www.elfagr.com Open in urlscan Pro
2606:4700:3032::681b:a7f2 Public Scan

URL:
https://www.elfagr.com/
Submission: On November 11 via api (November 11th 2020, 4:12:59 am UTC) from IL

Summary HTTP 86 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 86 HTTP transactions. The main IP is 2606:4700:3032::681b:a7f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.elfagr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time www.elfagr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2606:4700:303... 2606:4700:3032::681b:a7f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	104.75.88.112 104.75.88.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
1	54.239.192.6 54.239.192.6	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:303... 2606:4700:3035::681c:849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6818:64a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.93.26 13.224.93.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:c000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	3.222.213.29 3.222.213.29	14618 (AMAZON-AES) (AMAZON-AES)
86	19

29 2606:4700:3032::681b:a7f2 (United States)

ASN13335 (CLOUDFLARENET, US)

www.elfagr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.112 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.192.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-239-192-6.waw50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::681c:849 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cr.synceg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6818:64a1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.sfegypt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-26.zrh50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:c000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.213.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-213-29.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	elfagr.com www.elfagr.com	585 KB
16	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	119 KB
14	googlesyndication.com pagead2.googlesyndication.com 9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com tpc.googlesyndication.com	288 KB
4	synceg.net 2 redirects cr.synceg.net	878 B
4	addthis.com s7.addthis.com m.addthis.com	191 KB
3	googletagservices.com www.googletagservices.com	84 KB
3	google.de www.google.de adservice.google.de	2 KB
3	google.com 1 redirects www.google.com adservice.google.com	1 KB
2	googleadservices.com partner.googleadservices.com	596 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	addthisedge.com v1.addthisedge.com	776 B
1	chartbeat.com static.chartbeat.com	14 KB
1	moatads.com z.moatads.com	1 KB
1	sfegypt.com www.sfegypt.com	1 KB
86	17

	Domain	Requested by
29	www.elfagr.com	www.elfagr.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	www.elfagr.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.elfagr.com securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	cr.synceg.net	2 redirects www.elfagr.com
3	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	s7.addthis.com	www.elfagr.com s7.addthis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	ssl.google-analytics.com	1 redirects www.elfagr.com
2	cdn.jsdelivr.net	www.elfagr.com
1	ping.chartbeat.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	static.chartbeat.com	www.elfagr.com
1	9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	certify.alexametrics.com	www.elfagr.com
1	z.moatads.com	s7.addthis.com
1	www.sfegypt.com	www.elfagr.com
1	www.google.de	www.elfagr.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	certify-js.alexametrics.com	www.elfagr.com
86	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.synceg.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.elfagr.com/
Frame ID: 758182CB1CACD97A7BCF6B58A5912E63
Requests: 56 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: 7CCD3223423CF351FA2B1A897B444B68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: 33345A5D800DBCF32F64AE3C3913019A
Requests: 1 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: DB3C1A0BE2E07787DBB335BA333A7DFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1605067872&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962597&bpp=13&bdt=331&idt=236&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8504891800174&frm=20&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=259
Frame ID: 936FBDE60AE17D2C3FC44AB944FA3C0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1605067872&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962610&bpp=4&bdt=345&idt=319&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s7vcX0cC5e&p=https%3A//www.elfagr.com&dtd=326
Frame ID: 911F1B9DA51E39131A79F4DFDFDC23D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=3&bdt=808&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YdNJlUk0cV&p=https%3A//www.elfagr.com&dtd=25
Frame ID: 227AE7980AA9D9F9BF9881F70D37FED0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=2&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UznKyxyPSa&p=https%3A//www.elfagr.com&dtd=31
Frame ID: D2C49C0A3A586D5E2B32348491305262
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WK0bczOMTT&p=https%3A//www.elfagr.com&dtd=37
Frame ID: 3A16FF189AE65E7BF733EFB6BE774B37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=xYsa9O2Ij6&p=https%3A//www.elfagr.com&dtd=43
Frame ID: E765D1754B54E8ADC40591861ABF3B47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=buBBSVJ2pi&p=https%3A//www.elfagr.com&dtd=48
Frame ID: 704E5A53F765A7DD0C5CFAAE71BEF701
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=2&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=MeU6YsEFmS&p=https%3A//www.elfagr.com&dtd=53
Frame ID: 8DEC11835C565B61E8A201C05DE51E2D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlJP2fr6jD5V5aBOJC5qqI-W8zyjsKEfqoJOhZsQ64mxBYsZudts9TeT5bFIrN75d4M9fBtjSe-oHpfFU7ZziaLhEvevlOcz4Mvq4nwVR8ed-MG2tpmJywLnW-H8S2kwtS5r90mi3mxxQTdrlLdBLzLMJ9gXaOZdTPNQhk_h3NOvNPyLg4b_w_QMCvCrkFHCKpAHWpfQsAe8ugQGPFt2A_PEjW2Vkxz95GYjxtQWzjyt9GvF7dSJ8EVSkAsfSj9VYt&sai=AMfl-YTyQfbhqyTtO7P0UqSn7V4v40Z7-lQnHiV77GoDlzf1wdMCZAgl7SEMiZwXTH9sbOO6JvPdqq-T2-wgPcXJqOkJGMKjIC0ZY2WXz2E9Lijykq9g2vxz4S9Ov69qE86x&sig=Cg0ArKJSzMCTMdDzPrzdEAE&urlfix=1&adurl=
Frame ID: 7E77131472D2BC298EFFE1B548D2C8DC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963288&bpp=2&bdt=129&idt=44&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D691c36159a471b1d-2206f4436aa60073%3AT%3D1605067962%3ART%3D1605067962%3AS%3DALNI_MaOsHoPiOpWMFlc8dy7vPMmffg9kQ&correlator=8504891800174&frm=23&ife=4&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1132346322&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=505133829845393&pem=600&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.rkut1i27egqd&fsb=1&dtd=51
Frame ID: E63072BD7D78590906B1EA0E2AB30D70
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 37A800ADE38ED66FBB88E71223A78CED
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: F6437B13404D59390228022AE4A857E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 86563A62A723521F9A5C615D89D5FED2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B69E167BC05E8AF63DA1CCE9DFCE8BE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

86
Requests

98 %
HTTPS

70 %
IPv6

17
Domains

25
Subdomains

19
IPs

5
Countries

1317 kB
Transfer

3505 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ElfagrNewsOfficiall/

Search URL Search Domain Scan URL

URL: https://twitter.com/ElfagrNews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8cY0vwqMMa8rYKczO0v8cQ

Search URL Search Domain Scan URL

URL: http://www.synceg.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

Request Chain 28

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2099138595&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&utmhid=1599860545&utmr=-&utmp=%2F&utmht=1605067962585&utmac=UA-24442537-1&utmcc=__utma%3D95024968.616737716.1605067963.1605067963.1605067963.1%3B%2B__utmz%3D95024968.1605067963.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=810334350&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595&slf_rd=1&random=3233053980

Request Chain 34

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.elfagr.com/ 105 KB
19 KB 101ms
83ms Document
text/html 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8b231ef6a88878765103cc16538567c9d50d38a1e7b4925960b8c049356b49b3

