www.elfagr.com Open in urlscan Pro
2606:4700:20::ac43:48ec Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://elfagr.com/
Effective URL:
https://www.elfagr.com/
Submission: On September 10 via api (September 10th 2020, 11:58:39 am UTC) from DE

Summary HTTP 86 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 18 domains to perform 86 HTTP transactions. The main IP is 2606:4700:20::ac43:48ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.elfagr.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2020. Valid for: a year.

This is the only time www.elfagr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2606:4700:20:... 2606:4700:20::ac43:48ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
4	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
1	99.84.144.55 99.84.144.55	16509 (AMAZON-02) (AMAZON-02)
2 4	2606:4700:303... 2606:4700:3031::ac43:848d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	99.84.144.81 99.84.144.81	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:b7bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.100.197.246 95.100.197.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4001:c07::78	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:7c00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	34.237.68.53 34.237.68.53	14618 (AMAZON-AES) (AMAZON-AES)
86	23

30 2606:4700:20::ac43:48ec (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

elfagr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.elfagr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-55.txl52.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:848d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

cr.synceg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f34.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-81.txl52.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:b7bd (United States)

ASN13335 (CLOUDFLARENET, US)

www.sfegypt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.197.246 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-197-246.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4001:c07::78 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:7c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.68.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-68-53.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	elfagr.com 1 redirects elfagr.com www.elfagr.com	524 KB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	123 KB
15	googlesyndication.com pagead2.googlesyndication.com c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com tpc.googlesyndication.com	373 KB
5	ampproject.org cdn.ampproject.org	108 KB
4	google.com 2 redirects www.google.com adservice.google.com	384 B
4	synceg.net 2 redirects cr.synceg.net	432 B
4	addthis.com s7.addthis.com m.addthis.com	190 KB
2	google.de www.google.de adservice.google.de	426 B
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	18 KB
2	jsdelivr.net cdn.jsdelivr.net	9 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	addthisedge.com v1.addthisedge.com	776 B
1	chartbeat.com static.chartbeat.com	14 KB
1	gstatic.com csi.gstatic.com	53 B
1	googletagservices.com www.googletagservices.com	28 KB
1	moatads.com z.moatads.com	1 KB
1	sfegypt.com www.sfegypt.com	849 B
86	18

	Domain	Requested by
29	www.elfagr.com	www.elfagr.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.elfagr.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.elfagr.com cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	www.elfagr.com pagead2.googlesyndication.com
4	cr.synceg.net	2 redirects www.elfagr.com
4	securepubads.g.doubleclick.net	www.elfagr.com securepubads.g.doubleclick.net
3	www.google.com	2 redirects www.elfagr.com
3	s7.addthis.com	www.elfagr.com s7.addthis.com
2	ssl.google-analytics.com	1 redirects www.elfagr.com
2	cdn.jsdelivr.net	www.elfagr.com
1	ping.chartbeat.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	static.chartbeat.com	www.elfagr.com
1	csi.gstatic.com	cdn.ampproject.org
1	c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	z.moatads.com	s7.addthis.com
1	www.sfegypt.com	www.elfagr.com
1	certify.alexametrics.com	www.elfagr.com
1	www.google.de	www.elfagr.com
1	stats.g.doubleclick.net	1 redirects
1	certify-js.alexametrics.com	www.elfagr.com
1	elfagr.com	1 redirects
86	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.synceg.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-16` - `2021-07-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-17`	8 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.elfagr.com/
Frame ID: D9F7C0014D1E7EBFE110C13C54FC3A8A
Requests: 56 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: E481580E76884893416EC98C1C6BA079
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html
Frame ID: D70CAC2AC3B9F6D4C3863CFFF45AF063
Requests: 1 HTTP requests in this frame

Frame: https://cr.synceg.net/corona/
Frame ID: BB53D9942BE2F59FA38613B29D58D621
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1599738913&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1599739101647&bpp=14&bdt=257&idt=245&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=754165614065&frm=20&pv=2&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=2267724558092&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=292
Frame ID: A5EA582F750A9A30232C503451CBF1AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&w=300&lmt=1599738913&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1599739101661&bpp=5&bdt=271&idt=297&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myfS4KjeNH&p=https%3A//www.elfagr.com&dtd=304
Frame ID: 107167B64F7C9B04896ABE450B3ACD1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=qDCPfE28cN&p=https%3A//www.elfagr.com&dtd=23
Frame ID: FC235474EDC9427AA61901C3B88DD56D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=SJs4NglMyM&p=https%3A//www.elfagr.com&dtd=30
Frame ID: 0197CECDB7523FE96F8DC464A1B82847
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=IeHDGcYb2f&p=https%3A//www.elfagr.com&dtd=35
Frame ID: B2123601549293173CA1AA99CD9116EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GaaEnfqQNF&p=https%3A//www.elfagr.com&dtd=40
Frame ID: 74DB77A681DB4400BAC0168CA86C33AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=bLA0gfc53P&p=https%3A//www.elfagr.com&dtd=46
Frame ID: 0124D6B02922D569E34CC351A2AAF610
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&w=375&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=759&idt=1&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=3Vwl3kWeR3&p=https%3A//www.elfagr.com&dtd=52
Frame ID: A68346A36EE4A0F457B039796FF69A72
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js
Frame ID: F3F8DC7ED4035074632F778C77994ADA
Requests: 17 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9CA24C94D02458D0CEE0D849C09535ED
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 890903DC48D62D0F55A6145F2CABBFA7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E0412845184DB9F5AB3A2AD06B424F98
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://elfagr.com/ HTTP 302
https://www.elfagr.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

86
Requests

99 %
HTTPS

71 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

1391 kB
Transfer

3519 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ElfagrNewsOfficiall/

Search URL Search Domain Scan URL

URL: https://twitter.com/ElfagrNews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8cY0vwqMMa8rYKczO0v8cQ

Search URL Search Domain Scan URL

URL: http://www.synceg.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://elfagr.com/ HTTP 302
https://www.elfagr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

Request Chain 30

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1328771169&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&utmhid=315273501&utmr=-&utmp=%2F&utmht=1599739101678&utmac=UA-24442537-1&utmcc=__utma%3D95024968.1515932168.1599739102.1599739102.1599739102.1%3B%2B__utmz%3D95024968.1599739102.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1828025936&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169&slf_rd=1&random=790798613

Request Chain 35

https://cr.synceg.net/corona HTTP 301
https://cr.synceg.net/corona/

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

86 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.elfagr.com/
Redirect Chain

http://elfagr.com/
https://www.elfagr.com/

99 KB
18 KB

45ms
26ms

Document
text/html

2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f151a1b0ce936926521b8e7c05299805579d9f5078e9b036174ec0320eb61e69

