Submitted URL: http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420
Effective URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Submission: On November 16 via manual from IL

Summary

This website contacted 12 IPs in 5 countries across 15 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3036::681b:b6a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is thirds.ellawn.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 2nd 2020. Valid for: a year.
This is the only time thirds.ellawn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.15.74.140 12876 (Online SAS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 54.194.14.156 16509 (AMAZON-02)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.247.242.20 23467 (NEWRELIC-...)
37 12
Domain Requested by
23 thirds.ellawn.com thirds.ellawn.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com thirds.ellawn.com
2 cdnjs.cloudflare.com thirds.ellawn.com
2 api.mdsyzz.info thirds.ellawn.com
1 bam.nr-data.net js-agent.newrelic.com
1 stats.g.doubleclick.net thirds.ellawn.com
1 js-agent.newrelic.com thirds.ellawn.com
1 cdn.onesignal.com thirds.ellawn.com
1 stackpath.bootstrapcdn.com thirds.ellawn.com
1 fonts.googleapis.com thirds.ellawn.com
1 hugedynasty.com 1 redirects
1 bubacs.com 1 redirects
1 mockmine.com 1 redirects
1 happyleagues.com 1 redirects
37 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-11-02 -
2021-11-01
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-23 -
2021-05-07
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-10-28 -
2021-01-20
3 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 1 frames:

Primary Page: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Frame ID: D29B0C174779E7091982182FDB81D8F2
Requests: 37 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420 HTTP 302
    http://mockmine.com/open?key=Y2FtcGFpZ25pZD00MyZ1c2VyX2lkPTEz&s1=0aaff80b2642f87dad9cd9b2a3a04d0... HTTP 302
    https://bubacs.com/?a=10207&c=39459&s1=&s2=2dcbf9cd0c769615ad776a3cbfb10535e358b1c0 HTTP 302
    https://hugedynasty.com/?a=23&c=2897&s1=10207&s2=33259-584332103&s4=&s3= HTTP 302
    https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

37
Requests

100 %
HTTPS

75 %
IPv6

15
Domains

15
Subdomains

12
IPs

5
Countries

699 kB
Transfer

1308 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420 HTTP 302
    http://mockmine.com/open?key=Y2FtcGFpZ25pZD00MyZ1c2VyX2lkPTEz&s1=0aaff80b2642f87dad9cd9b2a3a04d0c&s2=d607034a90e3cb4061e0ab9fdf2af420&s3=22_365145 HTTP 302
    https://bubacs.com/?a=10207&c=39459&s1=&s2=2dcbf9cd0c769615ad776a3cbfb10535e358b1c0 HTTP 302
    https://hugedynasty.com/?a=23&c=2897&s1=10207&s2=33259-584332103&s4=&s3= HTTP 302
    https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thirds.ellawn.com/dk/
Redirect Chain
  • http://happyleagues.com/link/dc17e7048b9f953bfc498f1cfd9635f2/d607034a90e3cb4061e0ab9fdf2af420
  • http://mockmine.com/open?key=Y2FtcGFpZ25pZD00MyZ1c2VyX2lkPTEz&s1=0aaff80b2642f87dad9cd9b2a3a04d0c&s2=d607034a90e3cb4061e0ab9fdf2af420&s3=22_365145
  • https://bubacs.com/?a=10207&c=39459&s1=&s2=2dcbf9cd0c769615ad776a3cbfb10535e358b1c0
  • https://hugedynasty.com/?a=23&c=2897&s1=10207&s2=33259-584332103&s4=&s3=
  • https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
29 KB
10 KB
Document
General
Full URL
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1725c3604c8733615a0cc69a585304c1ce2a8cbe0c67c4978a1afb48c73ec47

