alliedartadvisors.com Open in urlscan Pro
35.208.111.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://alliedartadvisors.com/
Submission Tags: falconsandbox
Submission: On March 16 via api (March 16th 2021, 7:04:43 am UTC) from US

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main IP is 35.208.111.36, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is alliedartadvisors.com.

This is the only time alliedartadvisors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
18	35.208.111.36 35.208.111.36		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003		15169 (GOOGLE) (GOOGLE)
22	5

18 35.208.111.36 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 36.111.208.35.bc.googleusercontent.com

alliedartadvisors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	alliedartadvisors.com alliedartadvisors.com	678 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	157 KB
1	google.com www.google.com	972 B
1	googleapis.com fonts.googleapis.com	1 KB
22	4

	Domain	Requested by
18	alliedartadvisors.com	alliedartadvisors.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	alliedartadvisors.com
1	fonts.googleapis.com	alliedartadvisors.com
22	5

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://alliedartadvisors.com/
Frame ID: 17EFBAABA8D1A32926ED8D246C066B60
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

22
Requests

18 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

837 kB
Transfer

1274 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
alliedartadvisors.com/ 59 KB
23 KB 261ms
233ms Document
text/html 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 87f125d360a7efefbda929be2fe49bc30d0d3f51483ffcacaccec9c56802b077

Request headers

Host: alliedartadvisors.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Cache-Enabled: True
Link: <http://alliedartadvisors.com/wp-json/>; rel="https://api.w.org/", <http://alliedartadvisors.com/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <http://alliedartadvisors.com/>; rel=shortlink
X-Httpd: 1
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
X-Proxy-Cache: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK style.min.css
alliedartadvisors.com/wp-includes/css/dist/block-library/ 50 KB
10 KB 252ms
233ms Stylesheet
text/css 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:45:56 GMT
Server: nginx
ETag: W/"60077d44-c8e9"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK theme.min.css
alliedartadvisors.com/wp-includes/css/dist/block-library/ 2 KB
1 KB 266ms
247ms Stylesheet
text/css 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:45:56 GMT
Server: nginx
ETag: W/"60077d44-8f9"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK contact-form-7.min.css
alliedartadvisors.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 253ms
234ms Stylesheet
text/css 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/plugins/contact-form-7/includes/css/contact-form-7.min.css?ver=5.3.2
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 75fb1e67e5b972d6613ffda653290f39f10625c488bad4b107bcecae78a8466f

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:46:34 GMT
Server: nginx
ETag: W/"60077d6a-63c"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 35ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Requested by

Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6b2caab3d4898d11cd3ecf59108f308af5b27838120b22cf7f3fab8ab8f95c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 06:33:23 GMT
server: ESF
date: Tue, 16 Mar 2021 07:04:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 07:04:22 GMT

GET
H/1.1 200
OK twentyseventeen-style.min.css
alliedartadvisors.com/wp-content/themes/twentyseventeen/ 62 KB
15 KB 266ms
248ms Stylesheet
text/css 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/themes/twentyseventeen/twentyseventeen-style.min.css?ver=20190507
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1e001dfe45668b3b94615f2302cabf50bb2218e6dd2b976e323d2cd5434c0536

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 17:52:47 GMT
Server: nginx
ETag: W/"5fb953ef-f824"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK twentyseventeen-block-style.min.css
alliedartadvisors.com/wp-content/themes/twentyseventeen/assets/css/ 8 KB
2 KB 257ms
239ms Stylesheet
text/css 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/themes/twentyseventeen/assets/css/twentyseventeen-block-style.min.css?ver=20190105
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1bb3ecffa69ccd1e35b14cb8c2492823dd1e0bb4e99be99223e00982aa84a4ec

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 16:54:13 GMT
Server: nginx
ETag: W/"5fb94635-1e36"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: text/css
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
alliedartadvisors.com/wp-includes/js/jquery/ 87 KB
36 KB 235ms
133ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:45:56 GMT
Server: nginx
ETag: W/"60077d44-15d98"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
alliedartadvisors.com/wp-includes/js/jquery/ 11 KB
5 KB 377ms
128ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:45:56 GMT
Server: nginx
ETag: W/"60077d44-2bd8"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK caos-analytics.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 46 KB
22 KB 380ms
128ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/caos-analytics.min.js
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0e25d0ef9351820647761b476d1093c3cf9a7a27e502e5cc0f7e4ef2e734ff85

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Mar 2021 19:17:22 GMT
Server: nginx
ETag: W/"604fb2c2-b723"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:22 GMT

GET
H/1.1 200
OK igor-miske-177849-unsplash-1.jpg
alliedartadvisors.com/wp-content/uploads/2019/03/ 461 KB
461 KB 135ms
135ms Image
image/jpeg 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alliedartadvisors.com/wp-content/uploads/2019/03/igor-miske-177849-unsplash-1.jpg
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5a99b2c8718bc860fbb07d1edfc6243368db95bc5fb562c31163fadb076dfa1

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Last-Modified: Tue, 19 Mar 2019 14:46:38 GMT
Server: nginx
ETag: "5c9100ce-733c7"
X-Proxy-Cache-Info: DT:1
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 472007
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK contact-form-7.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 9 KB
4 KB 140ms
140ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js?ver=5.3.2
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3ab0b94c5a731a55a9f3c8c0e787a6b754bc750811124a4ddf5a59910134569a

