Submitted URL: http://www.dr-farfar.com/
Effective URL: https://www.dr-farfar.com/
Submission: On April 04 via api from US

Summary

This website contacted 35 IPs in 5 countries across 27 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3031::6812:2ea5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dr-farfar.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on January 30th 2020. Valid for: 8 months.
This is the only time www.dr-farfar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2606:4700:303... 13335 (CLOUDFLAR...)
12 192.0.77.2 2635 (AUTOMATTIC)
3 2a03:2880:f21... 32934 (FACEBOOK)
2 192.111.155.86 31863 (DACEN-2)
2 151.139.242.29 33438 (HIGHWINDS2)
1 198.27.80.143 16276 (OVH)
2 35.190.64.167 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 35.190.8.27 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.12.157 54113 (FASTLY)
1 52.6.253.55 14618 (AMAZON-AES)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.131 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
85 35
Domain Requested by
12 www.dr-farfar.com 1 redirects www.dr-farfar.com
ajax.cloudflare.com
10 fonts.gstatic.com www.googletagservices.com
5 pagead2.googlesyndication.com ajax.cloudflare.com
pagead2.googlesyndication.com
www.dr-farfar.com
4 translate.googleapis.com translate.google.com
translate.googleapis.com
4 i0.wp.com www.dr-farfar.com
4 i3.wp.com www.dr-farfar.com
3 www.gstatic.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
3 scontent-lga3-1.cdninstagram.com www.dr-farfar.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 i1.wp.com www.dr-farfar.com
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 onclicksuper.com www.dr-farfar.com
2 cdnondemand.org www.dr-farfar.com
2 www.onclickmega.com www.dr-farfar.com
2 images.dmca.com www.dr-farfar.com
ajax.cloudflare.com
2 static.copyrighted.com www.dr-farfar.com
ajax.cloudflare.com
2 i2.wp.com www.dr-farfar.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 fonts.googleapis.com www.dr-farfar.com
1 cse.google.com
1 pixel.wp.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 www.google.de
1 stats.g.doubleclick.net 1 redirects
1 dcba.popcash.net cdn.popcash.net
1 static.ads-twitter.com www.dr-farfar.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ufpcdn.com www.dr-farfar.com
1 www.googletagmanager.com ajax.cloudflare.com
1 cdn.popcash.net ajax.cloudflare.com
1 c-ut.com ajax.cloudflare.com
1 translate.google.com ajax.cloudflare.com
1 cdn.onesignal.com ajax.cloudflare.com
1 stats.wp.com ajax.cloudflare.com
1 celeritascdn.com www.dr-farfar.com
1 ajax.cloudflare.com www.dr-farfar.com
1 s4is.histats.com www.dr-farfar.com
85 41
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-30 -
2020-10-09
8 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-02 -
2022-07-05
2 years crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA
2020-03-22 -
2020-06-20
3 months crt.sh
static.copyrighted.com
Sectigo RSA Domain Validation Secure Server CA
2020-03-13 -
2021-03-13
a year crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2
2020-03-13 -
2022-04-04
2 years crt.sh
histats.com
Let's Encrypt Authority X3
2020-03-25 -
2020-06-23
3 months crt.sh
www.onclickmega.com
COMODO RSA Domain Validation Secure Server CA
2017-10-18 -
2020-10-17
3 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
www.celeritascdn.com
COMODO RSA Domain Validation Secure Server CA
2017-10-23 -
2020-10-22
3 years crt.sh
www.cdnondemand.org
COMODO RSA Domain Validation Secure Server CA
2017-10-23 -
2020-10-22
3 years crt.sh
ssl898578.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-03-20 -
2020-09-26
6 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
cdn.popcash.net
Sectigo RSA Domain Validation Secure Server CA
2020-03-16 -
2020-06-14
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
www.onclicksuper.com
COMODO RSA Domain Validation Secure Server CA
2017-10-18 -
2020-10-17
3 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA
2019-08-14 -
2020-08-18
a year crt.sh
*.popcash.net
COMODO RSA Domain Validation Secure Server CA
2017-04-05 -
2020-04-26
3 years crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2020-03-05 -
2021-03-02
a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.dr-farfar.com/
Frame ID: 1FAF2D46DC044D2B01529A0053CF4475
Requests: 83 HTTP requests in this frame

Frame: https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 4457EBE4BDE60792C6C374DB4F7BF89B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Frame ID: 2C485914DE4E0E7EB318EC69342E08B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805468242456874&output=html&adk=1812271804&adf=3025194257&lmt=1586008151&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dr-farfar.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586008151878&bpp=11&bdt=873&fdt=85&idt=85&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228015941912&frm=20&pv=2&ga_vid=817383559.1586008152&ga_sid=1586008152&ga_hid=2032080301&ga_fc=0&iag=0&icsg=8796238512128&dssz=56&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C42530311%2C44713363&oid=3&pvsid=1432375871773539&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=96
Frame ID: A9D8F42557C37F8DA7760B756CA40A73
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 5F602C4F95CCA2C496EE7637710233A7
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.dr-farfar.com/ HTTP 301
    https://www.dr-farfar.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

85
Requests

100 %
HTTPS

67 %
IPv6

27
Domains

41
Subdomains

35
IPs

5
Countries

1071 kB
Transfer

3440 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.dr-farfar.com/ HTTP 301
    https://www.dr-farfar.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2032080301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dr-farfar.com%2F&ul=en-us&de=UTF-8&dt=Dr.FarFar%20%E2%80%93%20Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=2102617398&gjid=1744866008&cid=817383559.1586008152&tid=UA-75976416-1&_gid=524403611.1586008152&_r=1&gtm=2ou3p1&z=792590853 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_gid=524403611.1586008152&gjid=1744866008&_v=j81&z=792590853 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853&slf_rd=1&random=3563918409
Request Chain 54
  • https://www.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8 HTTP 302
  • https://cse.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.dr-farfar.com/
Redirect Chain
  • http://www.dr-farfar.com/
  • https://www.dr-farfar.com/
115 KB
22 KB
Document
General
Full URL
https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063eb1df51e18d047299974638e5bb5877caeb5a10b1634f7de38592b1a3b159

Request headers

:method
GET
:authority
www.dr-farfar.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 04 Apr 2020 13:49:10 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9df49e421f98984d5b014446107758971586008147; expires=Mon, 04-May-20 13:49:07 GMT; path=/; domain=.dr-farfar.com; HttpOnly; SameSite=Lax; Secure aoa=1; expires=Sat, 04-Apr-2020 15:49:08 GMT; Max-Age=7200; secure
link
<https://www.dr-farfar.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/9Q9RC>; rel=shortlink
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57eb7daa9cf81752-FRA
content-encoding
br