Request headers

:method: GET
:authority: www.elfagr.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 11 Nov 2020 04:12:42 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d4136e8716393107a5fe1901bd985f6cb1605067962; expires=Fri, 11-Dec-20 04:12:42 GMT; path=/; domain=.elfagr.com; HttpOnly; SameSite=Lax
cache-control: public, max-age=211
expires: Wed, 11 Nov 2020 04:16:12 GMT
last-modified: Wed, 11 Nov 2020 04:11:12 GMT
vary: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06571a8f3f00002bc68d0db000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jWVOEZLxGiI0aEVzdq%2BXX%2FYaIfy0XNJfOR9EOxt%2F7HU5IV696NGZBKvuOznknvwCbZ%2F0xV1cC3SL9W2Y3kavG3c3fOJkuU24waJD9lTEchJ2E6b1kHVzO5ijQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f052d2b98622bc6-FRA
content-encoding: br

GET
H2 200 bootstrap.css
www.elfagr.com/themes/new/css/ 362 KB
49 KB 34ms
27ms Stylesheet
text/css 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 600792
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8fb000002bc684089000000001
last-modified: Sun, 20 Oct 2019 14:31:38 GMT
server: cloudflare
etag: W/"0c1e6145387d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QoQ14Rv7YsQQ7mXyk9qOQcYhwWYRIQ%2BRw8s0VUUpfjkszrLLW%2BU9zUPYbuTPVCpwf5J4GR76rI0FmNWaCplUFWE0EHCnkmdj7puyT6VjwhVjt4GdjsEB1ovzdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=374740
cf-ray: 5f052d2c49362bc6-FRA
cf-bgj: minify

GET
H2 200 app-min.js Show response
www.elfagr.com/themes/new/js/ 286 KB
79 KB 26ms
21ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/js/app-min.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 260745
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8fb000002bc6521b9000000001
last-modified: Sat, 19 Oct 2019 16:38:06 GMT
server: cloudflare
etag: W/"0eb49959b86d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xtxc6kcdAYlBn6NkAJfIqeaAbWC%2FS%2FzQGJGVZ6hBcraUO%2FOV5%2BLlMm96yP84uEdzrMtiW%2FIB7zQ1icP3CT6oxTLECuV%2F%2BN6SH8p%2FPOZAe7gANCjxyMQ78Ujn2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-ray: 5f052d2c493b2bc6-FRA

GET
H2 200 fb.js Show response
www.elfagr.com/fb/ 14 KB
5 KB 19ms
14ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 339148
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a902e00002bc65f21b000000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"0433147ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ueix5w6g29WStqfdnQpyEz4TRqIp1%2BiN00uzaM6VKJbocbxVNnrNp7iG3xEq7oXoAciF6tXmiytgdCr1kCtsB%2FfK%2BNGBKEe4%2FLqBma7YEw0khmx9qsaR173UWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=14319
cf-ray: 5f052d2d1a912bc6-FRA
cf-bgj: minify

GET
H2 200 common.js Show response
www.elfagr.com/scripts/ 1 KB
887 B 18ms
13ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/common.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 251424
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a902f00002bc644234000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UYU%2F3wysRbggka5sOsNEZ6jayiA6shD45II3FdiwOcdEUb0ij8A%2FOVqWaoehufUzhnn%2BigvKClLvY5Bkaqxurk9RTXBT52M5XHGKZrL9vhTvBQL90VJ7gyL%2BoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=1609
cf-ray: 5f052d2d1a922bc6-FRA
cf-bgj: minify

GET
H2 200 swfo.js Show response
www.elfagr.com/scripts/ 7 KB
2 KB 21ms
16ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/swfo.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 516433
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a902f00002bc69bafe000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qrj%2Bs33psPyhDB10OmNB%2FyFNPsl1fXcndCFaF9Xm2Eoa%2FA9cmqSvWTdpWaqbTkTX1uOTMrb%2Fb9bbVBe7VvoNuzB40I3rVmosiarRElIoB0OlxrxCEhKaPA%2BYuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=7976
cf-ray: 5f052d2d1a932bc6-FRA
cf-bgj: minify

GET
H2 200 fb.css
www.elfagr.com/fb/ 5 KB
1 KB 16ms
11ms Stylesheet
text/css 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 599003
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8fb000002bc640a83000000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"0433147ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o5fQmLYIcCTpZk9Ww70QcnYaBOFbKJjXaMHbWldG6KeJvOAgFz4JhYCfQqzj4E7RE33INt03vDtyXRknZNc%2BO29WC6U0ae4mLh1hil%2B3UrGRjGYTwEgi8Mu9QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=6419
cf-ray: 5f052d2c49372bc6-FRA
cf-bgj: minify

GET
H2 200 / Show response
www.elfagr.com/ 105 KB
19 KB 86ms
82ms Script
text/html 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8b231ef6a88878765103cc16538567c9d50d38a1e7b4925960b8c049356b49b3

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8faf00002bc62a358000000001
last-modified: Wed, 11 Nov 2020 04:11:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C4jaIlpRKLfnpYt5UTukmoEmPAuyOsVdmh6rfuTfU30lxXzzNRDRNqyXzK2LXYYuc85t61ZQySXNdO7A%2F7bgFptR%2FQIrjwtTH%2F497IqMCo7xv2CyTzhwVti8FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public, max-age=211
cf-ray: 5f052d2c49322bc6-FRA
expires: Wed, 11 Nov 2020 04:16:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45395
x-xss-protection: 0
server: cafe
etag: 16107326225270191402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 04:12:42 GMT

GET
H2 200 jq.lz.js Show response
www.elfagr.com/scripts/ 2 KB
917 B 19ms
14ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/jq.lz.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 167290
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a902f00002bc6362ff000000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"806fb48ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=so3Tec7nvK04sVgI1M812e13c9XdeXmDYcwn98wYPj5cfMrw4NYjva7ybCqwrtN8PKdS0ohRqG0dCoZhOCSoWInPBZzpOf8%2Bvvt6uNTHIeNvpAXKG3iM6uCXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=2820
cf-ray: 5f052d2d1a952bc6-FRA
cf-bgj: minify

GET
H2 200 elfagr-logo10.gif
www.elfagr.com/themes/fagr/png/ 10 KB
10 KB 20ms
15ms Image
image/gif 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/fagr/png/elfagr-logo10.gif
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: edee9d3caa9ec34e06c5d23dc15d7813ea0f333a9d56eb9353aa9b1ec259eb32

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 699507
x-powered-by: ASP.NET
status: 200
content-length: 10187
cf-request-id: 06571a902f00002bc63713e000000001
last-modified: Thu, 01 Feb 2018 22:23:33 GMT
server: cloudflare
etag: "80605d4bab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iaPtZubYKfuD7%2Fzvt2t8pDX8GLtXP18udG41HyA4NiiGWkcWFH6D5oTYgkvagS41C9lSv2Sshja4azC4I26I68M8nBpGtxaKOT2hx9XINklB6kyDFQMiQmZBMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2d1a962bc6-FRA