Request headers

:method
GET
:authority
thirds.ellawn.com
:scheme
https
:path
/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 16 Nov 2020 14:19:36 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc61e5ec49dd2e34d93f0d7161ee6d69a1605536376; expires=Wed, 16-Dec-20 14:19:36 GMT; path=/; domain=.ellawn.com; HttpOnly; SameSite=Lax; Secure PHPSESSID_MS=sb7fgrvalog7qv5d9vq7egqlk6; expires=Wed, 18-Nov-2020 14:19:36 GMT; Max-Age=172800; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
067305fd2e0000d6bdae250000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XsFujFD0yRz%2FN7T5vxd0clKUK5x4VFrNWzlfq5VT53B5bAjNFwdzwg5pgADB2Tn8nIz9YlCbYlzeMcrgu1zWulTjHiZIfJz9Y2V7cAbue2fi4vhyavcbHQhDOBcHWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f31d90eac80d6bd-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 16 Nov 2020 14:19:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d527f3237f7528e58c0210ccd37fefdf11605536375; expires=Wed, 16-Dec-20 14:19:35 GMT; path=/; domain=.hugedynasty.com; HttpOnly; SameSite=Lax; Secure som=ctlQ/DG7BXnrrbIg4IkItzgr6W7eusQPkjfJ9pN/LuQ+PdpYmLIIIA==; domain=.hugedynasty.com; path=/; HttpOnly ti=xq0GxHOHYhhvb92uXDMsvDgr6W7eusQPkjfJ9pN/LuQ+PdpYmLIIIA==; domain=.hugedynasty.com; expires=Sun, 16-Nov-2025 14:19:36 GMT; path=/; HttpOnly c2940=ctlQ/DG7BXk9KlfHtiaRflKv9Euip4VpRO0i8E/Er73z7rqBSvVRyQ==; domain=.hugedynasty.com; expires=Wed, 16-Dec-2020 14:19:36 GMT; path=/; HttpOnly
cache-control
private
location
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status
DYNAMIC
cf-request-id
067305fc550000d6c5351fe000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7bkbrPueWjicjwbHGMAfbGHf2PkekEJfxv%2BdsmIhBX9fBMBPJnTHmL9HTRE41WhUTd4r2Wsk%2BT3WR46Ut8c%2BX4dPV2SMBkbOWSQsnDo7KESRfPJ%2BKJ%2Bbj%2Bb%2Fzew%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f31d90d5a9cd6c5-FRA
jquery.qtip.min.css
thirds.ellawn.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://thirds.ellawn.com/css/jquery.qtip.min.css
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2875
status
200
cf-request-id
067305fd8d0000d6bdc9838000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-2316"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=54wKSVvwENWFsctEkXi9UOuIPDLR6gLGG9uBqIaODcaQvJFIMvzFnoPGAo%2FDP0frAQyrlPFKmdiTLCpLsHJHojOA5FVU40qYqK0XmU2b8fFYK87PrZAHjVuknQYzJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dcad6bd-FRA
animate.css
thirds.ellawn.com/css/
72 KB
4 KB
Stylesheet
General
Full URL
https://thirds.ellawn.com/css/animate.css
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3b0b1b0ec443392b143405d5873b89bc7833a8e4b28a612f487362d0ab25a6

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2875
status
200
cf-request-id
067305fd920000d6bdd63f0000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-12170"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O3qzX9CRUj3ymP9jRHd5V2eEdweFPU6i%2FjKwCNWfTs%2BmZ6nFw%2FAdZcIJMjrZJvs%2Fr%2FDHgfZLaSao3RKKPfc75glH%2BzP6cQrFA%2Bqwi%2F3keRl4hsq%2BrJ97JqhGO7yg0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dd1d6bd-FRA
css2
fonts.googleapis.com/
10 KB
887 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad91fd6deb78b242fc1ca0a8c4922acc5dc7ea819da13f24f66e873d57f60333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 16 Nov 2020 14:16:45 GMT
server
ESF
date
Mon, 16 Nov 2020 14:19:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 16 Nov 2020 14:19:36 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/
119 KB
20 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://thirds.ellawn.com
Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:41:40 GMT
status
200
etag
"1550076100"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19736
index.css
thirds.ellawn.com/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://thirds.ellawn.com/css/index.css
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6833caa3130bc3ec7e4dea1d1aa28017361078c7cc84bea9df0db1e2f517223c