Redirect headers

Date
Sat, 04 Apr 2020 13:49:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 04 Apr 2020 14:49:07 GMT
Location
https://www.dr-farfar.com/
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
57eb7daa4d121f35-FRA
b5o2.css
www.dr-farfar.com/wp-content/cache/wpfc-minified/7adtqtjg/
41 KB
6 KB
Stylesheet
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/7adtqtjg/b5o2.css
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc4d0e98c9c8848bd9e9ea18feee9d88cd583a2373b7b3300fa549fc6a75cb0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Mar 2020 07:33:02 GMT
server
cloudflare
age
971522
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
expires
max-age=2592000, public
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc0194c1752-FRA
cf-bgj
minify
b5o2.css
www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/
201 KB
18 KB
Stylesheet
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/b5o2.css
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59420173e4b9c11645a73c50c66e807cac82d8dbc77e74baa7c7af2befb8364a

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
age
971522
cf-polished
origSize=211980
status
200
cf-bgj
minify
last-modified
Tue, 24 Mar 2020 07:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc0194f1752-FRA
expires
max-age=2592000, public
b5o2.css
www.dr-farfar.com/wp-content/cache/wpfc-minified/6vtmgms3/
219 KB
33 KB
Stylesheet
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/6vtmgms3/b5o2.css
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70112f156e2a25c75f8894c00165b9d962a56864c8e305011cfee67b1ff15d7

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
age
971522
cf-polished
origSize=230777
status
200
cf-bgj
minify
last-modified
Tue, 24 Mar 2020 07:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc019511752-FRA
expires
max-age=2592000, public
b5o2.css
www.dr-farfar.com/wp-content/cache/wpfc-minified/mlbv99da/
960 KB
113 KB
Stylesheet
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/mlbv99da/b5o2.css
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93d9dddcd2699b9751545be8c3dd43402992f2c703e129b6bec6a0f785aae825

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
age
971522
cf-polished
origSize=1011384
status
200
cf-bgj
minify
last-modified
Tue, 24 Mar 2020 07:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc019521752-FRA
expires
max-age=2592000, public
1dro.css
www.dr-farfar.com/wp-content/cache/wpfc-minified/m04seahr/
30 KB
4 KB
Stylesheet
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/m04seahr/1dro.css
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dfbb1af1412af34025d9c1e0d375acaf549053bae7e2fc69f599031f0e50265

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 04 Apr 2020 13:49:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc019541752-FRA
expires
max-age=2592000, public
Dr.FarFar-Logo.png
i2.wp.com/www.dr-farfar.com/wp-content/uploads/2018/04//
23 KB
23 KB
Image
General
Full URL
https://i2.wp.com/www.dr-farfar.com/wp-content/uploads/2018/04//Dr.FarFar-Logo.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e6843ea5ac4ca041d2fe4f01736818ce64889aa1fe8873630a01f5f3ee61b990
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 6
date
Sat, 04 Apr 2020 13:49:11 GMT
x-content-type-options
nosniff
x-bytes-saved
88275
last-modified
Tue, 27 Aug 2019 19:14:32 GMT
server
nginx
etag
"4d28650631ec97e7"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2018/04/Dr.FarFar-Logo.png>; rel="canonical"
content-length
23228
expires
Fri, 27 Aug 2021 07:14:32 GMT
Dr.FarFar-Logo-1.png
i3.wp.com/www.dr-farfar.com/wp-content/uploads/2018/04/
6 KB
6 KB
Image
General
Full URL
https://i3.wp.com/www.dr-farfar.com/wp-content/uploads/2018/04/Dr.FarFar-Logo-1.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
167761e784a0cddc047acabc8040bce5c2fb7e11928fb3ffc2937441c8739574
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Sat, 04 Apr 2020 13:49:11 GMT
x-content-type-options
nosniff
x-bytes-saved
8280
last-modified
Tue, 27 Aug 2019 19:14:32 GMT
server
nginx
etag
"85615218a613b138"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2018/04/Dr.FarFar-Logo-1.png>; rel="canonical"
content-length
6238
expires
Fri, 27 Aug 2021 07:14:32 GMT
87642030_188079649092072_2922069665230897613_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/
21 B
21 B
Image
General
Full URL
https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/87642030_188079649092072_2922069665230897613_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=100&_nc_ohc=9nN4PEXuoGUAX8yVsRl&oh=61390497a34cc6a17af241f89804b540&oe=5E86D2FB
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
403
date
Sat, 04 Apr 2020 13:49:11 GMT, Sat, 04 Apr 2020 13:49:11 GMT
x-fb-trip-id
664085054
server
proxygen-bolt
alt-svc
h3-27=":443"; ma=3600
content-length
21
content-type
text/plain
84345601_1411370552357570_2621074744091495064_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c117.0.846.846a/s640x640/
21 B
21 B
Image
General
Full URL
https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/c117.0.846.846a/s640x640/84345601_1411370552357570_2621074744091495064_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=102&_nc_ohc=lwcSLd_Y2GIAX-Dm1aR&oh=d9b898fda228ed0aaabe2f17036e8ae3&oe=5E837BE0
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
403
date
Sat, 04 Apr 2020 13:49:11 GMT, Sat, 04 Apr 2020 13:49:11 GMT
x-fb-trip-id
664085054
server
proxygen-bolt
alt-svc
h3-27=":443"; ma=3600
content-length
21
content-type
text/plain
84297534_2656220514500053_3339493560412291068_n.jpg
scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/
21 B
21 B
Image
General
Full URL
https://scontent-lga3-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/84297534_2656220514500053_3339493560412291068_n.jpg?_nc_ht=scontent-lga3-1.cdninstagram.com&_nc_cat=101&_nc_ohc=MAx9gZNB_pkAX-94D2Z&oh=d89a04765429f88aa115cc0f092f0790&oe=5E87EB52
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f212:c4:face:b00c:0:43fe , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
403
date
Sat, 04 Apr 2020 13:49:11 GMT, Sat, 04 Apr 2020 13:49:11 GMT
x-fb-trip-id
664085054
server
proxygen-bolt
alt-svc
h3-27=":443"; ma=3600
content-length
21
content-type
text/plain
truncated
/
101 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
03_1.png
static.copyrighted.com/badges/125x25/
893 B
1 KB
Image
General
Full URL
https://static.copyrighted.com/badges/125x25/03_1.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.111.155.86 Rochester, United States, ASN31863 (DACEN-2, US),
Reverse DNS
copyrighted.com
Software
nginx /
Resource Hash
1be5933dc74c0d3662d67d0bc8b4c8878109592747760a8d94d0987680336200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Feb 2018 19:24:56 GMT
server
nginx
etag
"5a945f08-37d"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=2592000, public
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
893
x-xss-protection
1; mode=block
expires
Mon, 04 May 2020 13:49:11 GMT
dmca_protected_sml_120am.png
images.dmca.com/Badges/
2 KB
3 KB
Image
General
Full URL
https://images.dmca.com/Badges/dmca_protected_sml_120am.png?ID=73343e38-cc0c-4f70-857f-ebb2a74a1d86
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
471e6e1914ad3c0f80611d2c94c11d06e34b18d41dde34b03d6598a34fa8144c