Request headers

:method: GET
:authority: www.elfagr.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d9943bd883724ba169d7b688835a5cdbb1599739101
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 10 Sep 2020 11:58:21 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=112
expires: Thu, 10 Sep 2020 12:00:13 GMT
last-modified: Thu, 10 Sep 2020 11:55:13 GMT
vary: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 05197a98b300002c326594d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d08fa078df42c32-FRA
content-encoding: br

Redirect headers

Date: Thu, 10 Sep 2020 11:58:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d9943bd883724ba169d7b688835a5cdbb1599739101; expires=Sat, 10-Oct-20 11:58:21 GMT; path=/; domain=.elfagr.com; HttpOnly; SameSite=Lax
Location: https://www.elfagr.com/
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
cf-request-id: 05197a986700002bd69a1c5200000001
Server: cloudflare
CF-RAY: 5d08fa0709342bd6-FRA

GET
H2 200 bootstrap.css
www.elfagr.com/themes/new/css/ 362 KB
49 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657602
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a98d800002c3265955200000001
last-modified: Sun, 20 Oct 2019 14:31:38 GMT
server: cloudflare
etag: W/"f7d9fc145387d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=374740
cf-ray: 5d08fa07cea92c32-FRA
cf-bgj: minify

GET
H2 200 app-min.js Show response
www.elfagr.com/themes/new/js/ 286 KB
79 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/js/app-min.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 19 Oct 2019 16:38:06 GMT
server: cloudflare
age: 657602
x-powered-by: ASP.NET
etag: W/"0eb49959b86d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=864000
cf-ray: 5d08fa07ceae2c32-FRA
cf-request-id: 05197a98d800002c3265958200000001

GET
H2 200 fb.js Show response
www.elfagr.com/fb/ 14 KB
5 KB 22ms
17ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657602
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990800002c3265963200000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"2bd5a847ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=14319
cf-ray: 5d08fa080f7c2c32-FRA
cf-bgj: minify

GET
H2 200 common.js Show response
www.elfagr.com/scripts/ 1 KB
738 B 20ms
16ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/common.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 111738
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990800002c3265964200000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"7eb78549ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=1609
cf-ray: 5d08fa080f7f2c32-FRA
cf-bgj: minify

GET
H2 200 swfo.js Show response
www.elfagr.com/scripts/ 7 KB
2 KB 17ms
13ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/swfo.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 111738
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990800002c3265965200000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"90d21f49ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=7976
cf-ray: 5d08fa080f802c32-FRA
cf-bgj: minify

GET
H2 200 fb.css
www.elfagr.com/fb/ 5 KB
1 KB 13ms
12ms Stylesheet
text/css 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/fb/fb.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 158459
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a98d800002c3265956200000001
last-modified: Thu, 01 Feb 2018 22:23:26 GMT
server: cloudflare
etag: W/"7b44c947ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cf-polished: origSize=6419
cf-ray: 5d08fa07ceab2c32-FRA
cf-bgj: minify

GET
H2 200 / Show response
www.elfagr.com/ 99 KB
18 KB 39ms
38ms Script
text/html 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c62e37d7690dfbadbdb0ede0a3b78c54d76bdbb92eb86ff98b0702cb661eea6

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Sep 2020 11:55:13 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: *
content-type: text/html; charset=utf-8
status: 200
cache-control: public, max-age=112
cf-ray: 5d08fa07ceac2c32-FRA
cf-request-id: 05197a98d800002c3265957200000001
expires: Thu, 10 Sep 2020 12:00:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 127 KB
44 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc5eb467be2c7201a149a6e6f011fffb3caecc55a980c66d6253c0bc2bd29fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44955
x-xss-protection: 0
server: cafe
etag: 10445964008519383142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 10 Sep 2020 11:58:21 GMT

GET
H2 200 jq.lz.js Show response
www.elfagr.com/scripts/ 2 KB
736 B 21ms
17ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/jq.lz.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 749106
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990900002c3265966200000001
last-modified: Thu, 01 Feb 2018 22:23:29 GMT
server: cloudflare
etag: W/"6a397e49ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=2820
cf-ray: 5d08fa080f812c32-FRA
cf-bgj: minify

GET
H2 200 elfagr-logo10.gif
www.elfagr.com/themes/fagr/png/ 7 KB
8 KB 15ms
11ms Image
image/webp 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/fagr/png/elfagr-logo10.gif
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 959172fc5ed4571b7c0129f2283400b36ca86350c554b4ecf80aea9635a6c6ed

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 50188
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="elfagr-logo10.webp"
content-length: 7502
cf-request-id: 05197a990900002c3265967200000001
last-modified: Thu, 01 Feb 2018 22:23:33 GMT
server: cloudflare
etag: "8251a34bab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=864000
cf-polished: origFmt=gif, origSize=10187
accept-ranges: bytes
cf-ray: 5d08fa080f832c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 477$7cview
www.elfagr.com/adview/ 0
82 B 44ms
40ms Image
text/plain 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/477$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
cf-ray: 5d08fa080f852c32-FRA
content-length: 0
cf-request-id: 05197a990900002c3265968200000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 118ms
62ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

38ec58d79480ede980df7241b63aca05a3ed81f790c4f05c3ff27aa9649e4778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "628 / 954 of 1000 / last-modified: 1599734447"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18729
x-xss-protection: 0
expires: Thu, 10 Sep 2020 11:58:21 GMT

GET
H2 200 no.jpg
www.elfagr.com/images/ 17 KB
17 KB 15ms
12ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/images/no.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1bc33a95371846eed1600d2f6f4e6472db2780d3a69ae39a6319918df3f87381

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 657537
x-powered-by: ASP.NET
status: 200
content-length: 17586
cf-request-id: 05197a990900002c3265969200000001
last-modified: Sat, 19 Oct 2019 17:16:59 GMT
server: cloudflare
etag: "a44ae23a186d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=17916, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa080f862c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 483$7cview
www.elfagr.com/adview/ 0
69 B 21ms
18ms Image
text/plain 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/adview/483$7cview
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
cf-ray: 5d08fa080f872c32-FRA
content-length: 0
cf-request-id: 05197a990900002c326596a200000001

GET
H2 200 main.css
www.elfagr.com/coronapoll/ 4 KB
1 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.css
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657602
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990300002c326595e200000001
last-modified: Sun, 29 Mar 2020 14:55:36 GMT
server: cloudflare
etag: W/"521ca41ada5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cf-ray: 5d08fa080f692c32-FRA
cf-bgj: minify

GET
H2 200 2.js Show response
www.elfagr.com/coronapoll/ 128 KB
38 KB 27ms
21ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/2.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657369
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990800002c3265961200000001
last-modified: Sun, 29 Mar 2020 14:55:34 GMT
server: cloudflare
etag: W/"0b75419da5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=131291
cf-ray: 5d08fa080f792c32-FRA
cf-bgj: minify

