urlscan.io logo urlscan.io
SecurityTrails logo

ch.elfares-live.co Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://elfares-live.com/
Effective URL: https://ch.elfares-live.co/
Submission: On October 06 via api from TW — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ch.elfares-live.co.
TLS certificate: Issued by GTS CA 1P5 on September 18th 2023. Valid for: 3 months.
This is the only time ch.elfares-live.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::ac43:cfd3 (United States)

ASN13335 (CLOUDFLARENET, US)
elfares-live.com
1    2606:4700:3034::ac43:9813 (United States)

ASN13335 (CLOUDFLARENET, US)
al3med-live.com
15    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ch.elfares-live.co
7    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
3    2a00:1450:4001:811::2001 (None, )

ASN- ()
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (None, )

ASN- ()
www.google.com
Apex Domain
Subdomains		 Transfer
15 elfares-live.co
ch.elfares-live.co
255 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com
217 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
522 KB
6 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
5 KB
2 elfares-live.com
elfares-live.com
1 KB
1 google.com
www.google.com
1 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
606 B
1 al3med-live.com
al3med-live.com
433 B
41 9
Domain Requested by
15 ch.elfares-live.co ch.elfares-live.co
7 www.googletagmanager.com ch.elfares-live.co
www.googletagmanager.com
6 pagead2.googlesyndication.com ch.elfares-live.co
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 region1.google-analytics.com www.googletagmanager.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 elfares-live.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 al3med-live.com 1 redirects
41 11

This site contains links to these domains. Also see Links.

Domain
al3med-live.com
t.me
twitter.com
elfares-live.co
www.gnantabuse.com
albaadani.com
Subject Issuer Validity Valid
elfares-live.co
GTS CA 1P5		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ch.elfares-live.co/
Frame ID: 8DE6642F93D3F7B5D6EAB652932049D6
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 617CB6EE43AE6903AC7C6C145418CB8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9026749675825649&output=html&adk=1812271804&adf=3025194257&lmt=1696567286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fch.elfares-live.co%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696574486369&bpp=4&bdt=266&idt=280&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7020641079407&frm=20&pv=2&ga_vid=1732030802.1696574486&ga_sid=1696574487&ga_hid=265851980&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076839%2C44804782%2C31078466&oid=2&pvsid=2488033331712937&tmod=556418282&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Frame ID: C2A6467D6EA97FFD9A888F7AC059E76F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A056915E4F47BA14682696BEB46EEAC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9274606BB1823F3285BFF152A9A78F87
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

موقع الفارس لايف | مباريات اليوم بث مباشر

Page URL History Show full URLs

  1. http://elfares-live.com/ HTTP 301
    https://elfares-live.com/ HTTP 301
    https://al3med-live.com/ HTTP 301
    https://ch.elfares-live.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

