urlscan.io logo urlscan.io
SecurityTrails logo

ellitehelp.com Open in urlscan Pro
2606:4700:3031::6815:237e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://100.43.155.13/1908108ng2097911eW462263212fQ12634Ie39Skr122629CJ
Effective URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Submission: On May 18 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3031::6815:237e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ellitehelp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2021. Valid for: a year.
This is the only time ellitehelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 100.43.155.13 35908 (VPLSNET)
1 185.63.253.116 134512 (HWSPL-AS-...)
1 1 50.115.172.110 32875 (VIRP)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 45.55.126.207 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
18 13
1    100.43.155.13 (United States)

ASN35908 (VPLSNET, US)
PTR: bbs.mknowing.com
100.43.155.13
1    185.63.253.116 (Amsterdam, Netherlands)

ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN)
shiboar.com
1    50.115.172.110 (United States)

ASN32875 (VIRP, US)
boothraft.com
5    2606:4700:3031::6815:237e (United States)

ASN13335 (CLOUDFLARENET, US)
ellitehelp.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3037::6815:520 (United States)

ASN13335 (CLOUDFLARENET, US)
secureanalytic.com
2    45.55.126.207 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beacon.ellitehelp.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:3030::ac43:c831 (United States)

ASN13335 (CLOUDFLARENET, US)
event.smpush.com
Domain Requested by
5 ellitehelp.com shiboar.com
ellitehelp.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ellitehelp.com
2 event.smpush.com secureanalytic.com
2 beacon.ellitehelp.com 1 redirects ellitehelp.com
1 www.google.de ellitehelp.com
1 www.google.com ellitehelp.com
1 stats.g.doubleclick.net www.google-analytics.com
1 secureanalytic.com ellitehelp.com
1 www.googletagmanager.com ellitehelp.com
1 fonts.googleapis.com ellitehelp.com
1 boothraft.com 1 redirects
1 shiboar.com
18 12

This site contains no links.

Subject Issuer Validity Valid
www.shiboar.com
Go Daddy Secure Certificate Authority - G2		 2021-01-13 -
2022-01-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
beacon.ellitehelp.com
R3		 2021-03-21 -
2021-06-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Frame ID: 35994B135A3CDD1D6C23A89FC71E3B2D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://100.43.155.13/1908108ng2097911eW462263212fQ12634Ie39Skr122629CJ HTTP 302
    https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212 Page URL
  2. https://boothraft.com/r/57edf38c-9687-4305-ad71-4265ed8075e1/472176/1048735507/15b-1908108-2097911... HTTP 302
    https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&af... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

18
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

12
Subdomains

13
IPs

4
Countries

905 kB
Transfer

1578 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://100.43.155.13/1908108ng2097911eW462263212fQ12634Ie39Skr122629CJ HTTP 302
    https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212 Page URL
  2. https://boothraft.com/r/57edf38c-9687-4305-ad71-4265ed8075e1/472176/1048735507/15b-1908108-2097911-122629-12634- HTTP 302
    https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://100.43.155.13/1908108ng2097911eW462263212fQ12634Ie39Skr122629CJ HTTP 302
  • https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212
Request Chain 8
  • https://beacon.ellitehelp.com/g2/fa7a0a63-080f-48af-80c3-4a42f667a80f?aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK HTTP 302
  • https://beacon.ellitehelp.com/s/19493d56-d6fb-4010-b815-816ce9e2dfa5?&requestid=lpgQGAvMqs&destinationid=129670320&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 462263212
shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/
Redirect Chain
  • http://100.43.155.13/1908108ng2097911eW462263212fQ12634Ie39Skr122629CJ
  • https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212
175 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.63.253.116 Amsterdam, Netherlands, ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN),
Reverse DNS
Software
Apache /
Resource Hash
7d3e837d1ee1e5936ed280b50d7fa7e6b464c6a6d02751d531561926b6eaf04e