GET
H2 200 477$7cview
www.elfagr.com/adview/ 0
414 B 73ms
68ms Image
text/plain 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/477$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BfKUH6OINzNblxOOC1uhpbjlCMBtd%2ByxejVFuJFC1%2FRqLeE3lxtMsvIZtZxSGUrUcwXQF3F4SHDyS0%2FVb2F9%2BgKy3jlda9c0dioMB5rm%2BjF48nRw%2BmU%2Bt5jwBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
status: 200
cf-ray: 5f052d2d1a972bc6-FRA
content-length: 0
cf-request-id: 06571a902f00002bc6543f3000000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 92ms
33ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

5eb1eeea7b5bee3b991cf2e7223220f21d2c2d8f55090d13daf5798bb24ccc13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "690 / 230 of 1000 / last-modified: 1605049683"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18159
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:42 GMT

GET
H2 200 no.jpg
www.elfagr.com/images/ 17 KB
18 KB 18ms
15ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/images/no.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 38bc0825ad91b0c113ec5049c733c1cea55b37c18f64ae2e73c38d8bc6221718

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 599002
x-powered-by: ASP.NET
status: 200
content-length: 17916
cf-request-id: 06571a902f00002bc6721fd000000001
last-modified: Sat, 19 Oct 2019 17:16:59 GMT
server: cloudflare
etag: "8077dd3a186d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ae2zepx6O95VAJQkoONk3PuzPtEqv4CSWlUnwRQ%2BEXZtCW%2BkukaB1cIU3pR4pP8I1aZeYd5LBZXmPdnsimCHfutj3g%2BC6Z6pXmvmiXnE31QKlnIt7jxEAmOR2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2d1a982bc6-FRA

GET
H2 200 483$7cview
www.elfagr.com/adview/ 0
262 B 76ms
72ms Image
text/plain 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/483$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YNeojLwTr%2BrLdByTPNPZpvL9pSoYs2RM5pnedzNYiwIv9Ha7GrEfuQe8Hq51GbGe%2FSaL5wKZvL5KWvZzIw9ds56aG4LkenDyUi%2F9tkFdCDxgtbDF5sSdUDx52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
status: 200
cf-ray: 5f052d2d1a992bc6-FRA
content-length: 0
cf-request-id: 06571a903000002bc69f901000000001

GET
H2 200 main.css
www.elfagr.com/coronapoll/ 4 KB
1 KB 12ms
11ms Stylesheet
text/css 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 592918
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8fda00002bc64d260000000001
last-modified: Sun, 29 Mar 2020 14:55:36 GMT
server: cloudflare
etag: W/"0e4851ada5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lkHX76lguZLCcngYFgt3v3amdhFuR%2FTZDQdpWqKVbyepZmd8RIMdS0S%2BmLq3xp6ZWMmyGS4PIXAWxLy%2F%2ByQApRiWR9bpjnK8ZOZAwbWfMn5zlnKpshX9t3sXBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=864000
cf-ray: 5f052d2c99b52bc6-FRA
cf-bgj: minify

GET
H2 200 2.js Show response
www.elfagr.com/coronapoll/ 128 KB
39 KB 16ms
16ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/2.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 162773
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a8ff800002bc6a1b74000000001
last-modified: Sun, 29 Mar 2020 14:55:34 GMT
server: cloudflare
etag: W/"0b75419da5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GvsPuvzUC1x5mM74J0%2BnB%2FXpPdJuDk36mu%2FFvWai5pgML3LW6wO%2Bk7KnyGuZB2JmghTE6KdQAgMrjzGRr2z6IlEBGmL22jAb6kHLWIU1RlmOVQ1uh46Sgcy0ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=131291
cf-ray: 5f052d2cba212bc6-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
www.elfagr.com/coronapoll/ 79 KB
18 KB 19ms
19ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 327751
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a901200002bc665b80000000001
last-modified: Sun, 29 Mar 2020 14:55:35 GMT
server: cloudflare
etag: W/"804ded19da5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4aDrACB%2BjvZ%2BNv10VFV4GyfP7a3cqS4TVEO17AQBD0fz3a2irZQqrBoN2PPR%2Fj7km3wuuuDlEfOG8Bkv6M4MOdTsSwVc8w%2F9n2yCtMZry5rJLp2lddUzn4mWmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=80660
cf-ray: 5f052d2cea5f2bc6-FRA
cf-bgj: minify

GET
H2 200 sync.svg
www.elfagr.com/themes/new/images/ 4 KB
2 KB 21ms
17ms Image
image/svg+xml 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/sync.svg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 171874
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a903100002bc69f902000000001
last-modified: Fri, 18 Oct 2019 00:46:46 GMT
server: cloudflare
etag: W/"05f8b844d85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2FMwPJ3xornqA6WtNJJ%2FpYpg7nrG4FrulYGHI%2B%2F6nMqBEEM3ZFWlJ09SK%2By%2BSrxJgi8GJ8wiNNsU2kk3pR2runC1ogIo8KufMpYsG%2FlgKaBzurs3IjVLA7AKjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=864000
cf-ray: 5f052d2d1a9a2bc6-FRA

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 22 KB
6 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2055365
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 6313
etag: W/"567a-tAMo7gPY/QpmJ/daBEatlr7O9uA"
x-served-by: cache-fra19158-FRA, cache-hhn4020-HHN
date: Wed, 11 Nov 2020 04:12:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 9033057
x-cache: HIT, HIT
status: 200
content-length: 2145
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
x-served-by: cache-fra19172-FRA, cache-hhn4020-HHN
date: Wed, 11 Nov 2020 04:12:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancy_close.png
www.elfagr.com/fb/ 1 KB
2 KB 19ms
16ms Image
image/png 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/fb/fancy_close.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c39eed10adea9e22dce8b7ad09ed85c3ba7c4149b3906d7f3479ccda1fdf7833

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 266980
x-powered-by: ASP.NET
status: 200
content-length: 1517
cf-request-id: 06571a903000002bc6808df000000001
last-modified: Thu, 01 Feb 2018 22:23:27 GMT
server: cloudflare
etag: "80d9c947ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Mkd%2B7ngBAA6BBfwMAK3TRC7GVCxiJIwbGBLJIHjjp3CuxHR2dX%2BocGRrSJbK4pMlMw5ZOQ7yTCYpZEeYrmFQnHlBnZjIwZp1gnRUJz2843tEBHnbmORD3sIyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2d1a9b2bc6-FRA

GET
H2 200 main.js Show response
www.elfagr.com/scripts/ 4 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/main.js?r=11
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 436289
x-powered-by: ASP.NET
status: 200
cf-request-id: 06571a903000002bc64c3a9000000001
last-modified: Fri, 06 Mar 2020 13:29:41 GMT
server: cloudflare
etag: W/"8010674abbf3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SQljcKfK%2FBIMd7Z5oWS8XPJ3uwuDjac2dNyySmUmbufU4pz%2FRCyQ1%2Frur8EZXoHyLxQSHR%2B7wUdmxPmtRDTou5KYK%2BqgIfib5wh0EN2O9eipbhanST0c4I8WkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=5655
cf-ray: 5f052d2d1a9c2bc6-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 78ms
26ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Wed, 11 Nov 2020 04:12:42 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6194
date: Wed, 11 Nov 2020 02:29:28 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 11 Nov 2020 04:29:28 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 156ms
50ms Script
text/javascript 54.239.192.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.239.192.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-239-192-6.waw50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 5f0256b858eb482d76fb1e14a1b7a667.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3728275
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: WAW50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: Ttt0bM9vPKW7X3_TiQh98t_DMzwrC0yOygrCLtLXKxHIXDWXo32ByQ==