1022 kB
Transfer

2436 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://elfares-live.com/ HTTP 301
    https://elfares-live.com/ HTTP 301
    https://al3med-live.com/ HTTP 301
    https://ch.elfares-live.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ch.elfares-live.co/
Redirect Chain
  • http://elfares-live.com/
  • https://elfares-live.com/
  • https://al3med-live.com/
  • https://ch.elfares-live.co/
78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ch.elfares-live.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc4ea337d083d3cecc8cf002c664c0f9b68776530e4e41b7fe74b86f95b9a8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
811beb299c454d5b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 Oct 2023 06:41:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMS72SEn7kX4fcc9cgPpqoZTJ0R9bx0X2Op%2BLZOrUdN%2Bfrvk0hhAMaF6bWNAFStQ5wseLCVUmINmz22EhiSCr7UFguijC0mG2KsVeHOeF9L4BAzPVOikZbFW2sdYGRt389KU1bV9ywFSvuexGpzDom8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
811beb28de719bb8-FRA
content-type
text/html
date
Fri, 06 Oct 2023 06:41:25 GMT
location
https://ch.elfares-live.co/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6w7tiTzSqVAmhtvZ7%2Fj5Rqr2h69cmude8hScG9lzXlzYt67cNt%2B9fbgQv7v0kwBkGGWuYGGvhWYkzdfh%2FchkwknhbACiWv8kjcOY75%2FMgCqJ1BQ9HVBtBMggQdEuOp8210%2BbtYSKJWjMm4xwls%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ 		215 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WB0KPMTLTG
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
796cf28f51c75a2c21d8910ba1267b2924c188000dc0bd8e2f8a5bcc1e88af12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79013
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 06:41:26 GMT
frontend-gtag.min.js
ch.elfares-live.co/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ch.elfares-live.co/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.20.0
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 04 Oct 2023 00:22:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651cb031-2d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iZ%2FysObUpFM9lPOde6IbH1GriIIxAgwEw5xQA9mHUUbIfLupH0Yj7C4%2FyQY%2BRJo9tp2UOdHXpQh7tpy0DgqKS%2BaugJqmX4hwyT6KJz%2FEOozurTGzzx3BAOhPf428My1FysviDRNOvaiCAZhhJJ8Joo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
811beb2a2cd14d5b-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-237442691-1
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b28daf5f54eae5a6497b8c9d0c6d2278436183f2f38c77a4db1c91d0ffb2d50c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69054
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Oct 2023 06:41:26 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GE16YFPG4X
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7df44996aeb436d6ed68bca67dee77de860d92303da3f8dbd5837c55e82a1d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81161
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 06:41:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9026749675825649&host=ca-host-pub-2644536267352236
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762da70c6370055de33526a9779f84c1ed20d3af9f09b549941b02a52af7c853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://ch.elfares-live.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50674
x-xss-protection
0
server
cafe
etag
16233530284994506767
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 06:41:26 GMT
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WB0KPMTLTG&gtm=45je3a40&_p=265851980&gdid=dZGIzZG&cid=1732030802.1696574486&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696574486&sct=1&seg=0&dl=https%3A%2F%2Fch.elfares-live.co%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%81%D8%A7%D8%B1%D8%B3%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WB0KPMTLTG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 06:41:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ch.elfares-live.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-237442691-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WB0KPMTLTG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8b4aa54ebc66d78301b0bc7f076227fd11752ecabe142b2ed48ce7cb24fcc823
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69014
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Oct 2023 06:41:26 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WKGBNR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WB0KPMTLTG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f06ced921fb391f40010377e3616affe4715680e17d13e503999c59eed6a7e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75533
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 06:41:26 GMT
js
www.googletagmanager.com/gtag/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GE16YFPG4X&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WB0KPMTLTG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
072d1c567a8fa07e9c8ca7d6f4ce800a7a181bf04fe985739ceb58853076ecb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81167
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 06:41:26 GMT
truncated
/ 		401 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		944 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		248 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		460 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		451 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
NeoSansArabic.woff
ch.elfares-live.co/wp-content/themes/AlbaYallaShoot/fonts/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ch.elfares-live.co/wp-content/themes/AlbaYallaShoot/fonts/NeoSansArabic.woff
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6

Request headers

Referer
https://ch.elfares-live.co/
Origin
https://ch.elfares-live.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 07 Apr 2023 22:52:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64309eac-e014"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za4aqZlli%2FlOqO0vZT5SBOS%2BpvLB89uNpr%2FdkSIghuyTXd00Hae8rwtLwKz0VyoR8fs4%2FFPXxp2QjSPyppe9ToWDTlbaaPJaDvVJt1cvtX6KniTFdYovGGGLJrG%2BOkFN8ulGvclfQGX6VxSVnHbPH40%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2accb135f9-FRA
alt-svc
h3=":443"; ma=86400
content-length
57364
IMG_1447-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/08/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/IMG_1447-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9cd8dafa7e20bf8cde7f0e9944a66d6e957da099dda2b3f117733ad0208dbcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3622921
alt-svc
h3=":443"; ma=86400
content-length
5712
last-modified
Thu, 24 Aug 2023 20:54:14 GMT
server
cloudflare
etag
"64e7c376-1650"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlnlHCLdXYKaSy07jZtgwQRKPz3bwyfkl4xnQrr1DYlKL5zc5K9EvpzEg5kEc7OTQZxB53TreL%2FcHKuul6eDeL%2BPTnuVMIfHOQHBwdZvNYokWyp4jBpg4IPpTI1j5PHcppgJWL%2FfsaihBkJ4kpcQUKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2aece735f9-FRA
expires
Sat, 24 Aug 2024 08:14:59 GMT
%D9%87%D9%88-%D8%AF%D9%88%D8%B1%D9%8A-%D8%B1%D9%88%D8%B4%D9%86-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-%D8%9F-e1684269711680-300x290.png
ch.elfares-live.co/wp-content/uploads/2023/08/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/%D9%87%D9%88-%D8%AF%D9%88%D8%B1%D9%8A-%D8%B1%D9%88%D8%B4%D9%86-%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A-%D8%9F-e1684269711680-300x290.png
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56c6c4ef8b84f9dfece36959396d3249911d138ff5f1c85884898b51be927e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4146528
alt-svc
h3=":443"; ma=86400
content-length
41565
last-modified
Sat, 19 Aug 2023 05:20:44 GMT
server
cloudflare
etag
"64e0512c-a25d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZW0%2FEUG%2BHBZUngFJmCVDNBG3i5YpVxPHA%2BpOS1qemWIxqFjP8%2F3A1EuJv3m3RjNjRgfTy4s0YuQFOOtWXI3x%2B6eRhwZ%2BPrls5Nkl7qtgpUT8JzfXUbV8AqLR4oEqgGrISQHkJ8jSsz0d8CSE2lcZpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afcff35f9-FRA
expires
Sun, 18 Aug 2024 06:49:10 GMT
3676761-%D9%86%D9%8A%D9%85%D8%A7%D8%B1-%D8%AF%D8%A7-%D8%B3%D9%8A%D9%84%D9%81%D8%A7-5-300x200.jpg
ch.elfares-live.co/wp-content/uploads/2023/08/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/3676761-%D9%86%D9%8A%D9%85%D8%A7%D8%B1-%D8%AF%D8%A7-%D8%B3%D9%8A%D9%84%D9%81%D8%A7-5-300x200.jpg
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d79e1b4c0c8be1fce5a7594fa5fdbc9e537064bb756981e9cc5d1af8f7958f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
571151
alt-svc
h3=":443"; ma=86400
content-length
18323
last-modified
Sat, 19 Aug 2023 05:13:14 GMT
server
cloudflare
etag
"64e04f6a-4793"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vATRmKssO0xaaLwvbrLScGq6Hes%2BEXaIcjgJ5dGj500xYCS3CX7m9vpUVRWmjoQ1xXTvPfhTXfW1DJeNx7wh1AfMhU2%2FSnGd4YhdhhJ45vPGyvB%2FgrnWu7D%2F5tBt11TGiQpHvAg9nDdhY1L0C6ScBoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd0535f9-FRA
expires
Sat, 28 Sep 2024 15:57:28 GMT
neymar-4-300x169.jpeg
ch.elfares-live.co/wp-content/uploads/2023/08/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/neymar-4-300x169.jpeg
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c59f96055c928ee9eaf57878012ac638416223ddb5040912c1ac822be54de43