GET
H2 200 main.js Show response
www.elfagr.com/coronapoll/ 79 KB
18 KB 25ms
20ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/coronapoll/main.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657368
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990800002c3265962200000001
last-modified: Sun, 29 Mar 2020 14:55:35 GMT
server: cloudflare
etag: W/"766e6a1ada5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=80660
cf-ray: 5d08fa080f7a2c32-FRA
cf-bgj: minify

GET
H2 200 sync.svg
www.elfagr.com/themes/new/images/ 4 KB
2 KB 23ms
20ms Image
image/svg+xml 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/sync.svg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Oct 2019 00:46:46 GMT
server: cloudflare
age: 657550
x-powered-by: ASP.NET
etag: W/"a89bec844d85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=864000
cf-ray: 5d08fa080f892c32-FRA
cf-request-id: 05197a990900002c326596b200000001

GET
H2 200 intersection-observer.js Show response
cdn.jsdelivr.net/npm/intersection-observer@0.5.1/ 22 KB
6 KB 30ms
9ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intersection-observer@0.5.1/intersection-observer.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3057644
x-cache: HIT, HIT
status: 200
cross-origin-resource-policy: cross-origin
content-length: 6313
etag: W/"567a-tAMo7gPY/QpmJ/daBEatlr7O9uA"
x-served-by: cache-fra19162-FRA, cache-hhn4048-HHN
date: Thu, 10 Sep 2020 11:58:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/ 5 KB
2 KB 30ms
8ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@12.0.0/dist/lazyload.min.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3704197
x-cache: HIT, HIT
status: 200
content-length: 2145
etag: W/"15d1-IxZ2QckOwVh8MMcWJc7ap/VwGh4"
x-served-by: cache-fra19146-FRA, cache-hhn4048-HHN
date: Thu, 10 Sep 2020 11:58:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fancy_close.png
www.elfagr.com/fb/ 996 B
1 KB 24ms
21ms Image
image/webp 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/fb/fancy_close.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 48620
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="fancy_close.webp"
content-length: 996
cf-request-id: 05197a990900002c326596c200000001
last-modified: Thu, 01 Feb 2018 22:23:27 GMT
server: cloudflare
etag: "f69bec47ab9bd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=864000
cf-polished: origFmt=png, origSize=1517
accept-ranges: bytes
cf-ray: 5d08fa080f8b2c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 main.js Show response
www.elfagr.com/scripts/ 4 KB
2 KB 21ms
18ms Script
application/javascript 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/scripts/main.js?r=11
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: HIT
age: 657602
x-powered-by: ASP.NET
status: 200
cf-request-id: 05197a990900002c326596d200000001
last-modified: Fri, 06 Mar 2020 13:29:41 GMT
server: cloudflare
etag: W/"7d95eb4abbf3d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=864000
cf-polished: origSize=5655
cf-ray: 5d08fa080f8c2c32-FRA
cf-bgj: minify

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 99ms
32ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
date: Thu, 10 Sep 2020 11:58:21 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 5666
date: Thu, 10 Sep 2020 10:23:55 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 10 Sep 2020 12:23:55 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 103ms
34ms Script
text/javascript 99.84.144.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-55.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 18 Jul 2020 01:12:10 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 4704372
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: TXL52-C1
X-Amz-Cf-Id: d8CU4frcl016_tUScQCs7zklRKEeIr1DjoI1S4mCGFEe7vpsitOQug==

GET
H2 200 fontawesome-webfont.woff2
www.elfagr.com/themes/new/fonts/ 75 KB
76 KB 11ms
10ms Font
application/font-woff2 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/themes/new/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://www.elfagr.com
Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 657551
x-powered-by: ASP.NET
status: 200
content-length: 77160
cf-request-id: 05197a990c00002c326596e200000001
last-modified: Thu, 17 Oct 2019 21:19:31 GMT
server: cloudflare
etag: "fbffb9903085d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5d08fa081f962c32-FRA

GET
H2

200

/
cr.synceg.net/corona/ Frame E481
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

104ms
104ms

Document
text/html

2606:4700:3031::ac43:848d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:848d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Thu, 10 Sep 2020 11:58:21 GMT
content-type: text/html
set-cookie: __cfduid=da40659c07d44f9807a8d3de28d73da9f1599739101; expires=Sat, 10-Oct-20 11:58:21 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 10 Sep 2020 11:56:16 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 05197a99b200002c3a2e296200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d08fa091b5b2c3a-FRA
content-encoding: br

Redirect headers

status: 301
date: Thu, 10 Sep 2020 11:58:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da40659c07d44f9807a8d3de28d73da9f1599739101; expires=Sat, 10-Oct-20 11:58:21 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 05197a994300002c3a2e291200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d08fa0869ab2c3a-FRA

GET
H2 200 blank.png
www.elfagr.com/themes/new/images/ 1 KB
2 KB 13ms
13ms Image
image/webp 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/themes/new/images/blank.png
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/css/bootstrap.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c5a535b9722b8c15886571d99106f3a59b804dc0f3604f6c70dc6d4d42596d8

Request headers

Referer: https://www.elfagr.com/themes/new/css/bootstrap.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 48806
x-powered-by: ASP.NET
status: 200
content-disposition: inline; filename="blank.webp"
content-length: 1444
cf-request-id: 05197a998200002c3265979200000001
last-modified: Fri, 18 Oct 2019 11:49:51 GMT
server: cloudflare
etag: "a81b7926aa85d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=864000
cf-polished: origFmt=png, origSize=9664
accept-ranges: bytes
cf-ray: 5d08fa08d9742c32-FRA
cf-bgj: imgq:100,h2pri

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/ 228 KB
86 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87668
x-xss-protection: 0
server: cafe
etag: 5831147292718782217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Sep 2020 11:58:21 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/ Frame D70C 0
0 30ms
30ms Document
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f34.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200901/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 10 Sep 2020 11:32:49 GMT
expires: Thu, 24 Sep 2020 11:32:49 GMT
content-type: text/html; charset=UTF-8
etag: 9704104221650600920
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4744
x-xss-protection: 0
age: 1532
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1328771169&utmhn=www.elfagr.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D8%A...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169&slf_rd=1&random=790798613

42 B
106 B

26ms
17ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169&slf_rd=1&random=790798613

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 11:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Sep 2020 11:58:21 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24442537-1&cid=1515932168.1599739102&jid=1828025936&_v=5.7.2&z=1328771169&slf_rd=1&random=790798613
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 97ms
31ms Image
image/gif 99.84.144.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&time=1599739101681&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.elfagr.com%2F&random_number=8521309070&sess_cookie=05646f5417477e181f06de45817&sess_cookie_flag=1&user_cookie=05646f5417477e181f06de45817&user_cookie_flag=1&dynamic=true&domain=elfagr.com&account=lKe+p1Fx9f207i&jsv=20130128&user_lang=en-US
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-81.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 00:24:42 GMT
Via: 1.1 458f29e42261f01e7368474593f44b66.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 41620
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: TXL52-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: Dp2M2VbxEdBzJDEJJPTqJJqyo5R1ibsyFJ82qecqULovk93k81Xvnw==