Request headers

Host
shiboar.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 May 2021 09:06:34 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
175
Server
Apache
Set-Cookie
uid16721=1048735507-20210518040634-662f7e0e27aed0e0a60ed893815a5600-; domain=; expires=Fri, 18-Jun-2021 08:06:34 GMT; path=/; SameSite=None; Secure

Redirect headers

Date
Tue, 18 May 2021 09:06:33 GMT
Server
Apache/2.4.6 (CentOS)
location
https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request /
ellitehelp.com/be-koffie-pl2/
Redirect Chain
  • https://boothraft.com/r/57edf38c-9687-4305-ad71-4265ed8075e1/472176/1048735507/15b-1908108-2097911-122629-12634-
  • https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Requested by
Host: shiboar.com
URL: https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5592b7d3acd8b981b2236aee1a0332a2d5349f64fb58605f118dd112918687

Request headers

:method
GET
:authority
ellitehelp.com
:scheme
https
:path
/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://shiboar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://shiboar.com/fff79b47cf36f76800/15b-1908108-2097911-122629-12634-/462263212

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-type
text/html
last-modified
Tue, 27 Apr 2021 11:28:29 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a20532ddb0000c2729282c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EoykAd378gqAa0cbqCAVVdomIIV9BC5Nv%2BmsN7OxyIZ0FLSuQLfijUBi3k8jIQNFagLbbBecs4SKZJ0y%2BolCUhyxUEqe3%2FL2ORsKdRs1Kyq7zzCQj5nB7TheRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6513ee295bd1c272-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Server
nginx
Date
Tue, 18 May 2021 09:06:34 GMT
Content-Length
134
Connection
keep-alive
set-cookie
3eeaf25b-a7d4-4899-a373-8137e021ee5c=54c6aa63-c62d-4843-ada7-635b4253a4a5; Version=1; Expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; Domain=boothraft.com; Path=/
Location
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Cache-Control
no-cache
Expires
Tue, 18 May 2021 09:06:34 GMT
css2
fonts.googleapis.com/ 		708 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 18 May 2021 08:33:10 GMT
server
ESF
date
Tue, 18 May 2021 09:06:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 May 2021 09:06:35 GMT
bundle.4c9f599a5baecda1a79b.css
ellitehelp.com/be-koffie-pl2/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ellitehelp.com/be-koffie-pl2/bundle.4c9f599a5baecda1a79b.css?t=1619522899315
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f3a8568e9a977d1aa7412db2c1ee9e0f5f2fdb0c23c14d5537cfc7db70bf9b

Request headers

:path
/be-koffie-pl2/bundle.4c9f599a5baecda1a79b.css?t=1619522899315
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
ellitehelp.com
referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60817
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a20532ed400002b127f894000000001
last-modified
Tue, 27 Apr 2021 11:28:29 GMT
server
cloudflare
etag
W/"6087f55d-6197"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ja93j%2FiKOh2%2FeBTPf7R5TSDYpfeo1rCciWYwaDkyIruSOmBN0iPfCpBNzN1vu5gf9rt9wFulrzPhD8O%2BITZLcvVbpDSw01DrEoAlj0L0g28n1t9B4VUv173FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
6513ee2aedea2b12-FRA
expires
Tue, 17 May 2022 16:15:30 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-148357412-23
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f94d97310988b243ef70adc8b3cfa780946648381b9c1fd650fb13adedd2906b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35680
x-xss-protection
0
expires
Tue, 18 May 2021 09:06:35 GMT
1.a740f96d.chunk.js
ellitehelp.com/be-koffie-pl2/js/ 		259 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ellitehelp.com/be-koffie-pl2/js/1.a740f96d.chunk.js
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8b9bd9304bfce6cf3d6207911df8c04d5223cd89f077dc775efd1c954fdabab