GET
H2 200 fontawesome-webfont.woff2
www.elfagr.com/themes/new/fonts/ 75 KB
76 KB 19ms
18ms Font
application/font-woff2 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.elfagr.com
Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 504069
x-powered-by: ASP.NET
status: 200
content-length: 77160
cf-request-id: 06571a903000002bc68c394000000001
last-modified: Thu, 17 Oct 2019 21:19:31 GMT
server: cloudflare
etag: "80f3b4903085d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HZvrxn%2F8yl1ViIrDfg33MR6Enpx4thH3ewb2B3aK4PCkg5mq%2Bde%2BlqvlVKjoXBSIX226cpZrur2TnNVOmcyJVflFDzlD1do8Z7WNbOW2HDnj8B%2FJ%2FYKBkWZM5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2d1a9d2bc6-FRA

GET
H2

200

/
cr.synceg.net/corona/ Frame 7CCD
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

107ms
107ms

Document
text/html

2606:4700:3035::681c:849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Wed, 11 Nov 2020 04:12:42 GMT
content-type: text/html
set-cookie: __cfduid=ddf6aed7a1a6f0b4274aa12233154788d1605067962; expires=Fri, 11-Dec-20 04:12:42 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Tue, 10 Nov 2020 11:56:07 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06571a90d50000dfe3fa8e5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nfb%2F2Ix1CN0rsZM5IR1SIAZPU1YRGmAUt0PgmnqYGTiiWFj8egsm3DikdfMS7QMLUrFc7o8dQknoEuNW9Ir2OpVqtK7ApZSZETbUmE%2FkEceeGOM3vaNAq%2FN%2F"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f052d2e2c35dfe3-FRA
content-encoding: br

Redirect headers

status: 301
date: Wed, 11 Nov 2020 04:12:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=ddf6aed7a1a6f0b4274aa12233154788d1605067962; expires=Fri, 11-Dec-20 04:12:42 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06571a90690000dfe30485d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tPdyB43DatOQyLCoDUPUt1wk4wohhUeWm6Lnd%2F%2BVp7WmgTDU1X2o22%2BfTK8hNeyvhy%2Ba0ol8JYKe75ZAsTNxbaTkmJXnotjhRYdT1WpFxByNvdwqSyzEtlFP"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f052d2d7b6adfe3-FRA

GET
H2 200 blank.png
www.elfagr.com/themes/new/images/ 9 KB
10 KB 10ms
10ms Image
image/png 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/blank.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0ad46922b053dc3e5d02cfe04b122cee77d46e633a6d046df619dc03923d4ee

Request headers

Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 264944
x-powered-by: ASP.NET
status: 200
content-length: 9664
cf-request-id: 06571a908100002bc699a7b000000001
last-modified: Fri, 18 Oct 2019 11:49:51 GMT
server: cloudflare
etag: "80994026aa85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sT6PyjiFkNHIy0xObCoFboCYIyfh2Fl253s2gjXyqajljiMmCIBpmvRCD0u7W%2BBX47mnuRi9PoXBDNVQLWjDqwNOhzpFsaXjA6pC1yPJXDnCoMK870cnJAQE3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2d9b552bc6-FRA

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2099138595&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595&slf_rd=1&random=3233053980

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595&slf_rd=1&random=3233053980

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 04:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Nov 2020 04:12:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=616737716.1605067963&jid=810334350&_v=5.7.2&z=2099138595&slf_rd=1&random=3233053980
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
87 KB 75ms
60ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 04:12:42 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame 3334 0
0 24ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 10 Nov 2020 18:17:45 GMT
expires: Tue, 24 Nov 2020 18:17:45 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 35697
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020110501.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 79ms
47ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99552
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 09:43:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 04:12:42 GMT

GET
H2 200 ext.aspx Show response
www.sfegypt.com/ 1 KB
1 KB 81ms
57ms Script
text/html 2606:4700:3033::6818:64a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sfegypt.com/ext.aspx?z=11107431
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/scripts/main.js?r=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6818:64a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZA9Bu8kXOS0LI2KoZ6akIPfQr0%2FA2yVqRFqIyV6vovGrXlBW1Cu2onUnue7XTEns7uC3Hx5qfosOlVEK94yGHt3KrLicNgUNHmR1tkTFuSnQuBizPq3yyJeqxM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5f052d2eaf242bad-FRA
cf-request-id: 06571a912800002bada62bb000000001

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 91ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=28523
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2

200

/
cr.synceg.net/corona/ Frame DB3C
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

110ms
109ms

Document
text/html

2606:4700:3035::681c:849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Wed, 11 Nov 2020 04:12:42 GMT
content-type: text/html
set-cookie: __cfduid=ddf6aed7a1a6f0b4274aa12233154788d1605067962; expires=Fri, 11-Dec-20 04:12:42 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Tue, 10 Nov 2020 11:56:07 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06571a91be0000dfe3d12bc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i80th6%2Fvl9fU9r9Oo6UDPOIJVa%2BwMV6UBdjyY0LRrizuQ1dvXw3xwjgNHMlwejtlVr1XFN6o9S7KfKzQaWekzjerg05uaeFnbxfzZPdwX5WMX3XXlm%2BJzwg5"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f052d2f9db9dfe3-FRA
content-encoding: br

Redirect headers

status: 301
date: Wed, 11 Nov 2020 04:12:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=ddf6aed7a1a6f0b4274aa12233154788d1605067962; expires=Fri, 11-Dec-20 04:12:42 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 06571a915b0000dfe3d909b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A4ro%2B5qbIF%2BcP9vhU1c3jJNUZJmhX%2BB1vu3l5WW19BxYJ5r7W4va%2FIW%2FOOew8yDkaXTr6FqpBnkRZ3e9%2Fos%2FHzcVQUxBgTWPMFXmRu7193L7fKcR0ha9BKbN"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f052d2efd0adfe3-FRA

GET
H2 200 329.jpg
www.elfagr.com/upload/photo/news/407/5/600x338o/ 41 KB
42 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/5/600x338o/329.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 399db61af008d45593cf48352789ea403cb6c270b66f8b7e073d64095a2d5f6f

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 544
x-powered-by: ASP.NET
status: 200
content-length: 42299
cf-request-id: 06571a91a000002bc68987e000000001
last-modified: Wed, 11 Nov 2020 04:01:03 GMT
server: cloudflare
etag: "472ad545dfb7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9JDbv%2Fyv3ku8L7KBNO7wWncUFjAsT8%2BpZpRZ7VFi6iX2mJ8kVo9jpK%2F525eiv1Q9QFUA7pbW8E0AvHaSGlgKB290st5QyIx5h%2BTbhYIgM%2Bhfxfmnjr9Kly2TuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2f6e952bc6-FRA

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
413 B 71ms
71ms XHR
text/html 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=849&hid=0&_=1605067962338
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vFi8sEj1xbPzaQF4LMuLqmzfzf%2BhY1mkh2jeFEmcu5slUsojH2YxvlCYkN485V8qILIJiXMgTZ%2FEpdSSlAgRWrz6zsYNGrXx4iiGRheDi%2BDPVJSjStBdkCRiVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5f052d2f7eb32bc6-FRA
cf-request-id: 06571a91b000002bc68c3b0000000001

