRq6DN4IUneQzaK_kQGf5PjOstRcQfg6UKSuWFaaqZxmz_QZcnZlYqGOOUZu8mDBT2Xw_FIwaJPsOfT0Z_swASDRDiJVum74WpK9sLL_Ss8L6BAJZGjTHP9fzh2_O6mgDPwnAUWnFRJtE5J0dtThVRS4tf6DgUb4D2WCZ2Tt4vzAV4c1JOhltILV9VoLaU5yNS1TweaC-VzTKkkrjVDPtqqAzgIHuROReVJFUgOC9MNhWV9oqM92ZGPBESYcfztXo4uA69z5LP3KySP2wqg7Y7c8CNOHtjqY9uqeu-jx6_OqywDehsdIiA25wnzEZK_Q3g4TD4Yk8hmo60wdhGUCwoSvn27z5QGzSHq2SQSbCiOQIAdh6aN3TPd_5mWbcF3bOpZR_uu23PAMjsafHa7CbMOfdP0l3RRrIvab8Hx4oXHxjZJhEu1z_6VcDK0epjsLkxDsiT8ep_hOcMT6NpPUgEAld0M4JZGSFK6sSeY39zszfK4gH65K3fijqnweU_Y9lp_NeaLo7jfJs76WHraeOyACFmDUAkJgoAJ5ldmoKst0IuovdTqbkDSR

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 08:11:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C7EB 42 B
93 B 29ms
29ms Image
image/gif 2a00:1450:4009:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYq1PEdlc1HzroiKCqN2oKUBtLNxbpY-iSHf_eint2Dhr7PwenXm6j4KueXohc18iA4OXR4ZwKlxeApzsFn5sH-8w0z_1-UFqdfp1EErQ&sig=Cg0ArKJSzDMJJV5F1OAzEAE&adk=194120428&tt=-1&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=89,436,369,772&mcvt=1027&rs=3&ht=0&tfs=387&tls=1414&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=266&niot_cbk=304&md=2&btr=0&cpmav=0&lm=2&rst=1604563872849&dlt&rpt=136&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C8824&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-5-10-10-0-0-0&tvt=1410&is=336%2C280&iframe_loc=https%3A%2F%2Fwww.elfagr.com%2F&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201104

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:801::2002 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 08:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 356.jpg
www.elfagr.com/upload/photo/news/407/1/600x338o/ 49 KB
50 KB 80ms
80ms Image
image/jpeg 2606:4700:3035::681b:a6f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/1/600x338o/356.jpg?q=2
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3035::681b:a6f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f73493f24fc63e35023fc41221cffd76d732f1b92373a2a354fd91af75a5ab41

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 08:11:19 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
status: 200
content-length: 50631
cf-request-id: 06390ede250000d7050f9cd000000001
last-modified: Thu, 05 Nov 2020 07:43:58 GMT
server: cloudflare
etag: "6d8846b47b3d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Skh0NASsM6xkhiM%2BquSTMBFd1wIURXTt0XpuIjBoY7yVPYi%2FFEhhpshqcGtQAfHLVMs3ixyVy45ewoGibT5AHQ%2FVLrVZElXQ3mmyRGbVte3OYGRVjlsNXfsF9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5ed51a76a87ed705-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:04:19	Name: IDE Value: AHWqTUmipXYXCpS-DBw20-JjZv0iVpKF-usbmC68ydsJC85RaxcIB9LxkgHiMkxO
www.elfagr.com/	1970-01-19 13:42:45	Name: __atuvs Value: 5fa3b3a0906cd6fd000
.elfagr.com/	1970-01-19 13:42:45	Name: __utmb Value: 95024968.1.10.1604563872
www.elfagr.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3wea0j35pm2rcu5n0tagvzss
.elfagr.com/	1970-01-19 22:29:46	Name: __auc Value: 33ca421b1759775aa300ddfee26
.elfagr.com/	1970-01-19 13:42:45	Name: __asc Value: 33ca421b1759775aa300ddfee26
.elfagr.com/	1970-01-19 23:04:19	Name: __gads Value: ID=96cb2d56a9ac9ce1-224ca90719b900c3:T=1604563872:RT=1604563872:S=ALNI_MY7-clT_utv-tp2cFKvNuagNOqNNg
.elfagr.com/	1970-01-19 13:42:44	Name: __utmt Value: 1
.elfagr.com/	1970-01-20 07:13:55	Name: __utma Value: 95024968.476495374.1604563872.1604563872.1604563872.1
.elfagr.com/	1969-12-31 23:59:59	Name: __utmc Value: 95024968
.elfagr.com/	1970-01-19 18:05:31	Name: __utmz Value: 95024968.1604563872.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.elfagr.com/	1970-01-19 23:11:31	Name: __atuvc Value: 1%7C45
.elfagr.com/	1970-01-19 14:25:55	Name: __cfduid Value: d830dacfc8d8b53740a623f2bac34af081604563871