GET
H3-Q050 200 pubads_impl_2020090201.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 96ms
63ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Sep 2020 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94147
x-xss-protection: 0
expires: Thu, 10 Sep 2020 11:58:21 GMT

GET
H2 200 ext.aspx Show response
www.sfegypt.com/ 1 KB
849 B 96ms
71ms Script
text/html 2606:4700:3037::ac43:b7bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sfegypt.com/ext.aspx?z=70741920
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/scripts/main.js?r=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b7bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5d08fa09d80805b3-FRA
cf-request-id: 05197a9a29000005b3dc14f200000001

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 100ms
31ms Script
application/x-javascript 95.100.197.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.197.246 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-197-246.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C5DB1E7DD2B174DE
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=48049
accept-ranges: bytes
content-length: 948
x-amz-id-2: lvUgJLeTqnD8r+Pbmjp4zeqWv6JQV90H1HnQC9urKJ+gtlQ7Ztu4gguQcSk27WP1aoa03938rOQ=

GET
H2

200

/
cr.synceg.net/corona/ Frame BB53
Redirect Chain

https://cr.synceg.net/corona
https://cr.synceg.net/corona/

0
0

100ms
100ms

Document
text/html

2606:4700:3031::ac43:848d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.synceg.net/corona/
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:848d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

:method: GET
:authority: cr.synceg.net
:scheme: https
:path: /corona/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
date: Thu, 10 Sep 2020 11:58:21 GMT
content-type: text/html
set-cookie: __cfduid=da40659c07d44f9807a8d3de28d73da9f1599739101; expires=Sat, 10-Oct-20 11:58:21 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 10 Sep 2020 11:56:16 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 05197a9a8100002c3a2e2b7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d08fa0a6e742c3a-FRA
content-encoding: br

Redirect headers

status: 301
date: Thu, 10 Sep 2020 11:58:21 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da40659c07d44f9807a8d3de28d73da9f1599739101; expires=Sat, 10-Oct-20 11:58:21 GMT; path=/; domain=.synceg.net; HttpOnly; SameSite=Lax; Secure
location: https://cr.synceg.net/corona/
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
cf-request-id: 05197a9a5d00002c3a2e2b2200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d08fa0a2dff2c3a-FRA

GET
H2 200 807.jpg
www.elfagr.com/upload/photo/news/403/1/600x338o/ 30 KB
30 KB 41ms
41ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/403/1/600x338o/807.jpg?q=2
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 71100012f28413812d62153c2e97f63d20411b1d58531c021858a24ea1e3080e

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: MISS
last-modified: Thu, 10 Sep 2020 11:53:37 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "2229746987d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 5d08fa0a9eb12c32-FRA
content-length: 30796
cf-request-id: 05197a9aa200002c326598e200000001

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
189 B 20ms
19ms XHR
text/html 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=816&hid=0&_=1599739101494
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5d08fa0abefc2c32-FRA
cf-request-id: 05197a9ab000002c3265993200000001

GET
H2 200 poll.aspx Show response
www.elfagr.com/service/ 1 B
133 B 20ms
19ms XHR
text/html 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.elfagr.com/service/poll.aspx?pid=816&hid=0&_=1599739101495
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/themes/new/js/app-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept: */*
Referer: https://www.elfagr.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=utf-8
status: 200
cache-control: private
cf-ray: 5d08fa0abf002c32-FRA
cf-request-id: 05197a9ab000002c3265994200000001

GET
H2 200 789.jpg
www.elfagr.com/upload/photo/news/403/1/400x225o/ 39 KB
39 KB 15ms
12ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/403/1/400x225o/789.jpg?q=3
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e104bbb5d5719f996e10ee7b13947f887780ce1e6d40728899f8051307a6d104

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 22
x-powered-by: ASP.NET
status: 200
content-length: 39739
cf-request-id: 05197a9ab500002c3265995200000001
last-modified: Thu, 10 Sep 2020 11:35:54 GMT
server: cloudflare
etag: "4629508b6687d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=43978, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa0abf112c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 761.jpg
www.elfagr.com/upload/photo/news/403/1/400x225o/ 27 KB
27 KB 13ms
10ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/403/1/400x225o/761.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c063d628f32effff67594b815d0c3e8e7d7260a66f764ffc79e4eb51caa76765

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 2112
x-powered-by: ASP.NET
status: 200
content-length: 27900
cf-request-id: 05197a9ab600002c3265996200000001
last-modified: Thu, 10 Sep 2020 11:12:57 GMT
server: cloudflare
etag: "83ef6d566387d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=30253, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa0abf132c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 759.jpg
www.elfagr.com/upload/photo/news/403/1/400x225o/ 24 KB
24 KB 15ms
13ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/403/1/400x225o/759.jpg?q=1
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7c6c894a30c50dc8128679a2ee7400d7816e08dd496c7fe40e8f45be255a16ef

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 2369
x-powered-by: ASP.NET
status: 200
content-length: 24854
cf-request-id: 05197a9ab600002c3265997200000001
last-modified: Thu, 10 Sep 2020 11:07:50 GMT
server: cloudflare
etag: "16c5899f6287d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=27165, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa0abf152c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 73.jpg
www.elfagr.com/upload/photo/writers/0/0/70x70o/ 2 KB
2 KB 12ms
11ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/writers/0/0/70x70o/73.jpg
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 216ac2314a51799d589089884d8516f1de26ce7d8b6ed57b792ba799881821bf

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
cf-cache-status: HIT
age: 691494
x-powered-by: ASP.NET
status: 200
content-length: 2177
cf-request-id: 05197a9ab600002c3265998200000001
last-modified: Tue, 15 Oct 2019 18:51:03 GMT
server: cloudflare
etag: "663fba7e8983d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=2541, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa0abf162c32-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
320 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elfagr.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A5EA 0
0 50ms
49ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1599738913&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1599739101647&bpp=14&bdt=257&idt=245&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=754165614065&frm=20&pv=2&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=2267724558092&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=292

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&adk=1812271804&adf=3025194257&lmt=1599738913&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.elfagr.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1599739101647&bpp=14&bdt=257&idt=245&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=754165614065&frm=20&pv=2&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=2267724558092&dssz=39&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=292
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:21 GMT
server: cafe
content-length: 1158
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Sep-2020 12:13:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:21 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 59ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599669618812000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Thu, 10 Sep 2020 11:58:21 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1071 0
0 241ms
241ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&w=300&lmt=1599738913&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1599739101661&bpp=5&bdt=271&idt=297&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myfS4KjeNH&p=https%3A//www.elfagr.com&dtd=304