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
last-modified
Tue, 04 May 2010 23:19:12 GMT
server
nginx
x-powered-by
ASP.NET
etag
"94e3bf34e0ebca1:0"
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca_protected_sml_120am.png>; rel="canonical"
content-length
2406
expires
Mon, 04 May 2020 13:49:11 GMT
4053922.gif
s4is.histats.com/stats/i/
1 KB
1 KB
Image
General
Full URL
https://s4is.histats.com/stats/i/4053922.gif?4053922&103
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
9377b3d1e63f1d5d67ac22177f5cc9efc5a7c1170b05bdf5d95deab59912dbaf

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 04 Apr 2020 13:49:11 GMT
Connection
close
ETag
-1308264756
Content-Length
1119
Content-Type
image/png
email-decode.min.js
www.dr-farfar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
833 B
Script
General
Full URL
https://www.dr-farfar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Apr 2020 11:45:47 GMT
server
cloudflare
etag
W/"5e85d06b-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
57eb7dc019691752-FRA
expires
Mon, 06 Apr 2020 13:49:11 GMT
display.php
www.onclickmega.com/a/
0
96 B
Script
General
Full URL
https://www.onclickmega.com/a/display.php?r=3038771
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.64.167 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
167.64.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Sat, 04 Apr 2020 13:49:11 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
display.php
www.onclickmega.com/a/
0
43 B
Script
General
Full URL
https://www.onclickmega.com/a/display.php?r=3038743
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.64.167 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
167.64.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Sat, 04 Apr 2020 13:49:11 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Apr 2020 11:45:47 GMT
server
cloudflare
etag
W/"5e85d06b-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
57eb7dc07d9f9772-FRA
expires
Mon, 06 Apr 2020 13:49:11 GMT
compatibility.js
celeritascdn.com/script/
12 KB
7 KB
Script
General
Full URL
https://celeritascdn.com/script/compatibility.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:c46b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a798d5f99e0d220a92bbc2c1b5c193b0db09d7924cdd1a1b44c183b30689b

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
905
status
200
x-guploader-uploadid
AEnB2Uqw-yRyiqfEm0iqLrMU3SRnKSow6acwWKicMpOg4OAtUaZGSdh9wEOsHjCHyQSRZ3C6SvKu7pKQ46JtFEu3vBV8PdrKZQ3hR1h_BetKDN1aagXCAoM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 18 Mar 2020 10:59:37 GMT
server
cloudflare
etag
W/"74ee9410dd8eaa64b236f5d4decf9967"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=LTOzTw==, md5=dO6UEN2OqmSyNvXU3s+ZZw==
content-type
application/javascript
x-goog-generation
1584529177143182
cache-control
public, max-age=14400
x-goog-stored-content-length
11992
cf-ray
57eb7dc28e5b1762-FRA
expires
Sat, 04 Apr 2020 17:49:11 GMT
compatibility.js
cdnondemand.org/script/
12 KB
7 KB
Script
General
Full URL
https://cdnondemand.org/script/compatibility.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698a798d5f99e0d220a92bbc2c1b5c193b0db09d7924cdd1a1b44c183b30689b

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1067
status
200
x-guploader-uploadid
AEnB2UoY0xhO-Vu3WPCUkk6_Rx7k0cydmKFWQOg60K1HdaTJyLPgmy2AvacTI7UuUqgGXuxylFRQzFWu70sZEKjDWIlnvASMb4OYGR87i20IsKSXyk-eHPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 18 Mar 2020 10:59:37 GMT
server
cloudflare
etag
W/"74ee9410dd8eaa64b236f5d4decf9967"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=LTOzTw==, md5=dO6UEN2OqmSyNvXU3s+ZZw==
content-type
application/javascript
x-goog-generation
1584529177143182
cache-control
public, max-age=14400
x-goog-stored-content-length
11992
cf-ray
57eb7dc28a019704-FRA
expires
Sat, 04 Apr 2020 17:49:11 GMT
truncated
/
121 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
warning.png
i0.wp.com/www.dr-farfar.com/wp-content/plugins/wccp-pro/images/
336 B
516 B
Image
General
Full URL
https://i0.wp.com/www.dr-farfar.com/wp-content/plugins/wccp-pro/images/warning.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
fa04f7244d2f10d75a93ea517c3545877c530f5039f9bc4bde2598050dada8c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 4
date
Sat, 04 Apr 2020 13:49:11 GMT
x-content-type-options
nosniff
x-bytes-saved
159
last-modified
Tue, 27 Aug 2019 19:14:33 GMT
server
nginx
etag
"1504de51c111046b"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/wccp-pro/images/warning.png>; rel="canonical"
content-length
336
expires
Fri, 27 Aug 2021 07:14:33 GMT
newspaper.woff
www.dr-farfar.com/wp-content/themes/Newspaper/images/icons/
121 KB
121 KB
Font
General
Full URL
https://www.dr-farfar.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?17
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700

Request headers

Referer
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/6vtmgms3/b5o2.css
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 02 Apr 2020 09:02:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
x-font/woff
status
200
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
57eb7dc28fcb1752-FRA
content-length
123488
expires
max-age=2592000, public
fdin5.js
www.dr-farfar.com/wp-content/cache/wpfc-minified/2m36fyod/
365 KB
87 KB
Script
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/2m36fyod/fdin5.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d04019fe151d0c9eacc075fba891197c147b4cf5a538eb18138fbd601fdae285