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
346 B 71ms
71ms XHR
text/html 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=849&hid=0&_=1605067962339
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ah54YPEp3Bmb7K7e83f0vvuaBLpx7gm26r9pccce04H54TCC%2BOqDwQFA1tSQlF35qjBPB2L%2F0rW2%2FNhSzS1XGC6LRT2TQ1baEkdX87SGO%2BKnVXDDCugg459AuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5f052d2f8eb42bc6-FRA
cf-request-id: 06571a91b000002bc64d281000000001

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 56ms
17ms Image
image/gif 13.224.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&time=1605067962802&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.elfagr.com%2F&random_number=11611813419&sess_cookie=e05ea63a175b58179b18d878892&sess_cookie_flag=1&user_cookie=e05ea63a175b58179b18d878892&user_cookie_flag=1&dynamic=true&domain=elfagr.com&account=lKe+p1Fx9f207i&jsv=20130128&user_lang=en-US
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-26.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 04:14:33 GMT
Via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 86290
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: aZ9viiFaavf7-QlVCqAIDWxXH_aN6VgiScI-8y_S_9yV6f9N1F4EAQ==

GET
H2 200 415.jpg
www.elfagr.com/upload/photo/news/407/5/400x225o/ 30 KB
30 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/5/400x225o/415.jpg?q=3
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6908359b2448663f3d13648ac2590b58f1c09dadc0679d0b78715c8360084286

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 12011
x-powered-by: ASP.NET
status: 200
content-length: 30248
cf-request-id: 06571a91b800002bc6840ad000000001
last-modified: Tue, 10 Nov 2020 22:23:53 GMT
server: cloudflare
etag: "b68aec2bb0b7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5yqmmR%2FTuTfZ8TOnt0Subvnb5jaJuvgfZmG%2FlSO%2Fk2v4pm5kFG%2BnM%2Ba2DNTQLmteQxCSlMiTpMmdB6Cw6ZVNmaZDGC%2FMGLyS8FXWGl6ifUXcxLIoDGgHRbaqnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2f8eb92bc6-FRA

GET
H2 200 324.jpg
www.elfagr.com/upload/photo/news/407/5/400x225o/ 44 KB
44 KB 16ms
16ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/5/400x225o/324.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d5e5d4f8446d781af69069c877a7ee9baec87b0237fcf572f6609bfa9969aca3

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10766
x-powered-by: ASP.NET
status: 200
content-length: 44948
cf-request-id: 06571a91b600002bc6341be000000001
last-modified: Tue, 10 Nov 2020 21:47:22 GMT
server: cloudflare
etag: "c4c64612abb7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8Gyg%2B1EO8mFnKi3LMz0QSPBSmiIk3T01qnJPUsfo70zzIH6qpZ8jvqxtRfyTEIGNLEe2%2BTN%2F%2BWisZbzU6et00VaSQEHBaZHdvY1xyOb8%2Fonmq96wcH0MeCNTvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2f8eba2bc6-FRA

GET
H2 200 302.jpg
www.elfagr.com/upload/photo/news/407/5/400x225o/ 45 KB
45 KB 29ms
28ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/5/400x225o/302.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92f8fab2e2f6b1af9da9b0df9038b8586f753bcac0c16efd46d7db80a21f31e8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27930
x-powered-by: ASP.NET
status: 200
content-length: 45970
cf-request-id: 06571a91b600002bc66208f000000001
last-modified: Tue, 10 Nov 2020 19:13:17 GMT
server: cloudflare
etag: "eef5ac8b95b7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Zmx63JF91jFutrB6zAPRZaka4cxLRRAAWK9h0hOZDwHTKXRHk%2FjDwiJLm0waWWifKbbDYAd9HX00svYprOgDQNxSTJko9eJim%2FcGH%2F7RtIq36P6FqxRi2S8rjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2f8ebc2bc6-FRA

GET
H2 200 73.jpg
www.elfagr.com/upload/photo/writers/0/0/70x70o/ 2 KB
3 KB 12ms
11ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/writers/0/0/70x70o/73.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c8b496dcdb6fa1620734dba3efcde3cabcc0d717ccf21268d856b2fef52ebcf

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 688112
x-powered-by: ASP.NET
status: 200
content-length: 2541
cf-request-id: 06571a91b600002bc63c11d000000001
last-modified: Sat, 06 Jun 2020 07:00:02 GMT
server: cloudflare
etag: "12f1ee19d03bd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M6awhtO%2BoIe1w3k5IpOsOotAiBcxTLQZxa9u2wxxksMACWCtoETcBrOc88yDiGEB%2FAVARZZBNCONDSo2ej31Qcj7pTTu7F%2Fr75Ha1czm5nEaXPL3CbrgoyBmGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d2f8ebd2bc6-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
405 B 34ms
33ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elfagr.com&callback=_gfp_s_&client=ca-pub-1731129488393495

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

7da3b22d3d9622c8e5b25868278892b4d523c36dbac726d0f0373cd90797a7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
771 B 33ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
246 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 936F 0
0 59ms
58ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1605067872&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962597&bpp=13&bdt=331&idt=236&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8504891800174&frm=20&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=259

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1605067872&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962597&bpp=13&bdt=331&idt=236&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8504891800174&frm=20&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=2267724558092&dssz=40&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=259
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:42 GMT
server: cafe
content-length: 1217
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 11-Nov-2020 04:27:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:42 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604940355256220"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28176
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:42 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 145ms
145ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3374639394088567&correlator=935613492729854&output=ldjh&impl=fif&eid=21067448%2C21068418&vrg=2020110501&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=15918106%2Celfagr%2Cheader&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C336x280%7C300x250&eri=4&cookie_enabled=1&cdm=www.elfagr.com&bc=31&abxe=1&dt=1605067962881&dlt=1605067962266&idt=598&frm=20&biw=1600&bih=1200&oid=3&adxs=240&adys=89&adks=194120428&ucis=1&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.elfagr.com&loc=https%3A%2F%2Fwww.elfagr.com%2F&dssz=41&icsg=565217677979404&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x112&msz=728x90&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=true&fws=4&ohw=728&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

c10a14e4ee557f08edbdcd8de177be6221d06730ef95be79eb073cc7e91180ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2566
x-xss-protection: 0
google-lineitem-id: 5164664816
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138286671658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elfagr.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 61ms
16ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 911F 0
0 77ms
76ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1605067872&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962610&bpp=4&bdt=345&idt=319&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s7vcX0cC5e&p=https%3A//www.elfagr.com&dtd=326

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&pi=t.ma~as.3222233010&w=300&lmt=1605067872&psa=0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067962610&bpp=4&bdt=345&idt=319&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=s7vcX0cC5e&p=https%3A//www.elfagr.com&dtd=326
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; expires=Mon, 06-Dec-2021 04:12:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 227A 0
0 75ms
74ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=3&bdt=808&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YdNJlUk0cV&p=https%3A//www.elfagr.com&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&pi=t.aa~a.1446998228~rp.1&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=3&bdt=808&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=YdNJlUk0cV&p=https%3A//www.elfagr.com&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D2C4 0
0 75ms
74ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=2&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UznKyxyPSa&p=https%3A//www.elfagr.com&dtd=31