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=600&slotname=3222233010&adk=785899982&adf=3614249719&w=300&lmt=1599738913&psa=0&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&wgl=1&dt=1599739101661&bpp=5&bdt=271&idt=297&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=255&ady=331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=myfS4KjeNH&p=https%3A//www.elfagr.com&dtd=304
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 20075
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Sep-2020 12:13:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 209ms
206ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1526079021314780&correlator=2844390340755232&output=ldjh&impl=fif&eid=21064169%2C21066289%2C21067201&vrg=2020090201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200910&iu_parts=15918106%2Celfagr%2Cheader&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C336x280%7C300x250&eri=4&cookie_enabled=1&cdm=www.elfagr.com&bc=31&abxe=1&dt=1599739101990&dlt=1599739101390&idt=586&frm=20&biw=1600&bih=1200&oid=3&adxs=240&adys=89&adks=194120428&ucis=1&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=www.elfagr.com&loc=https%3A%2F%2Fwww.elfagr.com%2F&dssz=40&icsg=143005212913420&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x112&msz=728x90&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=true&fws=4&ohw=728&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c5b2cc48e51c21d2e688138afc03d7a4da80b17cba5fed87605a79e1943ee652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10993
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elfagr.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 89ms
38ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 35ms
6ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame FC23 0
0 132ms
131ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=qDCPfE28cN&p=https%3A//www.elfagr.com&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=2963737891&adf=3424047156&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=qDCPfE28cN&p=https%3A//www.elfagr.com&dtd=23
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUmSWs2xlhU2EJt9ndm_O44dFZTmv6D-CuFnXKCZjA0LJcU-dHfdS84ETuAx; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0197 0
0 198ms
198ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=SJs4NglMyM&p=https%3A//www.elfagr.com&dtd=30

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=2452828011&adf=3670171318&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=SJs4NglMyM&p=https%3A//www.elfagr.com&dtd=30
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 24367
x-xss-protection: 0
set-cookie: IDE=AHWqTUna2Df9CO4Oe62j39j6d4hltFH4teHENV_MZ-8JvjwRM8UQjsyMp5G-2QPq; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame B212 0
0 80ms
79ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=IeHDGcYb2f&p=https%3A//www.elfagr.com&dtd=35

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=593308305&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=1827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=IeHDGcYb2f&p=https%3A//www.elfagr.com&dtd=35
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUnX6JJhOUgqJkGwDvXYuLcpI_h8Mm8HR4ADWcdGGJFND3aqg_Sy5l9-vRHV; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 74DB 0
0 207ms
206ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GaaEnfqQNF&p=https%3A//www.elfagr.com&dtd=40

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3842644974&adf=2804980158&w=770&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=770x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=2&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=2263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=GaaEnfqQNF&p=https%3A//www.elfagr.com&dtd=40
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 24884
x-xss-protection: 0
set-cookie: IDE=AHWqTUlG-XHODzKIP3PjnbaRLq04YcATHNwo8uj_GT7gKNNAdjZ_haB-H0tPgf_c; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0124 0
0 86ms
85ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=bLA0gfc53P&p=https%3A//www.elfagr.com&dtd=46

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=250&adk=3739589192&adf=4080102895&w=330&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=330x250&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=758&idt=-M&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=240&ady=2814&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=bLA0gfc53P&p=https%3A//www.elfagr.com&dtd=46
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUlJcWFBB-g0Ey4Hnztb8G_NDmLaWGoSQHX76BkyF1hhjSw-v12EqIJFlE2N; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A683 0
0 89ms
88ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&w=375&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=759&idt=1&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=3Vwl3kWeR3&p=https%3A//www.elfagr.com&dtd=52

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1731129488393495&output=html&h=280&adk=3019647509&adf=963249068&w=375&fwrn=4&fwrnh=100&lmt=1599738913&rafmt=1&to=qs&pwprc=8329024644&psa=0&guci=1.2.0.0.2.2.0.0&format=375x280&url=https%3A%2F%2Fwww.elfagr.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599739102148&bpp=1&bdt=759&idt=1&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C330x250%2C770x280%2C330x250%2C770x280%2C330x250&nras=1&correlator=754165614065&frm=20&pv=1&ga_vid=1515932168.1599739102&ga_sid=1599739102&ga_hid=315273501&ga_fc=1&iag=0&icsg=143005212913420&dssz=40&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=590&ady=3013&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066699%2C21066792%2C42530671%2C44724584%2C42530588%2C21066467%2C21066898&oid=3&pvsid=1526079021314780&pem=52&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=8&uci=a!8&btvi=6&fsb=1&xpc=3Vwl3kWeR3&p=https%3A//www.elfagr.com&dtd=52
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 10 Sep 2020 11:58:22 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: IDE=AHWqTUm4cz4xnFPH5J10zhKr6SX3MXFz_Zg2IuyYLHGrJs9WQJVelgBJZcSYanf_; expires=Tue, 05-Oct-2021 11:58:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 10 Sep 2020 11:58:22 GMT
cache-control: private

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009010507000/ Frame F3F8 206 KB
57 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6312
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57296
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9e379dcbf00ec980"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F3F8 16 KB
6 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8747
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c8394c73e5080432"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:35 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F3F8 95 KB
29 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6312
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29275
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "56557b91d9fb04b1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F3F8 4 KB
2 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8760
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1795
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 09:32:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0cc102b09e8903d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 09:32:22 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009010507000/v0/ Frame F3F8 47 KB
14 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009010507000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 6307
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14591
x-xss-protection: 0
server: sffe
date: Thu, 10 Sep 2020 10:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4ca25f57e218a94a"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Sep 2021 10:13:15 GMT

GET
DATA 200
OK truncated
/ Frame F3F8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9baf394390de512769335878ffb7d9c3e9be5ce76f302184a8ef72b74181d927

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 9101818241676147177
tpc.googlesyndication.com/simgad/ Frame F3F8 112 KB
112 KB 8ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9101818241676147177?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qleHJ_3z-xHbU7AbnQUYPIcdb5GaQ

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0591fff62c8bd89d1b7c28cac6673d145fcfe6f520766be9ff175fb57a06e4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 10:19:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Nov 2019 06:56:10 GMT
server: sffe
age: 524361
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114632
x-xss-protection: 0
expires: Sat, 04 Sep 2021 10:19:01 GMT