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2875
status
200
cf-request-id
067305fd8e0000d6bdb48ab000000001
last-modified
Wed, 02 Sep 2020 09:33:55 GMT
server
cloudflare
etag
W/"5f4f6703-4dc9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kAbWbqOTo38IignXIDumQEwJB%2FeEAIJ%2FogcJgPWJM42Gpa3phwjVqcCdU2SNhD99acKthL6uXX4VIUyUuNIK%2F%2FLdioye%2B81ehk1QZjxUApEOVHLeD149zmYYnlStig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dd3d6bd-FRA
geo.css
thirds.ellawn.com/dk/css/
428 B
514 B
Stylesheet
General
Full URL
https://thirds.ellawn.com/dk/css/geo.css
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb30b9c4fe8d35b443bd2f74193e289ab1886070934241730ccec2e11b49e26

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
067305fd8e0000d6bdec102000000001
last-modified
Tue, 25 Aug 2020 14:33:33 GMT
server
cloudflare
etag
W/"5f45213d-1ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WP%2FpO2hj0wHVIOeu0X9XsXNRtKPWcdFPaqwxx8Zd%2B1JEANjtgCFi2Q65evDPGnIXtduT5EtXY5ni9oOYNdeag3ONre1A%2FDfufjhQJEn%2FjYkQbmMx8JAm8AWvxJajJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dd5d6bd-FRA
OneSignalSDKWorker.js
thirds.ellawn.com/
71 B
456 B
Script
General
Full URL
https://thirds.ellawn.com/OneSignalSDKWorker.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93278405d5505910c8255bd16c10b3efdaed40ca4d076c48629b258597654d07

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2875
status
200
cf-request-id
067305fd8e0000d6bd033ee000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IR05QkQCZ%2FRmI6xZY0nihRSxKq%2BJpXVz7bQ%2Bp2%2B025YrFGn5Cok4RyTuOmuvds3MVvgUu6TpSpo4JGcRssi3Zh%2FyINWqlDlT4Pz5FsVRmqCs74gv%2B7shd4tUIVi%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dd7d6bd-FRA
OneSignalSDKUpdaterWorker.js
thirds.ellawn.com/
71 B
365 B
Script
General
Full URL
https://thirds.ellawn.com/OneSignalSDKUpdaterWorker.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93278405d5505910c8255bd16c10b3efdaed40ca4d076c48629b258597654d07

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2875
status
200
cf-request-id
067305fd8e0000d6bdb31cc000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zmqW%2FVrAlAwpmWzck9w9RDPl%2BctxLo9IKaWxuv2e6WM%2B4Pp077mp1v87v5uqqSpmBu8hLV6Nddmy3mlx%2FkRS9NFuff32JE7NkfYLpx2nv9BCddGTpJQw%2BcbS0dHEJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90f4dd9d6bd-FRA
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
718
etag
W/"af07e3bccd7885748057bb532c526ac5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5f31d90f6e7d05cc-FRA
cf-request-id
067305fda4000005cc7822d000000001
expires
Tue, 17 Nov 2020 02:19:36 GMT
auto-push.min.js
api.mdsyzz.info/
3 KB
2 KB
Script
General
Full URL
https://api.mdsyzz.info/auto-push.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7c9b8a2e2cccb16fa660a1d3004d77da7c5b09b5157fca3e7b5c98929eb11737

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
status
200
cf-request-id
067305fda60000dfa91ea9e000000001
last-modified
Tue, 06 Oct 2020 06:55:31 GMT
server
cloudflare
etag
W/"80f34daead9bd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LTZYZvDJqEqk5242NpxRb7wZGTiGZx8Me7D%2Fn8iEA39YDg3oVdCVHrzuqLuIYCJgM9%2BaL9kVhBC1FYD0ayjTMoy0VFTH3OJUcZ%2BpzpR3Mm6iNQUm5v43fqXyIc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cf-ray
5f31d90f6cc2dfa9-FRA
hero-gradient.png
thirds.ellawn.com/images/
34 KB
34 KB
Image
General
Full URL
https://thirds.ellawn.com/images/hero-gradient.png
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b36a05c46edcaa27318234c8942c643764f08215a8be42ed33856f1abb0a81