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.expr[':'] is deprecated; use jQuery.expr.pseudos
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.unbind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.bind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	log	URL: https://www.elfagr.com/(Line 14) Message: ServiceWorker registration failed: TypeError: Failed to register a ServiceWorker for scope ('https://www.elfagr.com/') with script ('https://www.elfagr.com/sw.js?r=1.6'): A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

81c2859b67683c247744554c5b7ef6c5.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
certify-js.alexametrics.com
certify.alexametrics.com
cr.synceg.net
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
s7.addthis.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.elfagr.com
www.google.com
www.google.de
www.googletagservices.com
www.sfegypt.com
z.moatads.com
s7.addthis.com
104.75.88.112
104.75.89.172
13.226.132.83
13.226.132.94
172.217.21.194
216.58.212.130
2600:9000:2182:ca00:18:1fcd:34e:d2a1
2606:4700:3033::6818:64a1
2606:4700:3035::681b:a6f2
2606:4700:3037::681c:949
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2008
2a00:1450:4001:824::2001
2a00:1450:4009:801::2002
2a00:1450:400c:c07::9a
2a04:4e42:1b::621
52.73.235.201
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06592edaa4c0ec3766a7b83730fd5fc1ed62c1bf8b546f44badc6ccbe7b8a784
0d75578a770278b0a97c3957f067a38946a62449ea03f41b474caa7d5377fa07
10d789ae1808dc2bc4fe0b8e52542b3ccb34ecff0d3f5491a82be29532e0317a
1201a715464507d9c9cb8c351d330ff10a20a87f745b8462f732bb7cc9e569a8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
38bc0825ad91b0c113ec5049c733c1cea55b37c18f64ae2e73c38d8bc6221718
43ee7ce4d76bfad67999096f305d9ca4ee32f9dd9401694ea6a2d0abc31eac94
44cf794e5051ab284037943db2d956f4d4197a69a3483e9048359a1d42d2fa92
46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69
48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff
51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310
59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7
5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68a4ac472c4700cc76d4cd27c384d1c5d598ac94ec43cd0b45fcc94d4589ee7c
763467b278f869938360731efab2b575627fd2c722c980cf430936240959e302
8621be60f7693c4bbf7e854455331dbc3160ace29a32e9db250f1e9906470123
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
a1fd8f0219afdf6523ec555ee655319f7d936736e4ebd816a14a08c6939ed488
a44b4e645ecc10fef54f53f4d0983af2b365f39ba3c458280d12307231a09e81
a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877
a8051deb8dad83f0f6a10066a3cbcb6df79f1cce0b749313a9f4aa723a212655
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae7884888404a2e1f80493d9ccdad8f4168cfbbecb62640f579f97011436e496
b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d167740614649790d47fb5a155964371ea2811185fcba2397893e470bdfbf61d
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d5fb1357292640d3aea3bd10e3940d3c12165435660b887aa37855bd7138e4b6
d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8
d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90
d9c9ae9b701a02c8956f1dbe7814daa8c02c9a54c8490e44f1be11c27a0f409d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8
e0ad46922b053dc3e5d02cfe04b122cee77d46e633a6d046df619dc03923d4ee
e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4634af9cb2e3b9342eae41ae463a6480ac8175996bbac8a3bc7c3a0378a05d1
e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad
e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081
edee9d3caa9ec34e06c5d23dc15d7813ea0f333a9d56eb9353aa9b1ec259eb32
edfb162dc5c4d166aa3e958648d6ab4a886d1f778f15ecc558503ccb8534e3d6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73493f24fc63e35023fc41221cffd76d732f1b92373a2a354fd91af75a5ab41
fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

www.elfagr.com Open in urlscan Pro 2606:4700:3035::681b:a6f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

85 Requests

99 %HTTPS

70 %IPv6

17 Domains

25 Subdomains

22 IPs

6 Countries

1278 kBTransfer

3463 kBSize

13 Cookies

4 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.elfagr.com Open in urlscan Pro
2606:4700:3035::681b:a6f2 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

99 %
HTTPS

70 %
IPv6

17
Domains

25
Subdomains

22
IPs

6
Countries

1278 kB
Transfer

3463 kB
Size

13
Cookies

85 HTTP transactions
1 data transactions