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
age
188563
cf-polished
origSize=374351
status
200
cf-bgj
minify
last-modified
Thu, 02 Apr 2020 09:04:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc2d8b81752-FRA
expires
max-age=2592000, public
e-202014.js
stats.wp.com/
9 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202014.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Fri, 25 Sep 2020 19:35:03 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=aa0b17
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3000
etag
W/"f242ff15a186d9d5dc1c33cc46f2d4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=259200
cf-ray
57eb7dc31e16d72d-FRA
expires
Tue, 07 Apr 2020 13:49:11 GMT
element.js
translate.google.com/translate_a/
2 KB
1 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
f3595d75431cf8537b43d846b93ee3d6d58ed83cdd4487fc7a178a65bd2c5228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
HTTP server (unknown)
content-language
en
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
805
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
full-page-script.js
c-ut.com/i/js/
2 KB
1 KB
Script
General
Full URL
https://c-ut.com/i/js/full-page-script.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6812:2ca0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53ca6bf8e492bb0f066298aebb65cb4f00c2ee4af79edbd70939329819f0ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
789780
status
200
last-modified
Wed, 02 Oct 2019 10:15:46 GMT
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=10368000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc34ad8175e-FRA
expires
max-age=A10368000, public
DMCABadgeHelper.min.js
images.dmca.com/Badges/
465 B
610 B
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
nginx
x-powered-by
ASP.NET
etag
"26b181f16d28d51:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
280
expires
Mon, 04 May 2020 13:48:40 GMT
helper.js
static.copyrighted.com/badges/
600 B
753 B
Script
General
Full URL
https://static.copyrighted.com/badges/helper.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.111.155.86 Rochester, United States, ASN31863 (DACEN-2, US),
Reverse DNS
copyrighted.com
Software
nginx /
Resource Hash
15ae8e9aee4dcf9221cc0dbf663d5b14d120c4ba849f4362d092f85a99631984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Feb 2020 15:46:00 GMT
server
nginx
etag
W/"5e441db8-258"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=2592000, no-cache, public, must-revalidate, proxy-revalidate
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Mon, 04 May 2020 13:49:11 GMT
pop.js
cdn.popcash.net/
104 KB
34 KB
Script
General
Full URL
https://cdn.popcash.net/pop.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b1ed5b43dab123088feaa1b2367f542ab55f53869dd5e73e7a6dd4007fcc54

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
status
200
content-length
34946
last-modified
Mon, 27 Jan 2020 12:49:35 GMT
server
cloudflare
etag
W/"5e2edc5f-19fcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1586008151.cds038.pa1.hn,1586008151.cds027.pa1.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
57aa47c02ed1edb7-CDG
b5o2.js
www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/
95 KB
32 KB
Script
General
Full URL
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/b5o2.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
cf-cache-status
HIT
age
971501
cf-polished
origSize=96784
status
200
cf-bgj
minify
last-modified
Tue, 24 Mar 2020 07:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
cf-ray
57eb7dc2f9021752-FRA
expires
max-age=2592000, public
js
www.googletagmanager.com/gtag/
76 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75976416-1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d5482560e2def47fb6597a9458059298f2f9c25c555a20d6785636384679f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
29063
x-xss-protection
0
last-modified
Sat, 04 Apr 2020 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Apr 2020 13:49:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
107 KB
39 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
39159
x-xss-protection
0
server
cafe
etag
14040473416781760607
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Apr 2020 13:49:11 GMT
identify.html
ufpcdn.com/script/ Frame 4457
0
0
Document
General
Full URL
https://ufpcdn.com/script/identify.html?frmt=0
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ufpcdn.com
:scheme
https
:path
/script/identify.html?frmt=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.dr-farfar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.dr-farfar.com/

Response headers

status
200
date
Sat, 04 Apr 2020 13:49:11 GMT
content-type
text/html
set-cookie
__cfduid=dd787dc08ae52716c77af59ad77e71ad21586008151; expires=Mon, 04-May-20 13:49:11 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=ceb0f8a5e7bac670462c562fc8af143bde3d86c9-1586008151-1800-AQ0VVj6A0PtsMlnKi+Qzd0jTFdQmeHK+pPDzbHTSFcLLJPIMOcN/zxMw1UVQ32l120jbjMP8C5Ai7eGxylmZw8E=; path=/; expires=Sat, 04-Apr-20 14:19:11 GMT; domain=.ufpcdn.com; HttpOnly; Secure; SameSite=None
last-modified
Tue, 15 May 2018 06:39:25 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
57eb7dc31ab91f2d-FRA
content-encoding
br
suurl.php
onclicksuper.com/script/
0
96 B
Script
General
Full URL
https://onclicksuper.com/script/suurl.php?r=3038735&cbrandom=0.0734725173665538&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Dr.FarFar%20%E2%80%93%20Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&cbref=&cbdescription=Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&cbkeywords=&cbcdn=cdnondemand.org&ufp=65525903120063154322039631225
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Sat, 04 Apr 2020 13:49:11 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
chrome.js
cdnondemand.org/script/
18 KB
10 KB
Script
General
Full URL
https://cdnondemand.org/script/chrome.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:c66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089e76082af0f574d1bea1ce23d62d1a7f41712c1b29c2dc09e30599566c9099