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
content-length
34500
cf-request-id
067305fe270000d6bd799fc000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
"5f4042b9-86c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WtvOCp61wRcDoUx61Z1zsCvPU4EyL75o9Nd2PZaCoWFUtdXEn3xyUYztWO5k6wSktIrBmqHRPSBmUuoiPvpHedRYaJ%2Bao2CbXEpsF2aHovTiW%2FNrt70EHfZowPGLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f31d910381dd6bd-FRA
phone.jpg
thirds.ellawn.com/images/
48 KB
49 KB
Image
General
Full URL
https://thirds.ellawn.com/images/phone.jpg
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
358525e0c3fea64d167304b1668cdcbaa59f3e187f4ae41099cfdd915c8f8378

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
content-length
49361
cf-request-id
067305fe270000d6bdfd929000000001
last-modified
Wed, 21 Oct 2020 13:15:02 GMT
server
cloudflare
etag
"5f903456-c0d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xAZgX%2BvX4TCWHeod%2FLerh86%2FsWEpSmw0N5C27UfnoWORK7jmUuC7D92GS5gFSdrx%2FAIH%2BVy9lknxBOFZoXKfq%2FjZz4hYqHWKO3hoh27vQmA3pMnidNXKI9C9bko8sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f31d9103830d6bd-FRA
shadow.png
thirds.ellawn.com/images/
998 B
1 KB
Image
General
Full URL
https://thirds.ellawn.com/images/shadow.png
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc89a8fdadff9ebf0ab452381db354aea0c04c89eae7ed4bca09468640722bb

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
content-length
998
cf-request-id
067305fe270000d6bd8f0f4000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
"5f4042b9-3e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VVU6JdfbBoM1JumhUlqJm3hQ2rDWdQdK8tLvGLMY%2FpraB%2B06Jcs3WWuzT3wNA3n2CtCsi1pzuFktg%2FwL4%2F39960mkx%2B8ShQhTT22me1mtnf798QrJeLkmBX0ldX9XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f31d9103834d6bd-FRA
phone-below.png
thirds.ellawn.com/images/
362 KB
363 KB
Image
General
Full URL
https://thirds.ellawn.com/images/phone-below.png
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34faa34d73ef1cd69981296a5236ed01a9db8fb8e44aec27ad540e5827f8995a

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
content-length
370508
cf-request-id
067305fe280000d6bdf6ab2000000001
last-modified
Wed, 21 Oct 2020 13:15:02 GMT
server
cloudflare
etag
"5f903456-5a74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=byq0H3gY3h%2FcyhZO2KI0j7jCMqC7%2B%2B29NgkTr%2BGJIosXXOKfofK1%2FnW%2FSa5XOoal5Rfs811v7YgEAy6fz%2FM5MkwYuQORp8BnFPFExoG2wQGGwc3TWiNp1cbbztWLEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f31d9103835d6bd-FRA
winner.png
thirds.ellawn.com/images/
17 KB
18 KB
Image
General
Full URL
https://thirds.ellawn.com/images/winner.png
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a177b36f02fd459e560e2d320aca931c4bcf51f7d532684c9db1c2dd64ea42ae