Request headers

:path
/be-koffie-pl2/js/1.a740f96d.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ellitehelp.com
referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60817
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a20532ed400002b128fb3d000000001
last-modified
Tue, 27 Apr 2021 11:28:29 GMT
server
cloudflare
etag
W/"6087f55d-40a2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BR0V467DmaFhLZop6S19VFbajUrN%2F4d5up1qIP9NJQF0Uv1hwW8pvBbhFg7DCNhpk78WoJ%2F%2B%2BgadnGnRmr%2FkfMyLNcSrDhZQisSAmNQFWJp%2BJHHz3tIBJpXIEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6513ee2aede92b12-FRA
expires
Tue, 17 May 2022 16:15:30 GMT
app.7b1e583b.js
ellitehelp.com/be-koffie-pl2/js/ 		223 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ellitehelp.com/be-koffie-pl2/js/app.7b1e583b.js
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa27a0b757e0b9dbfe57970bb4ab4d6fc7afb9482a2d8caa206f4a7370679b2e

Request headers

:path
/be-koffie-pl2/js/app.7b1e583b.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
ellitehelp.com
referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60817
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a20532ed700002b129bb2f000000001
last-modified
Tue, 27 Apr 2021 11:28:29 GMT
server
cloudflare
etag
W/"6087f55d-37abd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I5i1JLiDREk6E4JxzLgGTVrAnfETO0OfmbmIJBngKMPfDXddrelG9wTX7khdSSHjUqW7fZpvI42UTSd7wW2yQngLAo1vQbioLqPFH3AlClmYJR9bcBL1rXKwVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
6513ee2aede62b12-FRA
expires
Tue, 17 May 2022 16:15:30 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148357412-23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2383
date
Tue, 18 May 2021 08:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 18 May 2021 10:26:52 GMT
4og36z8g3w
secureanalytic.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureanalytic.com/scripts/push/script/4og36z8g3w?url=be.com
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/js/app.7b1e583b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:520 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97500f40b6d519c2a295949dfddd183d045b9f4fc0fe0514f57848300dccad15
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a20532f9500002bdd3830c000000001
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9vYv2GGlau3V61rZ5PgPcB1C3nxrfhrjc3Hp6WuXXRcoIuXDkM%2FAM7HbhOFNp9haWzq7C4C14QVojXGdpod92WlbIviIN3jJg5IsqB7TOuG%2BSdipwXYvMi0WMZ2y8y4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
x-xss-protection
1; mode=block
cache-control
max-age=14400, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
6513ee2c1bbb2bdd-FRA
expires
0
19493d56-d6fb-4010-b815-816ce9e2dfa5
beacon.ellitehelp.com/s/
Redirect Chain
  • https://beacon.ellitehelp.com/g2/fa7a0a63-080f-48af-80c3-4a42f667a80f?aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK
  • https://beacon.ellitehelp.com/s/19493d56-d6fb-4010-b815-816ce9e2dfa5?&requestid=lpgQGAvMqs&destinationid=129670320&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK
196 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.ellitehelp.com/s/19493d56-d6fb-4010-b815-816ce9e2dfa5?&requestid=lpgQGAvMqs&destinationid=129670320&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2c885f16842398d2d51cf485caa087590aea0262e69e9707ef3191254e74e109
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:35 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
strict-transport-security
max-age=2592000
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization