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1441
status
200
x-guploader-uploadid
AEnB2UrRA33JWDwZR7awyhRjj1YrOTLotVKhX8vXJOzkl_XixKEfNqiV5XNESnLoz496c57XDDDq7rGl-hhkzZ0qUyNjxge1rA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Wed, 18 Mar 2020 10:59:38 GMT
server
cloudflare
etag
W/"c8507771c893161bff6e346d809d05e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=eeCCZQ==, md5=yFB3cciTFhv/bjRtgJ0F5w==
content-type
application/javascript
x-goog-generation
1584529178114798
cache-control
public, max-age=14400
x-goog-stored-content-length
18750
cf-ray
57eb7dc40b7c9704-FRA
expires
Sat, 04 Apr 2020 17:49:11 GMT
suurl.php
onclicksuper.com/script/
0
43 B
Script
General
Full URL
https://onclicksuper.com/script/suurl.php?r=3038735&cbrandom=0.6602548437084341&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=Dr.FarFar%20%E2%80%93%20Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&cbref=&cbdescription=Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&cbkeywords=&cbcdn=cdnondemand.org&ufp=65525903120063154322039631225
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.8.27 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
27.8.190.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
204
date
Sat, 04 Apr 2020 13:49:11 GMT
via
1.1 google
referrer-policy
no-referrer
server
openresty
access-control-allow-origin
*
alt-svc
clear
integrator.js
adservice.google.de/adsid/
109 B
839 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.dr-farfar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
323 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.dr-farfar.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/
215 KB
81 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
82822
x-xss-protection
0
server
cafe
etag
1643823074256303265
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Apr 2020 13:49:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/ Frame 2C48
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200401/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200401/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.dr-farfar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.dr-farfar.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 01 Apr 2020 16:26:22 GMT
expires
Wed, 15 Apr 2020 16:26:22 GMT
content-type
text/html; charset=UTF-8
etag
10348540741379653356
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4494
x-xss-protection
0
cache-control
public, max-age=1209600
age
249769
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75976416-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4539
date
Sat, 04 Apr 2020 12:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Sat, 04 Apr 2020 14:33:32 GMT
uwt.js
static.ads-twitter.com/
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:11 GMT
content-encoding
gzip
age
20079
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19180-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1586008152.958834,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
znWaa3gu
dcba.popcash.net/
0
117 B
XHR
General
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: https://cdn.popcash.net/pop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.253.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-253-55.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dr-farfar.com/
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Sat, 04 Apr 2020 13:49:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
expires
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2032080301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dr-farfar.com%2F&ul=en-us&de=UTF-8&dt=Dr.FarFar%20%E2%80%93%20Best%20Premium%20Software%20Ful...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_gid=524403611.1586008152&gjid=1744866008&_v=j81&z=792590853
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853&slf_rd=1&random=3563918409
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853&slf_rd=1&random=3563918409
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75976416-1&cid=817383559.1586008152&jid=2102617398&_v=j81&z=792590853&slf_rd=1&random=3563918409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&a=2032080301&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dr-farfar.com%2F&ul=en-us&de=UTF-8&dt=Dr.FarFar%20%E2%80%93%20Best%20Premium%20Software%20Full%20For%20Free%20Giveaway&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IGDACUABB~&jid=&gjid=&cid=817383559.1586008152&tid=UA-75976416-1&_gid=524403611.1586008152&gtm=2ou3p1&z=938627058
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 06 Mar 2020 09:12:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2522228
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
transparent.gif
i3.wp.com/www.dr-farfar.com/wp-content/plugins/wccp-pro/images/
42 B
225 B
Image
General
Full URL
https://i3.wp.com/www.dr-farfar.com/wp-content/plugins/wccp-pro/images/transparent.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 2
date
Sat, 04 Apr 2020 13:49:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Aug 2019 19:14:34 GMT
server
nginx
etag
"c82ad081869cf47b"
content-type
image/gif
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/wccp-pro/images/transparent.gif>; rel="canonical"
content-length
42
expires
Fri, 27 Aug 2021 07:14:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A9D8
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2805468242456874&output=html&adk=1812271804&adf=3025194257&lmt=1586008151&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dr-farfar.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586008151878&bpp=11&bdt=873&fdt=85&idt=85&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228015941912&frm=20&pv=2&ga_vid=817383559.1586008152&ga_sid=1586008152&ga_hid=2032080301&ga_fc=0&iag=0&icsg=8796238512128&dssz=56&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C42530311%2C44713363&oid=3&pvsid=1432375871773539&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=96
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2805468242456874&output=html&adk=1812271804&adf=3025194257&lmt=1586008151&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.dr-farfar.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1586008151878&bpp=11&bdt=873&fdt=85&idt=85&shv=r20200401&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2228015941912&frm=20&pv=2&ga_vid=817383559.1586008152&ga_sid=1586008152&ga_hid=2032080301&ga_fc=0&iag=0&icsg=8796238512128&dssz=56&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530291%2C42530311%2C44713363&oid=3&pvsid=1432375871773539&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=96
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.dr-farfar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.dr-farfar.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Apr 2020 13:49:12 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 04-Apr-2020 14:04:12 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires
Sat, 04 Apr 2020 13:49:12 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
74 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1585759507325766"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27920
x-xss-protection
0
expires
Sat, 04 Apr 2020 13:49:12 GMT
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Sat, 04 Apr 2020 13:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
3619
x-xss-protection
0
last-modified
Wed, 12 Feb 2020 21:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Apr 2020 14:46:02 GMT
main.js
translate.googleapis.com/translate_static/js/element/
3 KB
2 KB
Script
General
Full URL
https://translate.googleapis.com/translate_static/js/element/main.js
Requested by
Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52c02d60d0099051bf67358e2b3f8378f14b2fa6767d12104de46b4e68063a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:10:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2311
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1592
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 23:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Apr 2020 14:10:41 GMT
g.gif
pixel.wp.com/
50 B
115 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A8.3&blog=145418000&post=0&tz=2&srv=www.dr-farfar.com&host=www.dr-farfar.com&ref=&fcp=3967&rand=0.8335838236671196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Sat, 04 Apr 2020 13:49:12 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
admin-ajax.php
www.dr-farfar.com/wp-admin/
0
256 B
XHR
General
Full URL
https://www.dr-farfar.com/wp-admin/admin-ajax.php
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/2m36fyod/fdin5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6812:2ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.dr-farfar.com/
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 04 Apr 2020 13:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-ray
57eb7dc619531752-FRA
status
200
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.dr-farfar.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-turbo-charged-by
LiteSpeed
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
cse.js
cse.google.com/cse/
Redirect Chain
  • https://www.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8
  • https://cse.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8
0
0
Script
General
Full URL
https://cse.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
server
sffe
location
https://cse.google.com/cse/cse.js?cx=013577112956583353275:hgjo9wjvce8
content-type
text/html; charset=UTF-8
status
302
cache-control
private
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
267
x-xss-protection
0
flags.png
i3.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/
22 KB
22 KB
Image
General
Full URL
https://i3.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/b5o2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
abc2bde53f1e70cdba2918905108c4de45eeb7bab8823c3010ca9cbf35c182ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/b5o2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
32526
last-modified
Sun, 06 Oct 2019 02:36:01 GMT
server
nginx
etag
"8d37696fd8e2e11c"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png>; rel="canonical"
content-length
22470
expires
Tue, 05 Oct 2021 14:36:01 GMT
flags.png
i0.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/
22 KB
22 KB
Image
General
Full URL
https://i0.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/b5o2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
abc2bde53f1e70cdba2918905108c4de45eeb7bab8823c3010ca9cbf35c182ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/b5o2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
32526
last-modified
Sun, 06 Oct 2019 02:36:01 GMT
server
nginx
etag
"8d37696fd8e2e11c"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png>; rel="canonical"
content-length
22470
expires
Tue, 05 Oct 2021 14:36:01 GMT
flags.png
i1.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/
22 KB
22 KB
Image
General
Full URL
https://i1.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/b5o2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
abc2bde53f1e70cdba2918905108c4de45eeb7bab8823c3010ca9cbf35c182ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/b5o2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
32526
last-modified
Sun, 06 Oct 2019 02:36:01 GMT
server
nginx
etag
"8d37696fd8e2e11c"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png>; rel="canonical"
content-length
22470
expires
Tue, 05 Oct 2021 14:36:01 GMT
flags.png
i2.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/
22 KB
22 KB
Image
General
Full URL
https://i2.wp.com/www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/32mcl1cl/b5o2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
abc2bde53f1e70cdba2918905108c4de45eeb7bab8823c3010ca9cbf35c182ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/wp-content/cache/wpfc-minified/kdd27wut/b5o2.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
32526
last-modified
Sun, 06 Oct 2019 02:36:01 GMT
server
nginx
etag
"8d37696fd8e2e11c"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/plugins/google-language-translator/images/flags.png>; rel="canonical"
content-length
22470
expires
Tue, 05 Oct 2021 14:36:01 GMT
css
fonts.googleapis.com/
56 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f9d272a313ad3156b627574867ecf5d9031630146a7f0c943ced04034432a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Apr 2020 13:49:12 GMT
server
ESF
date
Sat, 04 Apr 2020 13:49:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Apr 2020 13:49:12 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.dr-farfar.com
URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/2m36fyod/fdin5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