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:46:34 GMT
Server: nginx
ETag: W/"60077d6a-2242"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK twentyseventeen-skip-link-focus-fix.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 358 B
695 B 129ms
129ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/twentyseventeen-skip-link-focus-fix.min.js?ver=20161114
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2d9b5b6211052ba8be5ee25dd5eee052537c6f7145152f287857f01610f806c2

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 16:54:13 GMT
Server: nginx
ETag: W/"5fb94635-166"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK twentyseventeen-navigation.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 2 KB
1 KB 130ms
128ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/twentyseventeen-navigation.min.js?ver=20161203
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7bd42c37df868e338f5959f9213803c1b21c501255e8530adf3aaf9fd9ea83ea

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 16:54:13 GMT
Server: nginx
ETag: W/"5fb94635-857"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK twentyseventeen-global.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 3 KB
2 KB 136ms
135ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/twentyseventeen-global.min.js?ver=20190121
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 152c47bb1b7fe0c63aab4c0ded296aa145dccc0d5e90cfcf6c9edcc920d59f67

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 16:54:13 GMT
Server: nginx
ETag: W/"5fb94635-c02"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK jquery-scrollto.min.js Show response
alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/ 3 KB
2 KB 143ms
142ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-content/uploads/siteground-optimizer-assets/jquery-scrollto.min.js?ver=2.1.2
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1a28a98e3a87c1d371b2bc83ed98482837c58aa0c43286154939e26c3c952423

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Nov 2020 16:54:13 GMT
Server: nginx
ETag: W/"5fb94635-a45"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
alliedartadvisors.com/wp-includes/js/ 1 KB
1 KB 142ms
141ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2020 22:23:27 GMT
Server: nginx
ETag: W/"5f3ef7df-59a"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
972 B 34ms
14ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?ver=5.6

Requested by

Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 07:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Tue, 16 Mar 2021 07:04:23 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
alliedartadvisors.com/wp-includes/js/ 14 KB
6 KB 130ms
130ms Script
application/javascript 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://alliedartadvisors.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 00:45:56 GMT
Server: nginx
ETag: W/"60077d44-37a6"
Vary: Accept-Encoding
X-Proxy-Cache-Info: DT:1
Content-Type: application/javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v7/ 27 KB
27 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext&display=fallback

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://alliedartadvisors.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:14:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 21:06:30 GMT
server: sffe
age: 46205
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27240
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:14:18 GMT

GET
H/1.1 200
OK auction-esimates-768x559.png
alliedartadvisors.com/wp-content/uploads/2019/03/ 86 KB
86 KB 130ms
130ms Image
image/png 35.208.111.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://alliedartadvisors.com/wp-content/uploads/2019/03/auction-esimates-768x559.png
Requested by: Host: alliedartadvisors.com
URL: http://alliedartadvisors.com/
Protocol: HTTP/1.1
Server: 35.208.111.36 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.111.208.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d75145a53f2c3c739947b18587ee09b1ef485b4bd3f4d55903d4fea1c1ccc571

Request headers

Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 07:04:23 GMT
Last-Modified: Wed, 27 Mar 2019 18:58:31 GMT
Server: nginx
ETag: "5c9bc7d7-1586b"
X-Proxy-Cache-Info: DT:1
Content-Type: image/png
Cache-Control: max-age=31536000
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88171
Expires: Wed, 16 Mar 2022 07:04:23 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?ver=5.6

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://alliedartadvisors.com
Referer: http://alliedartadvisors.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 16:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53827
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 16:07:16 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData undefined| recaptcha_script object| wpcf7 object| twentyseventeenScreenReaderText object| wp object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| twemoji

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://alliedartadvisors.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alliedartadvisors.com
fonts.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
35.208.111.36
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e25d0ef9351820647761b476d1093c3cf9a7a27e502e5cc0f7e4ef2e734ff85
152c47bb1b7fe0c63aab4c0ded296aa145dccc0d5e90cfcf6c9edcc920d59f67
1a28a98e3a87c1d371b2bc83ed98482837c58aa0c43286154939e26c3c952423
1bb3ecffa69ccd1e35b14cb8c2492823dd1e0bb4e99be99223e00982aa84a4ec
1e001dfe45668b3b94615f2302cabf50bb2218e6dd2b976e323d2cd5434c0536
2d9b5b6211052ba8be5ee25dd5eee052537c6f7145152f287857f01610f806c2
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3ab0b94c5a731a55a9f3c8c0e787a6b754bc750811124a4ddf5a59910134569a
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
75fb1e67e5b972d6613ffda653290f39f10625c488bad4b107bcecae78a8466f
7bd42c37df868e338f5959f9213803c1b21c501255e8530adf3aaf9fd9ea83ea
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
87f125d360a7efefbda929be2fe49bc30d0d3f51483ffcacaccec9c56802b077
a5a99b2c8718bc860fbb07d1edfc6243368db95bc5fb562c31163fadb076dfa1
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
d6b2caab3d4898d11cd3ecf59108f308af5b27838120b22cf7f3fab8ab8f95c8
d75145a53f2c3c739947b18587ee09b1ef485b4bd3f4d55903d4fea1c1ccc571
ebc6da23752a7ca423fc24f860eeffcd71f7491bf11471c5aa1a29815976d173
fedcdc389419bfa88ed3f2c226b9d043fa6d6ea927cadd49c833cbfcf0de3efb