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&pi=t.aa~a.233920742~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=2&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=UznKyxyPSa&p=https%3A//www.elfagr.com&dtd=31
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3A16 0
0 75ms
74ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WK0bczOMTT&p=https%3A//www.elfagr.com&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=WK0bczOMTT&p=https%3A//www.elfagr.com&dtd=37
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E765 0
0 94ms
93ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=xYsa9O2Ij6&p=https%3A//www.elfagr.com&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&pi=t.aa~a.2607279491~rp.2&w=770&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=xYsa9O2Ij6&p=https%3A//www.elfagr.com&dtd=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 704E 0
0 61ms
61ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=buBBSVJ2pi&p=https%3A//www.elfagr.com&dtd=48

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&pi=t.aa~a.2922196588~rp.2&w=330&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=-M&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=buBBSVJ2pi&p=https%3A//www.elfagr.com&dtd=48
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8DEC 0
0 89ms
88ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=2&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=MeU6YsEFmS&p=https%3A//www.elfagr.com&dtd=53

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&pi=t.aa~a.3046622649~rp.1&w=375&fwrn=4&fwrnh=100&lmt=1605067872&rafmt=1&to=qs&pwprc=8329024644&psa=0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963073&bpp=1&bdt=807&idt=2&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=8504891800174&frm=20&pv=1&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1599860545&ga_fc=1&iag=0&icsg=565217677979404&dssz=41&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21068084&oid=3&pvsid=3374639394088567&pem=600&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=MeU6YsEFmS&p=https%3A//www.elfagr.com&dtd=53
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: private

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E77 0
0 35ms
35ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlJP2fr6jD5V5aBOJC5qqI-W8zyjsKEfqoJOhZsQ64mxBYsZudts9TeT5bFIrN75d4M9fBtjSe-oHpfFU7ZziaLhEvevlOcz4Mvq4nwVR8ed-MG2tpmJywLnW-H8S2kwtS5r90mi3mxxQTdrlLdBLzLMJ9gXaOZdTPNQhk_h3NOvNPyLg4b_w_QMCvCrkFHCKpAHWpfQsAe8ugQGPFt2A_PEjW2Vkxz95GYjxtQWzjyt9GvF7dSJ8EVSkAsfSj9VYt&sai=AMfl-YTyQfbhqyTtO7P0UqSn7V4v40Z7-lQnHiV77GoDlzf1wdMCZAgl7SEMiZwXTH9sbOO6JvPdqq-T2-wgPcXJqOkJGMKjIC0ZY2WXz2E9Lijykq9g2vxz4S9Ov69qE86x&sig=Cg0ArKJSzMCTMdDzPrzdEAE&urlfix=1&adurl=

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7E77 130 KB
44 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45395
x-xss-protection: 0
server: cafe
etag: 16107326225270191402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E77 75 KB
29 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a8c86a3426141c5a1913053e7df222349ee12301e04f5528367270b6ea1283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604940355256220"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29149
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
DATA 200
OK truncated
/ Frame 7E77 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5594e6be5b7f815daef13b936449d78aad31ba048524f4ee088158c10b63e32f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ Frame 7E77 230 KB
86 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7E77 12 B
191 B 33ms
32ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elfagr.com&callback=_gfp_s_&client=ca-pub-9392826248043988&cookie=ID%3D691c36159a471b1d-2206f4436aa60073%3AT%3D1605067962%3ART%3D1605067962%3AS%3DALNI_MaOsHoPiOpWMFlc8dy7vPMmffg9kQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7E77 109 B
749 B 42ms
28ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7E77 109 B
749 B 44ms
29ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E630 0
0 99ms
98ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963288&bpp=2&bdt=129&idt=44&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D691c36159a471b1d-2206f4436aa60073%3AT%3D1605067962%3ART%3D1605067962%3AS%3DALNI_MaOsHoPiOpWMFlc8dy7vPMmffg9kQ&correlator=8504891800174&frm=23&ife=4&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1132346322&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=505133829845393&pem=600&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.rkut1i27egqd&fsb=1&dtd=51

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-9392826248043988&output=html&h=280&slotname=8616199616&adk=654258349&adf=776186312&pi=t.ma~as.8616199616&w=336&psa=0&format=336x280&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605067963288&bpp=2&bdt=129&idt=44&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D691c36159a471b1d-2206f4436aa60073%3AT%3D1605067962%3ART%3D1605067962%3AS%3DALNI_MaOsHoPiOpWMFlc8dy7vPMmffg9kQ&correlator=8504891800174&frm=23&ife=4&pv=2&ga_vid=616737716.1605067963&ga_sid=1605067963&ga_hid=1132346322&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=89&biw=1600&bih=1200&isw=336&ish=280&ifk=222235765&scr_x=0&scr_y=0&eid=21068496&oid=3&pvsid=505133829845393&pem=600&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.rkut1i27egqd&fsb=1&dtd=51
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 04:12:43 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E77 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604940355256220"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28176
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7E77 0
21 B 35ms
34ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_XSTDmEB_B9kfDnz3xLupq3j1N5ApG6xLz7pvWb8PlzzaJtJ3e_ElpI-WXW51oRx3afadEjxExMYuyv9tBMjuxIbLRtffXkbmY-YmgeoU2BWbflVZQCv1AqT7Fmq8kpzK9J0N3uH8z6Z7hBq07CNZaHzKWI9rr-yYwArR6jRwPVJNXZM1ve3-z4UxC-fQn7SiM3_Ghzr0OydSQxx4lJyThSN3aRRg5YMoacaai9jYHyPwv4o7Q0Z1k7p4kG_nqGHg2-w&sai=AMfl-YR5az0yCnzKbYbjN878RdL1b6FoZ4UgDNEVPuwgcXoA8fJ90o08uhzNzeahLbu-KBvEvhyNXB4HCVyN714eS8vheaYrUl2cxMAECpJNw3MZKouebFtl9FR5SAE1x9YR&sig=Cg0ArKJSzCm5AEOwuYfAEAE&urlfix=1&adurl=

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7E77 8 KB
7 KB 43ms
30ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d981ca22ddda7a628b91038ebd0641d94f17e417bf235f48ddae46a6258428bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6422
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 39ms
13ms Script
application/x-javascript 2600:9000:2190:c000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:c000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:44:07 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 03:23:55 GMT
server: nginx
age: 44916
etag: W/"5f866f4b-8e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: bxiTQbwKgQxtdwIYQc-kJoqrsN2HtOK2_dmQggMwWWM4RsHPimJbSQ==
via: 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
expires: Wed, 11 Nov 2020 15:44:07 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-59ef5e079e818335/ 2 KB
776 B 43ms
41ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-59ef5e079e818335/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
etag: 187095746--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=27, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 602