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
content-length
17660
cf-request-id
067305fe2b0000d6bd9d208000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
"5f4042b9-44fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iRoh8FPq9GLz1wY%2BArnlc%2BalKe47znu%2BFRmQDXZiHot7T85NkRcQugWZOjDh0NLzITXim%2B2MZYpwyuXZPidd60OnVZaLSb61rzksX%2BnyYZQMC4CcSJIhlgFzwRdaKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f31d9103838d6bd-FRA
email-decode.min.js
thirds.ellawn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://thirds.ellawn.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
status
200
vary
Accept-Encoding
cf-request-id
067305fdb70000d6bde31ec000000001
last-modified
Fri, 13 Nov 2020 12:38:39 GMT
server
cloudflare
etag
W/"5fae7e4f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yb5n43AJfpkc%2B0l9dEe7N9U2qaYARRADIQELMZQV2YDsPFiMl3048ZbdbQY%2B2I9%2FSYJxqwyl3Z%2FIaODGSc%2Bnesn%2FR0mYYdb63Txp%2BwtGHw%2FEsfoaryh3H4%2BuI2Z9Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
5f31d90f8e7fd6bd-FRA
expires
Wed, 18 Nov 2020 14:19:36 GMT
jquery.3.3.1.min.js
thirds.ellawn.com/js/
85 KB
29 KB
Script
General
Full URL
https://thirds.ellawn.com/js/jquery.3.3.1.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fdcd0000d6bdf6aa7000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=312aRWF1zD2%2F1wXi0usStvzDUd3QquM1%2BgPmvGIpIlSq%2FHkbEcDi1jftQJu3HdiXBjYTmkW9%2FZRU3VtBKtN9%2FmAZZ1qWg%2BE3tncEqKMO4eDhDc6hlDE9S5kYfcnJUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90faecad6bd-FRA
modernizr-2.8.3.min.js
thirds.ellawn.com/js/
15 KB
6 KB
Script
General
Full URL
https://thirds.ellawn.com/js/modernizr-2.8.3.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fde40000d6bdc9842000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-3c9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgm%2FVgqXdfYRICtP9qOvIFjM%2F86x3tNVaSfLrez%2FuswzgF32EirByXSP6U4YgaJc4X3fxJzxOkvgOY9%2BbC9i2uSsM%2FTpjxK3hfAQvMjo5tXL%2FFFhaivIvNgOYeeP3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90fdf2dd6bd-FRA
parsley.js
thirds.ellawn.com/js/
42 KB
12 KB
Script
General
Full URL
https://thirds.ellawn.com/js/parsley.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5729bdce61355430757a6c83f442ecf833fb7b2267fe11d3eab62abdf590c72d

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fdf50000d6bdfb3b1000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-a85e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B6aY0SYC2mn%2FmOna0AxCJx%2B0fTX1h8KBNvdiNMOOxLunoA2%2F7KvwL6SZi%2FXLjV8pVW7IC%2FcmQzqjcn0bO2497pwbnamfz1rRRmbJKymvJ2A4y%2FkzbMaiYJOXrAjZuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d90fef80d6bd-FRA
jquery.qtip.min.js
thirds.ellawn.com/js/
43 KB
16 KB
Script
General
Full URL
https://thirds.ellawn.com/js/jquery.qtip.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37641e80e90736df5a0739b512d6a6523008a51b3b9f84b8d144857e5895b693

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe0b0000d6bd97901000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-ad17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Whfzi0bk6UOn19GXd%2Fdoew9QREZyjnLbrpBs4r7hjE41cAx8f2QaAOUb881vNj2DEo%2FinaBO7RFJ0JjmxzluGIzK1Zv54hhdMd%2B%2FjM50MXq8Try2mFJJsOhDNnDx5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d9101fccd6bd-FRA
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/
105 KB
31 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/TweenMax.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
394409
x-via
cfworker/kv
status
200
content-length
31378
cf-request-id
067305fe2b000096a43e9f1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
etag
"5eb03e71-1a5b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JYr9us6FyKCYAxhpaafMkw6qRWZLWsSmTy9g71zd3QANuVgLhJHxLVxmbJSb7BD7%2F3Yko52MORlNsEm%2BidCGuluipUNOA%2FOog1H8uCHUnun9WxVd6dJL1SrvdE02oiwSpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f31d9104af696a4-FRA
expires
Sat, 06 Nov 2021 14:19:36 GMT
ScrollToPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/latest/plugins/
2 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/latest/plugins/ScrollToPlugin.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d18ee35249f8ad198a439343b1627e2075c5640f1f20251636d928badb7470d9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
394381
x-via
cfworker/kv
status
200
content-length
918
cf-request-id
067305fe2e000096a42a343000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
etag
"5eb03e71-9d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xic7CgBqbXgt1C4YAxXvWb%2BKEh7kE2aHqXYlu4BHce%2BtLXbDVbSdq%2BDmaRSl3H%2Fdx8u%2FmTgO9HHMXC142PgLgMmjskVcR9GSpAl0pWyop%2BAx5cgtWMXv6noG293ce1JK8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5f31d9104af796a4-FRA
expires
Sat, 06 Nov 2021 14:19:36 GMT
bootstrap.min.js
thirds.ellawn.com/js/
36 KB
10 KB
Script
General
Full URL
https://thirds.ellawn.com/js/bootstrap.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe210000d6bdf92c5000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=diK%2FZip6OwIxK58qndpQpKoGmSd7fPP8vEPDkZ5%2FfZmiAJPKa0JToJNfMaR%2FSfQ0Nl%2BBANMU7qV3cyidUZyDEb6xpRVFMlVp0P9JNSLvEig%2FbnnCHWc7C0SlDK54qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d910380fd6bd-FRA
email.js
thirds.ellawn.com/js/
669 B
553 B
Script
General
Full URL
https://thirds.ellawn.com/js/email.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ded87289c262a8c4cbd4c003560d53e3c2789a7975f0a0618742dbb87fa1bcb8