timing-allow-origin
*
date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
14040473416781760607
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Sat, 04 Apr 2020 13:49:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/
7 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200401&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18698c87b0083b16c88af80826ce0d7839f4301b74a3f8046af9bac3235bc732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5231
x-xss-protection
0
VidIQ-150x150.jpg
i0.wp.com/www.dr-farfar.com/wp-content/uploads/2019/02/
6 KB
7 KB
Image
General
Full URL
https://i0.wp.com/www.dr-farfar.com/wp-content/uploads/2019/02/VidIQ-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2766d5ce82b6eb908892f9e88e9d7fdbc115767fc58101578963a8d7676431ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 5
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
2090
last-modified
Tue, 27 Aug 2019 20:09:04 GMT
server
nginx
etag
"08b886505eec84cc"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2019/02/VidIQ-150x150.jpg>; rel="canonical"
content-length
6630
expires
Fri, 27 Aug 2021 08:09:04 GMT
adsct
analytics.twitter.com/i/
31 B
650 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o30tn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.dr-farfar.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Sat, 04 Apr 2020 13:49:12 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
19f3a4b2f45c3872878bf431212a3a9b
x-transaction
0040622800379e92
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/
43 B
448 B
Image
General
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o30tn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Sat, 04 Apr 2020 13:49:12 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
688d3d6ca9c1b0557a085032bf3d8d1d
x-transaction
0085e0e1006fe311
expires
Tue, 31 Mar 1981 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200401/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 13:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1582746470043195"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
5456
x-xss-protection
0
expires
Sat, 04 Apr 2020 13:49:12 GMT
element_main.js
translate.googleapis.com/element/TE_20200210_00/e/js/element/
240 KB
86 KB
Script
General
Full URL
https://translate.googleapis.com/element/TE_20200210_00/e/js/element/element_main.js
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec26d78a3de21cb3b0cda0638de148797f5168c1cc1127544f1fad21fd8b277
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 04 Apr 2020 12:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3434
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
88087
x-xss-protection
0
last-modified
Mon, 10 Feb 2020 10:53:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Apr 2021 12:51:58 GMT
Keyword-Researcher-Pro-150x150.png
i1.wp.com/www.dr-farfar.com/wp-content/uploads/2019/06/
5 KB
5 KB
Image
General
Full URL
https://i1.wp.com/www.dr-farfar.com/wp-content/uploads/2019/06/Keyword-Researcher-Pro-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
d2a68365a2279b590f63b770e2ff2d6102bede45cee89ecd9a9278f36aa8c479
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 4
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
32576
last-modified
Tue, 18 Feb 2020 07:56:23 GMT
server
nginx
etag
"814d46f5a1add7e5"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2019/06/Keyword-Researcher-Pro-150x150.png>; rel="canonical"
content-length
5150
expires
Thu, 17 Feb 2022 19:56:23 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
651261
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Sun, 28 Mar 2021 00:54:51 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
242809
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:22:23 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
2148504
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:00:48 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:44 GMT
server
sffe
age
2123578
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9180
x-xss-protection
0
expires
Wed, 10 Mar 2021 23:56:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 Jan 2020 00:50:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
5576333
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 30 Jan 2021 00:50:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 12:00:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
6534
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Sun, 04 Apr 2021 12:00:18 GMT
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Mar 2020 14:41:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:02 GMT
server
sffe
age
2243264
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9728
x-xss-protection
0
expires
Tue, 09 Mar 2021 14:41:28 GMT
memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v17/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 17:19:10 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:15 GMT
server
sffe
age
2147402
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9416
x-xss-protection
0
expires
Wed, 10 Mar 2021 17:19:10 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 04:58:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
31830
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12680
x-xss-protection
0
expires
Sun, 04 Apr 2021 04:58:42 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500%2C500italic%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A400%2C500%2C700%2C100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400italic%2C500italic%2C600%2C600italic%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=10.3.2
Origin
https://www.dr-farfar.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 22:08:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:03 GMT
server
sffe
age
2130019
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
12688
x-xss-protection
0
expires
Wed, 10 Mar 2021 22:08:53 GMT
l
translate.googleapis.com/translate_a/
3 KB
1 KB
Script
General
Full URL
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=_callbacks____0k8loaydm
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20200210_00/e/js/element/element_main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c551085a603362efda5573e5962be37816b36f2ce55d8d1f8e349d015392e40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HHK8RIEwRvSqh7+Pg1zyBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-HHK8RIEwRvSqh7+Pg1zyBA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-HHK8RIEwRvSqh7+Pg1zyBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', script-src 'nonce-HHK8RIEwRvSqh7+Pg1zyBA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateApiHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
access-control-allow-origin
*
date
Sat, 04 Apr 2020 13:49:12 GMT
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
825 B
945 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 03 Apr 2020 16:25:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
76994
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
825
x-xss-protection
0
expires
Sat, 03 Apr 2021 16:25:58 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
1001 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 28 Mar 2020 04:41:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
637649
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
910
x-xss-protection
0
expires
Sun, 28 Mar 2021 04:41:43 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 14:38:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
169844
vary
Origin
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1847
x-xss-protection
0
expires
Fri, 02 Apr 2021 14:38:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 5F60
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/209/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.dr-farfar.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.dr-farfar.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
5727
date
Sat, 04 Apr 2020 13:13:45 GMT
expires
Sun, 04 Apr 2021 13:13:45 GMT
last-modified
Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2127
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
Socinator-Dominator-Enterprise-Full-Activated-150x150.jpg
i0.wp.com/www.dr-farfar.com/wp-content/uploads/2019/08/
8 KB
8 KB
Image
General
Full URL
https://i0.wp.com/www.dr-farfar.com/wp-content/uploads/2019/08/Socinator-Dominator-Enterprise-Full-Activated-150x150.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6ddf8d85e0e03ea9c83fc99fce6ad49f134c505dbe7400128a96a7636f178d69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 6
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
1747
last-modified
Wed, 11 Sep 2019 03:28:16 GMT
server
nginx
etag
"a4f84ef6ef671350"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2019/08/Socinator-Dominator-Enterprise-Full-Activated-150x150.jpg>; rel="canonical"
content-length
7928
expires
Fri, 10 Sep 2021 15:28:16 GMT
Video-Spin-Blaster-Pro-Plus-150x150.png
i3.wp.com/www.dr-farfar.com/wp-content/uploads/2019/09/
4 KB
5 KB
Image
General
Full URL
https://i3.wp.com/www.dr-farfar.com/wp-content/uploads/2019/09/Video-Spin-Blaster-Pro-Plus-150x150.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
2e327cf002e8388bbbb692843f35906ee8eb604f6c46325ad1b657381d88920a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-nc
HIT ams 7
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
x-bytes-saved
27022
last-modified
Mon, 09 Mar 2020 07:54:15 GMT
server
nginx
etag
"593b5fddb4293d31"
vary
Accept
content-type
image/webp
status
200
cache-control
public, max-age=63115200
link
<http://www.dr-farfar.com/wp-content/uploads/2019/09/Video-Spin-Blaster-Pro-Plus-150x150.png>; rel="canonical"
content-length
4490
expires
Wed, 09 Mar 2022 19:54:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
123 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200401&jk=1432375871773539&bg=!fH-lf2dYIhOyTDlzk7QCAAAAM1IAAAAJmQFdOGfSPSNvtLw4K4vN-_mnwyFiHYxBfgbPxvjjmR_X96HDW08r7YhQ59JU1fSGvdan92QX23AyI9I6N7l0tjC0h9WqMHDQrU1n6SAhULdDX2HZcl_A7tbOhsuqu1dMmIifd3j54fMHdVwnmUkYNZEcAALkMxI1xGim4HMpcXxv_YMBi0qsulLs3I9NDok1oBRSG3zzuO72deFJP2Jgatm4kmgt09aT1yxh3Muv-usn63JGje9hgH-wu7SAgaaJgLgh6oay_6nhtm2nRnqDBnc1oh8Vn037Ehuv2ZP4Naxuz2RKOHqblt1PPjC0HJ1Za3u2WMo1FqdVcrc5hD-bxd2zGb1plMZxm_TOZJrj8FdtrCjmHEMVOIRjC30WpHivCqYhLukQw3VLHntJEC8nuMK6i5Ig03Fsc8zlAEw8UwIezKKx9vy-295fnF2kapMQDOkm3UfqIyYScGYooogImg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.dr-farfar.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 04 Apr 2020 13:49:12 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