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 327ms
326ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5fab64ba1e27e216&bkl=0&bl=1&pdt=147&sid=5fab64ba1e27e216&pub=ra-59ef5e079e818335&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.elfagr.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%2C%D8%B9%D8%A7%D8%AC%D9%84%2C%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9%2C%D8%AA%D9%82%D8%A7%D8%B1%D9%8A%D8%B1%2C%D8%AD%D9%88%D8%A7%D8%AF%D8%AB%2C%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%A7%D8%AA%2C%D8%AA%D8%AD%D9%82%D9%8A%D9%82%D8%A7%D8%AA%2C%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%2C%D9%83%D8%B1%D8%A9%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%2C%D8%B9%D8%B1%D8%A8%2C%D8%A7%D9%84%D9%85%D8%B2%D9%8A%D8%AF%2C%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%20%D9%88%D8%A8%D9%88%D8%B1%D8%B5%D8%A9%2C%D8%B9%D8%A7%D9%84%D9%85%2C%D9%83%D8%A7%D8%B1%D9%8A%D9%83%D8%A7%D8%AA%D9%8A%D8%B1%2C%D9%81%D9%86%2C%D8%AA%D9%84%D9%8A%D9%81%D8%B2%D9%8A%D9%88%D9%86%2C%D8%AB%D9%82%D8%A7%D9%81%D8%A9%2C%D9%85%D8%B1%D8%A3%D8%A9%20%D9%88%20%D9%85%D9%86%D9%88%D8%B9%D8%A7%D8%AA%2C%D8%B5%D8%AD%D8%A9%2C%D8%A3%D9%84%D8%A8%D9%88%D9%85%D8%A7%D8%AA%2C%D9%85%D9%82%D8%A7%D9%84%D8%A7%D8%AA%2C%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%2C%D8%B5%D8%AD%D8%A7%D9%81%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D8%B7%D9%86%2C%D9%86%D8%B4%D8%B1%D8%A9%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1&colc=1605067963463&jsl=131105&uvs=5fab64ba352001ca000&skipb=1&callback=addthis.cbs.jsonp__173252153290960330
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98a141acc634532371e3dde82e53f827fb46eb1957c8f998f71888dbe364267a

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 37A8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame F643 0
0 28ms
28ms Document
text/html 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
etag: W/"5ed917ff-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 11 Nov 2020 04:12:43 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 27ms
26ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201104&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d37b39d1e2d770968cca10ea52c4be7a24557a49bacca960ef296116b956a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6347
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7E77 16 KB
6 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 60ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 11 Nov 2020 04:12:43 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 351ms
116ms Image
image/gif 3.222.213.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=elfagr.org&p=%2F&u=DfC3YTBg2ji8DKLQUP&d=elfagr.com&g=64566&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8824&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1296&t=CDwfHeD5LJ4qCTbKPBjYpbvBUFHHk&V=121&i=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&tz=-60&sn=1&sv=D9Txn4DV2o88CP82V5CTZKGZBERrY3&sd=1&im=06030403&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.213.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-213-29.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 11 Nov 2020 04:12:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 40ms
39ms Script
application/javascript 104.75.88.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Wed, 11 Nov 2020 04:12:43 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8656 0
0 35ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 10 Nov 2020 22:36:26 GMT
expires: Wed, 10 Nov 2021 22:36:26 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20177
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B69E 0
0 33ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 10 Nov 2020 22:36:26 GMT
expires: Wed, 10 Nov 2021 22:36:26 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20177
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 15ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=3374639394088567&bg=!YWKlYkLNAAUBH37qAVhNJvgws3eIlgIAAADzUgAAABVoAQcKAK_NRSwZvTjmLwKTkpirKWdUl3kvy0Kcgw7EGIp3n-Ai_niJySHKc_e_NSAq9iSz1T23_Ss6q94rgAwBs8mi1PEuEyUFkVgpyRHrL01Y6YwDFKxXpB2gwVroSuHhTHu5ZuLInMnlNV-LY0de2B_rULUVT99ibd99gZtffKPEgmAmdZg6VNqQbxp97DGSVw-TDGdVU_XHvxlcI4dIgpBBhJvDGM16JBBxpIdbTlRIXvgimQG3GGX6s4HVef3-RP1nq6NIL8tek2GlShQdWqXJVCKVp9JK3F6UJVdFclqeUH4HNhizyyhPeXTyolumVPSZgLrKqmyX84CHALUpxAMuHpp9wEceOVOLZCplzHztSHh8a3lS56tdPEHz9BA1EPZr-wG_90UWu2odQU722X2PMRY_XB3kELDis5vpdi0efVD862TQp7YOpYfKH9MPsipJzSslgdG2k1NfEyXTTaDSvK0o-m5lVThwHF_M-D99ak1Df1ptMbm0BmcjLw2mPhUERvwGa3MJ4PiJD0pDq3Ls-fr6_kTGFLUMTPXcYexbwKcs4uBadSjNNXjjYzFUTRjukq81XEezLFMNRAufSLnmam8BgcQ_A6kblobavokA426YjO9IIbeKvl4w637ExI4yFpYDtO0-LieSBvfHZmWBicDZ2kAWmfEFqD3Vsm_7uFhSUr_AnKZudoamlSD0Z7Dv1KXF5Nc3HwO0__iml5W0ET0I0iG2YQBWHDfnAG7hvaoma03tzztFClCwnf9aHKZVpKxqj7rMoPTVD0KF-VwVBE07V9EbCZdq57SlyF0W3w2JYKL2dhYm5Kh4-g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 04:12:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E77 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201104&jk=505133829845393&bg=!WVqlWnrNAAUBH37qAViXOLRaCVpMHgIAAADaUgAAABtoAQcKAH71TXWJwTsAd2WhGsvc3OCFLswRUx7uRhuJxqtuN8ATK3ybL-t9huUFjbc55koMnInwrNmhreo2_gh7Vc8BgIhl4o7u1vU5olN02Q919fi6n2Pil2H3rcSgpM-GnxelQEePm5XsgQgIg8nxeCQAhCXxQHCX49HEq8FEfQSURzCZAb0ZwAJ0xukwH3oArjfQ4svtrPvphS0cNL4LadDkVNd9Me7XE9pyHFN5Jo1SHJVnRkV1bdQ1daJ9OJ5E7UyLtHU7cNuvBLKAxNgTCIwsBacpldbM3ZCgfe-ToIC3psfP-8YLqTUjeRuxoL-Eu9eTqWKW0Q84-ISnKu-sONaCWFkHttBfrdi5xDRR7bBicckB2bee5OYw9d7VrPJbgHc5UHkV7hyYoVFkTq_Ay-ethQ_ac0aUQbk-xj0mwtZfQv__GbEYSEkVqeKd1ftgFjQ2mw1aFqeVlf89f29ZHm5ixXCxLhp1fo7_uZv1iJC8IeXRTh6YkCGt7nhvXWD362724iJUJe69TF-75dW4zbUT5_nlLDmVlWDWAa0zna7t4N2CmKYvN2mStmkH9HsogTxRXUKuyfW9defnbD8-s0tXVVBUI3Jn2RfQQkDlscGViGLnI3qL15PEDbqGvPOvY8ySo7vGCTjV9nhqsIfmtn3obTE45jNckr8jxWkPjiiKGHkI-BAiB6M8KANf6uJGxkBP0969r-lZxeSd2hX-dhYotHb4xb6w4pkm0Ub0yZhbemLeBOn6sq122thhRYTI7MJT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 04:12:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7E77 42 B
93 B 15ms
14ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteY0UwkE-BnoY11VZEH8GIMV39mNb0R6k8Lxk5ZtXm1DqIp6uffLwaI3g9rjy-o7AqSajO2dWyyYXGjSSz-mvC3fyGJMhFHKqYg_XkpOY&sig=Cg0ArKJSzOqrDxffzNbKEAE&adk=194120428&tt=-1&bs=1600%2C1200&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&p=89,436,369,772&mcvt=1020&rs=3&ht=0&tfs=324&tls=1344&mc=1&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=202&niot_cbk=246&md=2&btr=0&cpmav=0&lm=2&rst=1605067963163&dlt&rpt=121&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C8824&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-18-10-10-0-0-0&tvt=1327&is=336%2C280&iframe_loc=https%3A%2F%2Fwww.elfagr.com%2F&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 04:12:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 472.jpg
www.elfagr.com/upload/photo/news/407/5/600x338o/ 65 KB
65 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::681b:a7f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/407/5/600x338o/472.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3032::681b:a7f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 932e82922ee3f525ce33a84f8989074e6d74c36b39baac45d21faf29489c7176