GET
H3-Q050 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3F8 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 00:40:46 GMT
x-content-type-options: nosniff
server: cafe
age: 40656
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Fri, 11 Sep 2020 00:40:46 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3F8 344 B
375 B 9ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.elfagr.com
URL: https://www.elfagr.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 15:22:11 GMT
x-content-type-options: nosniff
server: cafe
age: 74171
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 10 Sep 2020 15:22:11 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame F3F8 0
0 15ms
14ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR2Ndz0URSNcv5-feIlGi-XmvPFVfGy5g8iS0IP_8YrHDp0Bv7x9DK3V6YkKjXx63zNAaNnPpGdv959TQH4PYaMB7kxYQ
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F3F8 0
0 62ms
61ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ck2Uo3hRaX9joAtaIrATgmJj4CMKzgJZfveLhysEKovClgLMYEAEggufkMmD7gYCAiAqgAYeDv_cDyAEC4AIAqAMByAMIqgTPAU_Q7B0LOtZx3d0c8VSLp7caW3Xaam-8t5nhcQl_qokv7xdJqfUY2GAK9E07XTQfmJx4KHOWCP5pOoaqmmuVd4FKgeXTPlSG1fU9tLpQ4bgwTVEHjqh592E7BehyodAKvLqVtKRDTPbx7_pnNbIQxD9s2oh9keQoL5f-SOEkwlTWYC0wvdqzIBvbU_ZMRirPSZuVOXT_U_JNxPuKEDrPeGR1Hbhxj_iXU2V9s-kiS_rml9xoKLmMrSBGor5yAL3bpl0MLDCTuKtu6YIkHsZCbsAEnt68_rMC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-T0l4kBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEELWmFNIICQiA4YAQEAEYHYAKA8gLAdgTDA&sigh=VfrFWCUOpFM&tpd=AGWhJmu-QQDkvzd8tjQS8EoXPvBOJLG7roYHp2YHnQg3H_SVcQ
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F3F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

48ms
39ms

Image
text/html

2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 10 Sep 2020 11:58:22 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 9101818241676147177
tpc.googlesyndication.com/simgad/ Frame F3F8 112 KB
112 KB 7ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9101818241676147177?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qleHJ_3z-xHbU7AbnQUYPIcdb5GaQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0591fff62c8bd89d1b7c28cac6673d145fcfe6f520766be9ff175fb57a06e4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 10:19:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Nov 2019 06:56:10 GMT
server: sffe
age: 524361
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114632
x-xss-protection: 0
expires: Sat, 04 Sep 2021 10:19:01 GMT

GET
H3-Q050 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3F8 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 00:40:46 GMT
x-content-type-options: nosniff
server: cafe
age: 40656
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Fri, 11 Sep 2020 00:40:46 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F3F8 344 B
368 B 8ms
7ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 15:22:11 GMT
x-content-type-options: nosniff
server: cafe
age: 74171
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 10 Sep 2020 15:22:11 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F3F8 0
53 B 113ms
113ms Other
image/gif 2607:f8b0:4001:c07::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1599739102632&qqid=CNjPpMfE3usCFVYEiwodYAwGjw&rt=any.link.3.13.9.6.j.0.18zp.187k~any.script.3.18.1.j.0.0.4iu.4fv~any.script.3.19.4.h.0.0.mnq.ml7~any.script.3.15.1.h.0.0.1gu.1dv~any.script.3.14.2.e.0.0.bcb.b9b~any.img.6.b.2.7.0.0.2gj5.2gg8~any.img.6.d.2.9.0.0.26r.241~any.img.6.a.1.7.0.0.af.9k~any.img.6.h.n.0.0.0.0.0~any.img.6.1r.1y.0.0.0.0.0~any.img.98.j.c.6.0.0.2ggy.2gg8~any.img.98.a.2.7.0.0.24p.241~any.img.99.a.2.7.0.0.a8.9k~any.img.9h.1d.au.0.0.0.0.0&met.a4a=dcl.1~ol.236~nvs.1599739102231~ini.1599739102633
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012009010507000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c07::78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 11:58:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 42ms
15ms Script
application/x-javascript 2600:9000:20e8:7c00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.elfagr.com
URL: https://www.elfagr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:7c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:23:40 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 2082
etag: W/"5ea23d45-8e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: ZyGtesrnoSe2prSWzzdckgWaZaZM-4A-vPrUwc3MU3edde63UQ-6GQ==
via: 1.1 21b99afa310f2ff34977f80506fb1672.cloudfront.net (CloudFront)
expires: Thu, 10 Sep 2020 13:23:40 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-59ef5e079e818335/ 2 KB
776 B 39ms
37ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-59ef5e079e818335/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:22 GMT
content-encoding: gzip
etag: 187095746--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=4, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 602

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 206ms
202ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f5a14dddd9cc117&bkl=0&bl=1&pdt=130&sid=5f5a14dddd9cc117&pub=ra-59ef5e079e818335&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.elfagr.com&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%2C%D8%B9%D8%A7%D8%AC%D9%84%2C%D8%B3%D9%8A%D8%A7%D8%B3%D8%A9%2C%D8%AA%D9%82%D8%A7%D8%B1%D9%8A%D8%B1%2C%D8%AD%D9%88%D8%A7%D8%AF%D8%AB%2C%D9%85%D8%AD%D8%A7%D9%81%D8%B8%D8%A7%D8%AA%2C%D8%AA%D8%AD%D9%82%D9%8A%D9%82%D8%A7%D8%AA%2C%D8%B1%D9%8A%D8%A7%D8%B6%D8%A9%2C%D9%83%D8%B1%D8%A9%20%D8%B9%D8%A7%D9%84%D9%85%D9%8A%D8%A9%2C%D8%B9%D8%B1%D8%A8%2C%D8%A7%D9%84%D9%85%D8%B2%D9%8A%D8%AF%2C%D8%A7%D9%82%D8%AA%D8%B5%D8%A7%D8%AF%20%D9%88%D8%A8%D9%88%D8%B1%D8%B5%D8%A9%2C%D8%B9%D8%A7%D9%84%D9%85%2C%D9%83%D8%A7%D8%B1%D9%8A%D9%83%D8%A7%D8%AA%D9%8A%D8%B1%2C%D9%81%D9%86%2C%D8%AA%D9%84%D9%8A%D9%81%D8%B2%D9%8A%D9%88%D9%86%2C%D8%AB%D9%82%D8%A7%D9%81%D8%A9%2C%D9%85%D8%B1%D8%A3%D8%A9%20%D9%88%20%D9%85%D9%86%D9%88%D8%B9%D8%A7%D8%AA%2C%D8%B5%D8%AD%D8%A9%2C%D8%A3%D9%84%D8%A8%D9%88%D9%85%D8%A7%D8%AA%2C%D9%85%D9%82%D8%A7%D9%84%D8%A7%D8%AA%2C%D8%AA%D9%83%D9%86%D9%88%D9%84%D9%88%D8%AC%D9%8A%D8%A7%2C%D8%B5%D8%AD%D8%A7%D9%81%D8%A9%20%D8%A7%D9%84%D9%85%D9%88%D8%A7%D8%B7%D9%86%2C%D9%86%D8%B4%D8%B1%D8%A9%20%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1&colc=1599739102818&jsl=131105&uvs=5f5a14dd56e40edf000&skipb=1&callback=addthis.cbs.jsonp__461043187537643060
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 48e8f6791e69e4b7be5113fce05e2304783e39a6df767e6bad205b1b505efd0e

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 10 Sep 2020 11:58:23 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9CA2 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8909 0
0 34ms
33ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 10 Sep 2020 11:58:22 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
24ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200901&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51f97c5dda48cdaf0b3db121c8ed444026aca2ddd22dd6b72cc694b362c89fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Sep 2020 11:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6430
x-xss-protection: 0