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe210000d6bdd1168000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-29d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AbbMnHFGqCnLRDy9djsZ9fCHaeRMxNlkKKQqu78KjXriosaLao5%2F0LxX%2BxlVS6ASgpfEpGGo5GDSjS6EfIIbbaf3gdkW%2FhGALz1lT7fNwLnyaiLvnpJ2PoRPbAp%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d9103811d6bd-FRA
validate.js
thirds.ellawn.com/js/
19 KB
4 KB
Script
General
Full URL
https://thirds.ellawn.com/js/validate.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ee81f9e3074d08a2e734a29dfc9102e59a93089a3701701134017a6eaa4bc86

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe220000d6bdb31d9000000001
last-modified
Mon, 09 Nov 2020 09:06:15 GMT
server
cloudflare
etag
W/"5fa90687-4bc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oJ1aLcmvrds8BJTz%2BjFPK0PPsCxo1vLKlVEvVNchKplErZI1%2F0qwgqZnSKdnHjh%2Fnb3lXkbtLsKY1oQEYRHg0%2F%2BaGWMMbdGaQTd7S7Xp0xcjyI0vojDn%2FZlWXUtYGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d9103814d6bd-FRA
validate_error_messages.js
thirds.ellawn.com/dk/js/
2 KB
1 KB
Script
General
Full URL
https://thirds.ellawn.com/dk/js/validate_error_messages.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20dbec1efa8df2a9be70818fbb1fd76631c3b01a1a81dc67e84fc1da4f58cdca

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
status
200
cf-request-id
067305fe220000d6bdba87a000000001
last-modified
Mon, 24 Aug 2020 12:54:06 GMT
server
cloudflare
etag
W/"5f43b86e-830"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CxemDIhGIfZ2pPeVeew44ODcqO4%2FEQ82rWN0u192q%2FkIpCA5Tj%2BKDbbNezKWhYfdjdCa4DI3%2FdWPIFW60xuh2MnAFCGUJgzX8VtL0MxMub4E%2FaYX3s0xpC%2FqPrOGEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d9103815d6bd-FRA
plugins.js
thirds.ellawn.com/js/
132 KB
24 KB
Script
General
Full URL
https://thirds.ellawn.com/js/plugins.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b626dcc5c995147c214e5d81ad77a30b26f28a3460d7fdd4f4167bd100729ec9

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe220000d6bdf31cf000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-210f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=56SWbaiCeLXnGOE5MytKHWs8PIT3XBweeYrAiNKdV6jd2qnbhUnhgIggunw%2FaP2vR70uc0u6k88xFwJIoP2I%2B%2BS0aRbLweBaNpEbBGYu16MX4q3lZk77IAL%2F1HGiSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d9103819d6bd-FRA
main.js
thirds.ellawn.com/js/
1 KB
713 B
Script
General
Full URL
https://thirds.ellawn.com/js/main.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681b:b6a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96450e069f947e14c762a7316321ba571e87c748955f60afba30c5c7fdd54659