296 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _0x3f76 function| _0x5339 object| adcashMacros object| zoneSett object| urls object| iceConfig object| _0x585b function| _0x1442 function| runAdblock object| _0x4c8a function| _0xddae function| acPrefetch object| CTABPu object| __cfQR object| _0xd68c function| ufpAttach object| CTAMAT object| adcashUfp object| _0x7175 object| Cnac object| stamat function| NqPnfu9818492236432457 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa function| NqPnfu07137108224781397 function| advanced_ads_ready object| adsbygoogle function| gtag object| dataLayer object| ahc_ajax_front object| AoaShowAfter object| AoaCloseTimer object| AoaCloseAfter string| uid string| wid string| adlinkfly_url string| adlinkfly_api_token number| adlinkfly_advert object| adlinkfly_exclude_domains object| scriptParams object| mdp_deblocker object| mdp_revealer object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga string| image_save_msg string| no_menu_msg string| smessage function| disable_copy function| disable_copy_ie function| reEnable function| dealWithPrintScrKey function| disable_hot_keys function| nocontext string| alertMsg_IMG string| alertMsg_A string| alertMsg_PB string| alertMsg_INPUT string| alertMsg_H string| alertMsg_TEXTAREA string| alertMsg_EmptySpaces string| alertMsg_VIDEO function| wccp_pro_msieversion object| e object| tdb_globals object| tdwGlobal function| documentInitOneSignal object| OneSignal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target function| twq string| popns boolean| N3 object| IOarzRhPlP number| pop_fcap object| block_tdi_4_202 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| GoogleLanguageTranslatorInit undefined| timeout_result function| show_wccp_pro_message function| hide_message function| jquery_fadeTo function| jquery_fadeOut function| apply_class_exclusion function| play_stop_video function| iframe_load function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| app_get_url function| app_get_host_name function| app_base64_encode function| app_get_wildcard_domains function| app_match_wildcard_domain function| app_domain_exist object| google object| _stq boolean| __cfRLUnblockHandlers object| _oneSignalInitOptions function| st_go function| linktracker_init object| wpcom object| twttr string| pageid string| page_id string| pagetitle string| page_title string| posttype string| post_type string| referer string| useragent string| servername string| hostname string| request_uri object| xhttp function| setVisibility function| aoaShowClose function| aoaHideClose function| aoaHideAd function| aoaShowAd function| aoaClick object| NO_JQUERY function| GLTFireEvent function| doGoogleLanguageTranslator object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation function| td_scroll_to_class function| td_helper_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| jetpackLikesWidgetBatch boolean| jetpackLikesMasterReady number| jetpackLikesLookAhead object| jetpackCommentLikesLoadedWidgets function| JetpackLikesPostMessage function| JetpackLikesBatchHandler function| JetpackLikesMessageListener function| JetpackLikesWidgetQueueHandler function| jetpackLoadLikeWidgetIframe function| jetpackGetUnloadedWidgetsInView function| jetpackIsScrolledIntoView function| jetpackUnloadScrolledOutWidgets function| jetpackWidgetsDelayedExec function| jetpackOnScrollStopped object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch function| pm object| Jetpack function| Popper function| tippy function| _ object| jQuery11240058473061200110754 function| $f function| onYouTubeIframeAPIReady function| onPlayerReady function| onPlayerStateChange object| wp string| app_url string| app_api_token number| app_advert object| app_exclude_domains object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| closure_lm_618651 object| google_image_requests