Redirect headers

date
Tue, 18 May 2021 09:06:35 GMT
server
Kestrel
location
https://beacon.ellitehelp.com/s/19493d56-d6fb-4010-b815-816ce9e2dfa5?&requestid=lpgQGAvMqs&destinationid=129670320&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176&item=8OK
strict-transport-security
max-age=2592000
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
content-length
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1308283698&t=pageview&_s=1&dl=https%3A%2F%2Fellitehelp.com%2Fbe-koffie-pl2%2F%3Fitem%3D8OK%26aff_click_id%3D54c6aa63-c62d-4843-ada7-635b4253a4a5%26aff_sub%3D472176&dr=https%3A%2F%2Fshiboar.com%2F&ul=en-us&de=UTF-8&dt=Koffie&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1854445405&gjid=506926970&cid=1521689492.1621328796&tid=UA-148357412-23&_gid=235504387.1621328796&_r=1&gtm=2ou5c1&z=323532354
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 May 2021 09:06:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ellitehelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1308283698&t=event&_s=2&dl=https%3A%2F%2Fellitehelp.com%2Fbe-koffie-pl2%2F%3Fitem%3D8OK%26aff_click_id%3D54c6aa63-c62d-4843-ada7-635b4253a4a5%26aff_sub%3D472176&dr=https%3A%2F%2Fshiboar.com%2F&ul=en-us&de=UTF-8&dt=Koffie&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pageload&ea=load&el=INITIAL_LOAD&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1521689492.1621328796&tid=UA-148357412-23&_gid=235504387.1621328796&gtm=2ou5c1&z=923481706
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 06:37:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8927
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-148357412-23&cid=1521689492.1621328796&jid=1854445405&gjid=506926970&_gid=235504387.1621328796&_u=YEBAAUAAAAAAAC~&z=1808522550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 18 May 2021 09:06:35 GMT
content-type
text/plain
access-control-allow-origin
https://ellitehelp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-148357412-23&cid=1521689492.1621328796&jid=1854445405&_u=YEBAAUAAAAAAAC~&z=279127755
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 09:06:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-148357412-23&cid=1521689492.1621328796&jid=1854445405&_u=YEBAAUAAAAAAAC~&z=279127755
Requested by
Host: ellitehelp.com
URL: https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 May 2021 09:06:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4og3l38g3w
event.smpush.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.smpush.com/register/event_log/4og3l38g3w
Requested by
Host: secureanalytic.com
URL: https://secureanalytic.com/scripts/push/script/4og36z8g3w?url=be.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ellitehelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 18 May 2021 09:06:36 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
expires
0
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x06EgbxW97n7O9M0fvuI23bAyvjpjJNjwKiTA%2FQdlrNUEV%2F94tFDpbkPSyANlip43R7KSEhcUaZsOzK6Cr1ZMvtmXck3QjYVaJwkc3w4G1pIfVL5SfzEr4%2Bx3CUa"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ellitehelp.com
access-control-expose-headers
Authorization, Link, X-Total-Count
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-request-id
0a2053339300004a9ddcaf8000000001
access-control-allow-credentials
true
cf-ray
6513ee328b644a9d-FRA
x-pushplatformapp-params
4og3l38g3w
event.smpush.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.smpush.com/register/event_log/4og3l38g3w
Protocol
H2
Server
2606:4700:3030::ac43:c831 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ellitehelp.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 18 May 2021 09:06:36 GMT
content-length
0
access-control-allow-headers
content-type
access-control-expose-headers
Authorization, Link, X-Total-Count
access-control-allow-origin
https://ellitehelp.com
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-max-age
1800
cf-cache-status
DYNAMIC
cf-request-id
0a205331b100004ea33f2a4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ff%2BhQpp4F9mVTEV9DdQIZUgc1p%2Bu%2FVcnQ0Z0EU%2FH082PHjoAON%2FfYh8oFbAyFlwuW0HcXxYf6V9W%2FWaX9DKJM6pXHbIZOmS0li2SDdwuAlTEJm2cKZWcnfX6y8yN"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6513ee2f883f4ea3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
intro.png
ellitehelp.com/be-koffie-pl2/public/ 		591 KB
592 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ellitehelp.com/be-koffie-pl2/public/intro.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:237e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f5f8c868cb68d94a65990d9835cfb27f66ad731b98fc3b8b3df99670918d2c