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2874
status
200
cf-request-id
067305fe230000d6bdc6918000000001
last-modified
Fri, 21 Aug 2020 21:55:05 GMT
server
cloudflare
etag
W/"5f4042b9-46f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f%2FyVUwQN%2FI4XSZKSsiIE2WA2Qf5g2YNKpH5HOq3Cl4VS9n5V1nX5h8pyb1AgMOgN5Md0l7Y3ndfN4xMclEuFBrkImW3v9tftF6PMFmFVwOf1KIT4rL8fJtJppu3sfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5f31d910381bd6bd-FRA
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3828
date
Mon, 16 Nov 2020 13:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 16 Nov 2020 15:15:48 GMT
d02cf1e5-3852-4ec9-b89b-257b8aba4c70
api.mdsyzz.info/rest/v1/p-apps/get-id/
129 B
987 B
XHR
General
Full URL
https://api.mdsyzz.info/rest/v1/p-apps/get-id/d02cf1e5-3852-4ec9-b89b-257b8aba4c70?url=https://thirds.ellawn.com
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:582e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cad7ecfa052ac551c4ebe0a17f339c48da2f2abdcfbd3574b63a52b9d384c12d

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
cf-request-id
067305fe2e0000d725c89a2000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=odswt6Vjoq7A8ySuf%2FuarY9gGbgsnoOEUuYJf11YDNh2bHsH4eAFsf5zSCTtZc%2Fz8L4oZ89a1d1QWQwF5Y7Kc6HP0r%2Fxz6DEDrFQ2neAIK5%2Fp5FwnzI21dxgdjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
5f31d9104e87d725-FRA
expires
-1
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thirds.ellawn.com
Referer
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
97141
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Mon, 15 Nov 2021 11:20:35 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://thirds.ellawn.com
Referer
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 15 Nov 2020 20:01:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
65906
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Mon, 15 Nov 2021 20:01:10 GMT
collect
www.google-analytics.com/j/
4 B
391 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2079957857&t=pageview&_s=1&dl=https%3A%2F%2Fthirds.ellawn.com%2Fdk%2F%3Fo%3D2940%26r%3D0qk186590728nswt%26a%3D23%26sa%3D10207&ul=en-us&de=UTF-8&dt=iPhone%2012&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=362738939&gjid=2076710954&cid=1353740656.1605536377&tid=UA-118120266-1&_gid=462348697.1605536377&_r=1&_slc=1&z=383101058
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 16 Nov 2020 14:19:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://thirds.ellawn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1071.min.js
js-agent.newrelic.com/
23 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 16 Nov 2020 14:19:36 GMT
content-encoding
gzip
x-amz-request-id
DA29B196B72B8B85
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
x3R8q2md/W3L3vtH817ZlGWVCoOuI63QgYW6MWzFo5cEeMx/LqelAntvAbNZ2z8f/cVViv4LSBk=
x-served-by
cache-hhn4076-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1605536377.668936,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
615
collect
stats.g.doubleclick.net/j/
1 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-118120266-1&cid=1353740656.1605536377&jid=362738939&gjid=2076710954&_gid=462348697.1605536377&_u=IGBACEAABAAAAC~&z=1802756617
Requested by
Host: thirds.ellawn.com
URL: https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 16 Nov 2020 14:19:36 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://thirds.ellawn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
d4db62af92
bam.nr-data.net/1/
57 B
275 B
Script
General
Full URL
https://bam.nr-data.net/1/d4db62af92?a=8665447&sa=1&v=1071.385e752&t=Unnamed%20Transaction&rst=1764&ref=https://thirds.ellawn.com/dk/&be=1333&fe=1690&dc=1654&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1605536374919,%22n%22:0,%22f%22:1143,%22dn%22:1144,%22dne%22:1164,%22c%22:1164,%22s%22:1169,%22ce%22:1183,%22rq%22:1184,%22rp%22:1268,%22rpe%22:1269,%22dl%22:1275,%22di%22:1654,%22ds%22:1654,%22de%22:1655,%22dc%22:1689,%22l%22:1689,%22le%22:1691%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://thirds.ellawn.com/dk/?o=2940&r=0qk186590728nswt&a=23&sa=10207
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| rumble string| GoogleAnalyticsObject function| ga string| diamond number| j object| NREUM object| newrelic function| __nr_require object| OneSignal object| _at function| InitializePush function| CheckImageAndReplace function| httpGetAsync function| getUrlVars function| getUrlParam function| lotteryExpressSignUp function| $ function| jQuery object| html5 object| Modernizr function| yepnope function| _toConsumableArray function| _slice function| _slicedToArray function| _extends object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| localization function| WOW object| google_tag_data object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
.ellawn.com/ Name: _gat
Value: 1
.ellawn.com/ Name: _ga
Value: GA1.2.1353740656.1605536377
.ellawn.com/ Name: _gid
Value: GA1.2.462348697.1605536377
thirds.ellawn.com/ Name: PHPSESSID_MS
Value: sb7fgrvalog7qv5d9vq7egqlk6
.ellawn.com/ Name: __cfduid
Value: dc61e5ec49dd2e34d93f0d7161ee6d69a1605536376