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
33ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Thu, 10 Sep 2020 11:58:22 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 280ms
91ms Image
image/gif 34.237.68.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=elfagr.org&p=%2F&u=L7jubCw9-ncBkwFfe&d=elfagr.com&g=64566&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9265&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1533&t=Cbdt2kDKPVsnBNT3e8Ce-7FSDoJEwP&V=120&i=%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D9%81%D8%AC%D8%B1&tz=-120&sn=1&sv=BZtxd8DTEfhwLHcPCw7p2sBP4rcl&sd=1&im=06030403&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.68.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-68-53.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 10 Sep 2020 11:58:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Thu, 10 Sep 2020 11:58:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E041 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.elfagr.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.elfagr.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 10 Sep 2020 11:05:44 GMT
expires: Fri, 10 Sep 2021 11:05:44 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3158
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
199 B 41ms
39ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200901&jk=1526079021314780&bg=!4eKl4vpYjXWieWFlrjACAAAASFIAAAAPCgFrwl8XNBGTBQxky7w4MAsuKBRQoeUP6SHnVhsOn1Ap-LA6wlQyNbavBS8SRLirp45hLmFkX25_d-BwnARxxHUrBFNbS6UEtxR1OpFtIH8O6KyYHD2I1m_c3T8oDXTuL3eYJFqZ4Qc7a_2fWqBLFHF4uaFnQ7pygaVOnL9vfSq0JYdjNB_T4xDZgjL5vFBsPmLkWVxRPZn65fGGHaYjnoyCFLp_JMkBjvANNVDMlxgxeH1Lge9SB6CA1PeLd-4HsY6Xnl9k8WjWQnEzzVpp-KDujCKZ9FqqYpfEiS7qE1zPtI-B7fpJGT8fRoq3IaRRB4_JHkjsvAdj3gk-TBM-d4_dup1aU8nbK_0WOGpABuf2lsY9seMvVaS-hPg2KMtCkjGvKVB509OIYWBZEeqEQKfKyGSXoUfP3X9cS6iT11erC4QK5D55s6RsaM4GyToXt6xYP2cR6pnbihCBoDTz57KX7J3cX6MrVJJWbO4UmQGntXrD_jSuv8uDYOItZ_1g9k25CvIPB3_uG3Mv4FWKhY8D1L7aDpTevWgUVQfWkgpCNHAw9TMa2v3yePYN_NA-uGO35rqOmQoZ7IcBONqXPXBDzO9KG8eDp4P5IIbzbAeD_OsxN8Q5s3U6YgevwLm8In9-ahf5x7OoqKrEy9T0RdxT_g6qG6vCwIESd_hC5XqW7NzC5VUp0neNF0qyCXo8TyYBVXuHCHw1tEP-VWtomOiQXe_sjWF9AH5jp_cddnrvnGLTqEWl1xxKJWO7V7MHSjOAWccH1uhtmPmeX6eqL1Y14MvgRRCAXRJW9lF6eZQ_GkNYRg7NGItlCHIMA5u9s8tlG38ShszO_GY_Btlu16YTjmJGiShrKEMORY3Yz_y5gf_SlwNRxWV0JMxwTVZQDqkF0umCqDjkiBoFs6HZJ_J-TgqqziOLUP7v4TQmJWX2ni_qwwFJ-0qzzg0_RpvVk19Oof9o5bbyRStb-eWvLbBrhoVnML_kccGcIW_0RN-FV2bcVwxPMEU6dF7uUIyVsl1B5MJhDJ6Y_pbQBea8Y8Wun46ZLp9q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 11:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F3F8 42 B
65 B 25ms
25ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6hsx5Nf8zWB8ykgavFKiTtYR8W61MYBCUWBxUx3x74GljMxssamXDDp2OWwHqehuCPSJtfubUQ2uhm5rkEbYtBX4PyNyW95zqxvmcDPb4bExsh4MbPPLjyApJog&sai=AMfl-YSosPaECUB8i-qFWFNcbkn8ti1esHhzWlmhau8faq1hh3biVpPmspqguPDTrWMT_k-Ybo-4dno4w-KoAS7PNmaMLOKLOEalnmW9JrMuQ64y2FCyHGJvaLeJbV58&sig=Cg0ArKJSzD1KGAexcL7XEAE&cid=CAASF-RoOq09lQqmFpAeV3F3YNm2OXrEzymJ&id=ampim&o=240,89&d=728,188&ss=1600,1200&bs=1600,1200&mcvt=1028&mtos=0,0,1028,1028,1028&tos=0,0,1028,0,0&tfs=230&tls=1258&g=100&h=100&tt=1258&r=v&avms=ampa&adk=194120428

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Sep 2020 11:58:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 792.jpg
www.elfagr.com/upload/photo/news/403/1/600x338o/ 61 KB
62 KB 12ms
11ms Image
image/jpeg 2606:4700:20::ac43:48ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.elfagr.com/upload/photo/news/403/1/600x338o/792.jpg?q=6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::ac43:48ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ecfead50e7641446ba774f20c4847d58ff51ca6153a48eb670306fdc6f6c9f1e

Request headers

Referer: https://www.elfagr.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 10 Sep 2020 11:58:28 GMT
cf-cache-status: HIT
age: 706
x-powered-by: ASP.NET
status: 200
content-length: 62765
cf-request-id: 05197ab5dc00002c3265807200000001
last-modified: Thu, 10 Sep 2020 11:40:09 GMT
server: cloudflare
etag: "a5da3236787d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=864000
cf-polished: origSize=68518, status=webp_bigger
accept-ranges: bytes
cf-ray: 5d08fa3628542c32-FRA
cf-bgj: imgq:100,h2pri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 21:43:55	Name: IDE Value: AHWqTUlG-XHODzKIP3PjnbaRLq04YcATHNwo8uj_GT7gKNNAdjZ_haB-H0tPgf_c
.doubleclick.net/	1970-01-19 12:22:22	Name: DSID Value: NO_DATA
www.elfagr.com/	1970-01-19 12:22:20	Name: __atuvs Value: 5f5a14dd56e40edf000
.elfagr.com/	1970-01-19 12:22:20	Name: __utmb Value: 95024968.1.10.1599739102
www.elfagr.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 15bvals4t3ehetyphwrkuhb3
.elfagr.com/	1970-01-19 21:09:21	Name: __auc Value: 05646f5417477e181f06de45817
.elfagr.com/	1970-01-19 12:22:20	Name: __asc Value: 05646f5417477e181f06de45817
.elfagr.com/	1970-01-20 05:53:31	Name: __gads Value: ID=dbc52be26b72a046:T=1599739102:S=ALNI_MbMpHV4IsBOxoVUWDsOfqKjRQSbKw
.elfagr.com/	1970-01-19 12:22:19	Name: __utmt Value: 1
.elfagr.com/	1970-01-20 05:53:31	Name: __utma Value: 95024968.1515932168.1599739102.1599739102.1599739102.1
.elfagr.com/	1969-12-31 23:59:59	Name: __utmc Value: 95024968
.elfagr.com/	1970-01-19 16:45:07	Name: __utmz Value: 95024968.1599739102.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.elfagr.com/	1970-01-19 21:51:07	Name: __atuvc Value: 1%7C37
.elfagr.com/	1970-01-19 13:05:31	Name: __cfduid Value: d9943bd883724ba169d7b688835a5cdbb1599739101