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 04:12:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 551
x-powered-by: ASP.NET
status: 200
content-length: 66468
cf-request-id: 06571aacdd00002bc6a713b000000001
last-modified: Wed, 11 Nov 2020 03:59:52 GMT
server: cloudflare
etag: "f139821bdfb7d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QNBukLdw15fxGgl18jPSGEG0DnvcDbyW%2FSuyNpfKPW%2FmeWu5G78sCDiLx8SlNxrVCDJPCzwZgbIK%2FZKTmeB0BaIE6NHZVN7IE6AputQA1HxY9uKvwpkF80ZjLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5f052d5af8132bc6-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:12:43	Name: IDE Value: AHWqTUkcGYzHjy-Na70mVFi2YTG3DQ2NE3dtOMZ2XaHzisBGRFugXC_csy_xKGqu
www.elfagr.com/	1970-01-19 13:51:09	Name: __atuvs Value: 5fab64ba352001ca000
.elfagr.com/	1970-01-19 13:51:09	Name: __utmb Value: 95024968.1.10.1605067963
www.elfagr.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xt5yqv0g021oh4grkvv5ruoe
.elfagr.com/	1970-01-19 22:38:10	Name: __auc Value: e05ea63a175b58179b18d878892
.elfagr.com/	1970-01-19 13:51:09	Name: __asc Value: e05ea63a175b58179b18d878892
.elfagr.com/	1970-01-19 23:12:43	Name: __gads Value: ID=691c36159a471b1d-2206f4436aa60073:T=1605067962:RT=1605067962:S=ALNI_MaOsHoPiOpWMFlc8dy7vPMmffg9kQ
.elfagr.com/	1970-01-19 13:51:08	Name: __utmt Value: 1
.elfagr.com/	1970-01-20 07:22:19	Name: __utma Value: 95024968.616737716.1605067963.1605067963.1605067963.1
.elfagr.com/	1969-12-31 23:59:59	Name: __utmc Value: 95024968
.elfagr.com/	1970-01-19 18:13:55	Name: __utmz Value: 95024968.1605067963.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.elfagr.com/	1970-01-19 23:19:55	Name: __atuvc Value: 1%7C46
.elfagr.com/	1970-01-19 14:34:19	Name: __cfduid Value: d4136e8716393107a5fe1901bd985f6cb1605067962

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.expr[':'] is deprecated; use jQuery.expr.pseudos
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.unbind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.bind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	log	URL: https://www.elfagr.com/(Line 14) Message: ServiceWorker registration failed: TypeError: Failed to register a ServiceWorker for scope ('https://www.elfagr.com/') with script ('https://www.elfagr.com/sw.js?r=1.6'): A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9c1ab846abe9fbc96b22fc997835b109.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
certify-js.alexametrics.com
certify.alexametrics.com
cr.synceg.net
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
s7.addthis.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.elfagr.com
www.google.com
www.google.de
www.googletagservices.com
www.sfegypt.com
z.moatads.com
s7.addthis.com
104.75.88.112
13.224.93.26
172.217.22.98
2.18.235.40
2600:9000:2190:c000:18:1fcd:34e:d2a1
2606:4700:3032::681b:a7f2
2606:4700:3033::6818:64a1
2606:4700:3035::681c:849
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:817::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2004
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c03::9d
2a04:4e42:1b::621
3.222.213.29
54.239.192.6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
38bc0825ad91b0c113ec5049c733c1cea55b37c18f64ae2e73c38d8bc6221718
399db61af008d45593cf48352789ea403cb6c270b66f8b7e073d64095a2d5f6f
40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb
46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69
48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff
4d37b39d1e2d770968cca10ea52c4be7a24557a49bacca960ef296116b956a84
51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310
5594e6be5b7f815daef13b936449d78aad31ba048524f4ee088158c10b63e32f
572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630
59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7
5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855
5eb1eeea7b5bee3b991cf2e7223220f21d2c2d8f55090d13daf5798bb24ccc13
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6908359b2448663f3d13648ac2590b58f1c09dadc0679d0b78715c8360084286
6c8b496dcdb6fa1620734dba3efcde3cabcc0d717ccf21268d856b2fef52ebcf
7da3b22d3d9622c8e5b25868278892b4d523c36dbac726d0f0373cd90797a7d8
80a8c86a3426141c5a1913053e7df222349ee12301e04f5528367270b6ea1283
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b231ef6a88878765103cc16538567c9d50d38a1e7b4925960b8c049356b49b3
8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
92f8fab2e2f6b1af9da9b0df9038b8586f753bcac0c16efd46d7db80a21f31e8
932e82922ee3f525ce33a84f8989074e6d74c36b39baac45d21faf29489c7176
98a141acc634532371e3dde82e53f827fb46eb1957c8f998f71888dbe364267a
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec
c10a14e4ee557f08edbdcd8de177be6221d06730ef95be79eb073cc7e91180ba
c39eed10adea9e22dce8b7ad09ed85c3ba7c4149b3906d7f3479ccda1fdf7833
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
d5e5d4f8446d781af69069c877a7ee9baec87b0237fcf572f6609bfa9969aca3
d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8
d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90
d981ca22ddda7a628b91038ebd0641d94f17e417bf235f48ddae46a6258428bf
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8
e0ad46922b053dc3e5d02cfe04b122cee77d46e633a6d046df619dc03923d4ee
e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad
e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081
edee9d3caa9ec34e06c5d23dc15d7813ea0f333a9d56eb9353aa9b1ec259eb32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

www.elfagr.com Open in urlscan Pro 2606:4700:3032::681b:a7f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

86 Requests

98 %HTTPS

70 %IPv6

17 Domains

25 Subdomains

19 IPs

5 Countries

1317 kBTransfer

3505 kBSize

13 Cookies

4 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

www.elfagr.com Open in urlscan Pro
2606:4700:3032::681b:a7f2 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

98 %
HTTPS

70 %
IPv6

17
Domains

25
Subdomains

19
IPs

5
Countries

1317 kB
Transfer

3505 kB
Size

13
Cookies

86 HTTP transactions
0 data transactions