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mdsyzz.info
bam.nr-data.net
bubacs.com
cdn.onesignal.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
happyleagues.com
hugedynasty.com
js-agent.newrelic.com
mockmine.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
thirds.ellawn.com
www.google-analytics.com
151.101.114.110
162.247.242.20
2001:4de0:ac19::1:b:2a
2606:4700:3032::681f:582e
2606:4700:3032::ac43:b9fa
2606:4700:3035::681f:5130
2606:4700:3036::681b:b6a1
2606:4700::6810:125e
2606:4700::6812:e234
2a00:1450:4001:801::200e
2a00:1450:4001:806::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:400c:c03::9d
51.15.74.140
54.194.14.156
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1e3b0b1b0ec443392b143405d5873b89bc7833a8e4b28a612f487362d0ab25a6
20dbec1efa8df2a9be70818fbb1fd76631c3b01a1a81dc67e84fc1da4f58cdca
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f7559b1bfb4342ec375109a36cdcd6b002c336ad3b3932c75d5823868ff4f6
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
34faa34d73ef1cd69981296a5236ed01a9db8fb8e44aec27ad540e5827f8995a
358525e0c3fea64d167304b1668cdcbaa59f3e187f4ae41099cfdd915c8f8378
37641e80e90736df5a0739b512d6a6523008a51b3b9f84b8d144857e5895b693
49b36a05c46edcaa27318234c8942c643764f08215a8be42ed33856f1abb0a81
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
5729bdce61355430757a6c83f442ecf833fb7b2267fe11d3eab62abdf590c72d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ee81f9e3074d08a2e734a29dfc9102e59a93089a3701701134017a6eaa4bc86
6833caa3130bc3ec7e4dea1d1aa28017361078c7cc84bea9df0db1e2f517223c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7c9b8a2e2cccb16fa660a1d3004d77da7c5b09b5157fca3e7b5c98929eb11737
8cc89a8fdadff9ebf0ab452381db354aea0c04c89eae7ed4bca09468640722bb
8fb30b9c4fe8d35b443bd2f74193e289ab1886070934241730ccec2e11b49e26
93278405d5505910c8255bd16c10b3efdaed40ca4d076c48629b258597654d07
96450e069f947e14c762a7316321ba571e87c748955f60afba30c5c7fdd54659
a177b36f02fd459e560e2d320aca931c4bcf51f7d532684c9db1c2dd64ea42ae
ad91fd6deb78b242fc1ca0a8c4922acc5dc7ea819da13f24f66e873d57f60333
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b626dcc5c995147c214e5d81ad77a30b26f28a3460d7fdd4f4167bd100729ec9
cad7ecfa052ac551c4ebe0a17f339c48da2f2abdcfbd3574b63a52b9d384c12d
d1725c3604c8733615a0cc69a585304c1ce2a8cbe0c67c4978a1afb48c73ec47
d18ee35249f8ad198a439343b1627e2075c5640f1f20251636d928badb7470d9
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
ded87289c262a8c4cbd4c003560d53e3c2789a7975f0a0618742dbb87fa1bcb8
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051