5 Cookies

Domain/Path Name / Value
ufpcdn.com/ Name: adcashufpv3
Value: 65525903120063154322039631225
.ufpcdn.com/ Name: __cf_bm
Value: ceb0f8a5e7bac670462c562fc8af143bde3d86c9-1586008151-1800-AQ0VVj6A0PtsMlnKi+Qzd0jTFdQmeHK+pPDzbHTSFcLLJPIMOcN/zxMw1UVQ32l120jbjMP8C5Ai7eGxylmZw8E=
www.dr-farfar.com/ Name: adcashufpv3
Value: 65525903120063154322039631225
www.dr-farfar.com/ Name: aoa
Value: 1
.dr-farfar.com/ Name: __cfduid
Value: d9df49e421f98984d5b014446107758971586008147

9 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
Popunder Script @ popunderjs.com
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
Author: Phan Thanh Cong <contact@ptcong.com>
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
Version: 2.11.15
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
Release: 2020/1/2
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=aa0b17(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://www.dr-farfar.com/wp-content/cache/wpfc-minified/2m36fyod/fdin5.js(Line 1)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
111
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Domains: popcash.net,@network,.local,localhost,127.0.0.1
console-api log URL: https://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Expires: 2021/2/15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
analytics.twitter.com
c-ut.com
cdn.onesignal.com
cdn.popcash.net
cdnondemand.org
celeritascdn.com
cse.google.com
dcba.popcash.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
i3.wp.com
images.dmca.com
onclicksuper.com
pagead2.googlesyndication.com
pixel.wp.com
s4is.histats.com
scontent-lga3-1.cdninstagram.com
static.ads-twitter.com
static.copyrighted.com
stats.g.doubleclick.net
stats.wp.com
t.co
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
ufpcdn.com
www.dr-farfar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.onclickmega.com
104.244.42.131
104.244.42.69
151.101.12.157
151.139.128.10
151.139.242.29
192.0.76.3
192.0.77.2
192.111.155.86
198.27.80.143
2606:4700:3031::6812:2ea5
2606:4700:3034::6812:3647
2606:4700:3036::6812:2ca0
2606:4700::6811:4104
2606:4700::6811:c46b
2606:4700::6811:c66b
2606:4700::6812:e234
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:814::2002
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:816::2002
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2004
2a00:1450:400c:c00::9c
2a03:2880:f212:c4:face:b00c:0:43fe
35.190.64.167
35.190.8.27
52.6.253.55
03287280ffc2f50b1c9b477d00acb16fec7797d50e3a89a2dcb5589e36e413c0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
063eb1df51e18d047299974638e5bb5877caeb5a10b1634f7de38592b1a3b159
06b1ed5b43dab123088feaa1b2367f542ab55f53869dd5e73e7a6dd4007fcc54
089e76082af0f574d1bea1ce23d62d1a7f41712c1b29c2dc09e30599566c9099
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0dfbb1af1412af34025d9c1e0d375acaf549053bae7e2fc69f599031f0e50265
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
15ae8e9aee4dcf9221cc0dbf663d5b14d120c4ba849f4362d092f85a99631984
16366d2552aa8349747c1168a3ef03665652b08d80385b6664c4cbf6a5b2f932
167761e784a0cddc047acabc8040bce5c2fb7e11928fb3ffc2937441c8739574
18698c87b0083b16c88af80826ce0d7839f4301b74a3f8046af9bac3235bc732
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1be5933dc74c0d3662d67d0bc8b4c8878109592747760a8d94d0987680336200
1c53ca6bf8e492bb0f066298aebb65cb4f00c2ee4af79edbd70939329819f0ae
1ec26d78a3de21cb3b0cda0638de148797f5168c1cc1127544f1fad21fd8b277
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2766d5ce82b6eb908892f9e88e9d7fdbc115767fc58101578963a8d7676431ce
2c551085a603362efda5573e5962be37816b36f2ce55d8d1f8e349d015392e40
2e327cf002e8388bbbb692843f35906ee8eb604f6c46325ad1b657381d88920a
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
471e6e1914ad3c0f80611d2c94c11d06e34b18d41dde34b03d6598a34fa8144c
52c02d60d0099051bf67358e2b3f8378f14b2fa6767d12104de46b4e68063a76
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
59420173e4b9c11645a73c50c66e807cac82d8dbc77e74baa7c7af2befb8364a
5cc4d0e98c9c8848bd9e9ea18feee9d88cd583a2373b7b3300fa549fc6a75cb0
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
698a798d5f99e0d220a92bbc2c1b5c193b0db09d7924cdd1a1b44c183b30689b
6ddf8d85e0e03ea9c83fc99fce6ad49f134c505dbe7400128a96a7636f178d69
7d5482560e2def47fb6597a9458059298f2f9c25c555a20d6785636384679f77
7f9d272a313ad3156b627574867ecf5d9031630146a7f0c943ced04034432a8b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
905ce0d8fef384dc4f22450bfb19b6811c0704e467f9970d116ac3d8c3e9b700
9377b3d1e63f1d5d67ac22177f5cc9efc5a7c1170b05bdf5d95deab59912dbaf
93d9dddcd2699b9751545be8c3dd43402992f2c703e129b6bec6a0f785aae825
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
abc2bde53f1e70cdba2918905108c4de45eeb7bab8823c3010ca9cbf35c182ba
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c70112f156e2a25c75f8894c00165b9d962a56864c8e305011cfee67b1ff15d7
c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
cc838f64df4a89f6387e1bcfecf8271ee720484a2b76fa94f24e9462ecd4e228
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d04019fe151d0c9eacc075fba891197c147b4cf5a538eb18138fbd601fdae285
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d2a68365a2279b590f63b770e2ff2d6102bede45cee89ecd9a9278f36aa8c479
d630df8a89d2ec3c590c3b036b610c60fda3df53b3a4c81f3a9e5c94a0de5929
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0974fd2c6ebe7ff6f794b625cdff0691a372f84668adc46502cd5dc34dbf753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6843ea5ac4ca041d2fe4f01736818ce64889aa1fe8873630a01f5f3ee61b990
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3595d75431cf8537b43d846b93ee3d6d58ed83cdd4487fc7a178a65bd2c5228
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa04f7244d2f10d75a93ea517c3545877c530f5039f9bc4bde2598050dada8c7
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305