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: Migrate is installed with logging active, version 3.0.1
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.expr[':'] is deprecated; use jQuery.expr.pseudos
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.mouseleave() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.resize() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.scroll() event shorthand is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.unbind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	warning	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: JQMIGRATE: jQuery.fn.bind() is deprecated
console-api	log	URL: https://www.elfagr.com/themes/new/js/app-min.js(Line 3) Message: console.trace
console-api	info	URL: https://cdn.ampproject.org/rtv/012009010507000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009010507000 https://www.elfagr.com/
console-api	log	URL: https://www.elfagr.com/(Line 14) Message: ServiceWorker registration failed: TypeError: Failed to register a ServiceWorker for scope ('https://www.elfagr.com/') with script ('https://www.elfagr.com/sw.js?r=1.6'): A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c43e308ddcc0c13dc69b945ee658b9a6.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
certify-js.alexametrics.com
certify.alexametrics.com
cr.synceg.net
csi.gstatic.com
elfagr.com
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
ping.chartbeat.net
s7.addthis.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.elfagr.com
www.google.com
www.google.de
www.googletagservices.com
www.sfegypt.com
z.moatads.com
s7.addthis.com
172.217.22.34
216.58.206.2
23.210.248.44
2600:9000:20e8:7c00:18:1fcd:34e:d2a1
2606:4700:20::ac43:48ec
2606:4700:3031::ac43:848d
2606:4700:3037::ac43:b7bd
2607:f8b0:4001:c07::78
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:814::2002
2a00:1450:4001:814::2004
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2008
2a00:1450:4001:820::2001
2a00:1450:4001:825::2002
2a00:1450:400c:c06::9c
2a04:4e42:1b::621
34.237.68.53
95.100.197.246
99.84.144.55
99.84.144.81
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0591fff62c8bd89d1b7c28cac6673d145fcfe6f520766be9ff175fb57a06e4aa
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12a24c1feb4b8e8e3872a9fedee80fcce55a6f59b14607d640fcf4f3054ec43e
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
1939595e026c3a36ae7fd5c756f540feda88c69b243534da3bbb77b395424ddf
1bc33a95371846eed1600d2f6f4e6472db2780d3a69ae39a6319918df3f87381
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
216ac2314a51799d589089884d8516f1de26ce7d8b6ed57b792ba799881821bf
21cb9221d772cfd0d3de7240fe5c07ee1c06b9bd945111a2e0491ae243eb0b41
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c62e37d7690dfbadbdb0ede0a3b78c54d76bdbb92eb86ff98b0702cb661eea6
38ec58d79480ede980df7241b63aca05a3ed81f790c4f05c3ff27aa9649e4778
46b49bed51f8195bf12e5298f2a7381dcb1daa38444f6c1ac5712ae41264be69
48aa3e1bdc17b9c846d34cd81dbb7c355c00ae6cb8766e99c2fb05eaaf2527ff
48e8f6791e69e4b7be5113fce05e2304783e39a6df767e6bad205b1b505efd0e
51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310
51f97c5dda48cdaf0b3db121c8ed444026aca2ddd22dd6b72cc694b362c89fb1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
59bda6cd3538b6a807d0f40d828e1e39c96935e384d6423085f66ac333aec4b7
5dc8474e0d907004638a6be69c9c9e2e2decac68db9dfe1fca62fb2dbab95855
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6c5a535b9722b8c15886571d99106f3a59b804dc0f3604f6c70dc6d4d42596d8
6fca0b40781598023aed9b45225711771eafce8f14392a49d6ed57d567255002
71100012f28413812d62153c2e97f63d20411b1d58531c021858a24ea1e3080e
76a8c8ef4cde9cbd17bbaecf11ee316fab4e55cc661093e4b2d80a4e1ff52897
7c6c894a30c50dc8128679a2ee7400d7816e08dd496c7fe40e8f45be255a16ef
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8db5d4d6fb09f86186393387d5726626f5f821ab1e7988649c1ad0da948e07c5
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
959172fc5ed4571b7c0129f2283400b36ca86350c554b4ecf80aea9635a6c6ed
9baf394390de512769335878ffb7d9c3e9be5ce76f302184a8ef72b74181d927
a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877
b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398
b7cefe5080c8ba8b303de5d83586378561f83372f691e4d56fff1e99f47b77ec
bdc5eb467be2c7201a149a6e6f011fffb3caecc55a980c66d6253c0bc2bd29fc
c063d628f32effff67594b815d0c3e8e7d7260a66f764ffc79e4eb51caa76765
c5b2cc48e51c21d2e688138afc03d7a4da80b17cba5fed87605a79e1943ee652
c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d337aa4ea0cace6bd743ef8c3b5d1d20e6e676bb4a650c7335a7383635529f31
d761bdeef5f6e75159ce1b2363851e09b3be5851d519a2a34424e5da399561d8
d7afc5fac286ace07ca2fb7a8c98a933bb81a63aecc5ba71cec7e65528b98a90
dc7df38e79cb146d5919e0e863adb1ef10defbe65d4b66a7f32b136cb344feb8
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e104bbb5d5719f996e10ee7b13947f887780ce1e6d40728899f8051307a6d104
e34afee1ebe946c83ee77a87d06a8751d5529b4f100dcfeb3a2bd0404c8e1923
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e581b81d7222296b46a9a61ec8be1aa68a3c8c43b601ea224cffd3a7d0d522ad
e77d22ecf729034cf5a8aa62a2d21832bfb51e4b24585d36ca911e076b82c081
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ecfead50e7641446ba774f20c4847d58ff51ca6153a48eb670306fdc6f6c9f1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f151a1b0ce936926521b8e7c05299805579d9f5078e9b036174ec0320eb61e69
f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6
fbc8bfd25b633cefc01365cf3c1f5c24a1c04a522ae1b37407f632ef756158e7

www.elfagr.com Open in urlscan Pro 2606:4700:20::ac43:48ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

71 %IPv6

18 Domains

27 Subdomains

23 IPs

5 Countries

1391 kBTransfer

3519 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.elfagr.com Open in urlscan Pro
2606:4700:20::ac43:48ec Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

71 %
IPv6

18
Domains

27
Subdomains

23
IPs

5
Countries

1391 kB
Transfer

3519 kB
Size

14
Cookies

86 HTTP transactions
1 data transactions