Request headers

:path
/be-koffie-pl2/public/intro.png
pragma
no-cache
cookie
_ga=GA1.2.1521689492.1621328796; _gid=GA1.2.235504387.1621328796; _gat_gtag_UA_148357412_23=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ellitehelp.com
referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://ellitehelp.com/be-koffie-pl2/?item=8OK&aff_click_id=54c6aa63-c62d-4843-ada7-635b4253a4a5&aff_sub=472176
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 09:06:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
60816
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
605074
cf-request-id
0a205332f800002b126ea2f000000001
last-modified
Tue, 27 Apr 2021 11:28:29 GMT
server
cloudflare
etag
"6087f55d-93b92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EFA%2FCT0it30zAu1Uz25N4slFV11l86uQw6dIxNtbbTKiHvOQMD7U3zOH9oSUptVIEAlzbP33MLSSwePK4RrNKNy845HveBXRV0IeQVhxTQjP3c%2FBZSa8ekZqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6513ee318b1f2b12-FRA
expires
Tue, 17 May 2022 16:15:32 GMT
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e4297b4df8d03dfdc567a031fe99ed2a6dca61700d0b35c2af6a3927bdf062c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55792e8b0b8f41d8f263cd5eabf4c2040c934158941a3691cc2e59f4aa3dbce8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		49 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd41f7c4d7c4ab4c7fdc5651c428de3a4e456bb5bdf788f0b128420d094e7757

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f28cf08d026fa93b084a4db6abc2bc3f70013fc5d85a306228493b8cccf993b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| webpackJsonp object| regeneratorRuntime function| _ object| gaplugins object| gaGlobal object| gaData function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore

3 Cookies

Domain/Path Name / Value
.ellitehelp.com/ Name: _gid
Value: GA1.2.235504387.1621328796
.ellitehelp.com/ Name: _gat_gtag_UA_148357412_23
Value: 1
.ellitehelp.com/ Name: _ga
Value: GA1.2.1521689492.1621328796

4 Console Messages

Source Level URL
Text
console-api log URL: https://ellitehelp.com/be-koffie-pl2/js/1.a740f96d.chunk.js(Line 13)
Message:
i18next: languageChanged en
console-api log URL: https://ellitehelp.com/be-koffie-pl2/js/1.a740f96d.chunk.js(Line 13)
Message:
i18next: initialized [object Object]
console-api log URL: https://ellitehelp.com/be-koffie-pl2/js/1.a740f96d.chunk.js(Line 13)
Message:
i18next: languageChanged be_pl2
console-api warning URL: https://secureanalytic.com/scripts/push/script/4og36z8g3w?url=be.com(Line 1)
Message:
Push messaging is not supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.ellitehelp.com
boothraft.com
ellitehelp.com
event.smpush.com
fonts.googleapis.com
secureanalytic.com
shiboar.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
100.43.155.13
185.63.253.116
2606:4700:3030::ac43:c831
2606:4700:3031::6815:237e
2606:4700:3037::6815:520
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c0a::9a
45.55.126.207
50.115.172.110
1b21d7945f9a9e83d3218aa05a9a97c91d0db52e4682e6392dac56496134ce2d
2c885f16842398d2d51cf485caa087590aea0262e69e9707ef3191254e74e109
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
34f5f8c868cb68d94a65990d9835cfb27f66ad731b98fc3b8b3df99670918d2c
55792e8b0b8f41d8f263cd5eabf4c2040c934158941a3691cc2e59f4aa3dbce8
74f3a8568e9a977d1aa7412db2c1ee9e0f5f2fdb0c23c14d5537cfc7db70bf9b
7d3e837d1ee1e5936ed280b50d7fa7e6b464c6a6d02751d531561926b6eaf04e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e4297b4df8d03dfdc567a031fe99ed2a6dca61700d0b35c2af6a3927bdf062c
8f28cf08d026fa93b084a4db6abc2bc3f70013fc5d85a306228493b8cccf993b
97500f40b6d519c2a295949dfddd183d045b9f4fc0fe0514f57848300dccad15
dd41f7c4d7c4ab4c7fdc5651c428de3a4e456bb5bdf788f0b128420d094e7757
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e8b9bd9304bfce6cf3d6207911df8c04d5223cd89f077dc775efd1c954fdabab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f94d97310988b243ef70adc8b3cfa780946648381b9c1fd650fb13adedd2906b
fa27a0b757e0b9dbfe57970bb4ab4d6fc7afb9482a2d8caa206f4a7370679b2e
fd5592b7d3acd8b981b2236aee1a0332a2d5349f64fb58605f118dd112918687