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1868917
alt-svc
h3=":443"; ma=86400
content-length
8581
last-modified
Wed, 16 Aug 2023 14:15:11 GMT
server
cloudflare
etag
"64dcd9ef-2185"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPjlG3r69s0yIJZk0qkOS3YQsggR9aMM5EkwV85GXett9RnnFo11DtJrfb6kITKYQ4zaGhMjaiR2KcykTc9pPsNOrgPt64mU4QwVmGtc1z0wgmXOo4O7nu5HNbWLz%2BFyE8oMrk9HlPB0fi9l7wOJ5tI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd0835f9-FRA
expires
Fri, 13 Sep 2024 15:28:48 GMT
messi12-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/08/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/messi12-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0228aa7d5854de171e6f6d46c076c085616b189047fef118a58900d1df9e42c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773309
alt-svc
h3=":443"; ma=86400
content-length
7510
last-modified
Fri, 11 Aug 2023 08:13:08 GMT
server
cloudflare
etag
"64d5ed94-1d56"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAnXOXVXfuA0RdV1w3wawV6MRQ3GuGieDCM688Beh9Neb964AV7PrmEwMsjrAoVyoNMdNdT1p3D5dkGZr7HBU0YNduLhv5i4uqL19ZOOUqy6%2BiRoy0DsIM1rCuuSaIbZFCPGYvENpvvde98e1rFeyIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd0b35f9-FRA
expires
Sat, 14 Sep 2024 18:02:18 GMT
maxresdefault-1-300x169.jpg
ch.elfares-live.co/wp-content/uploads/2023/08/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/maxresdefault-1-300x169.jpg
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeebe0b66376a2cec2630d5de0979c956d3ee46f1444495dc5a316b0b1a5d28a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773308
alt-svc
h3=":443"; ma=86400
content-length
14488
last-modified
Thu, 10 Aug 2023 11:57:03 GMT
server
cloudflare
etag
"64d4d08f-3898"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oM7cZrEg4nPLwAI0mBIV5EJoqxWd7O6etgTUCDUOWSWV9MY8Qym59T0n1mhahWYrWvCbVd5xGf01NyPy1QUUqP8EYOIdpJrAKIxGAvweIcHQoMRnIo%2BkEJI7sXo%2BGX6W2PUciyfcM3j8nmd15laokY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd0c35f9-FRA
expires
Sat, 14 Sep 2024 18:02:18 GMT
manchester-city-vs-burnley-300x150.jpg
ch.elfares-live.co/wp-content/uploads/2023/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/08/manchester-city-vs-burnley-300x150.jpg
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa6a8a7b2fa067af45ec25238dee0bf17abcc86c489ac7f017bc339a2e1aa37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773308
alt-svc
h3=":443"; ma=86400
content-length
9969
last-modified
Thu, 10 Aug 2023 06:14:36 GMT
server
cloudflare
etag
"64d4804c-26f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uW8CntaOG7X%2BGxowMZcgk7kCjkND%2Fc5amL2a7EvLDp9RI2y2md5M3OZS4AwJGxM%2FdhesXG%2BSiO7aks48F3o2f6Mfkaq9ZwjXWSeCnujAt7fpkdUROnKhxwfluLq3zj1d%2BPTXkcJH%2F6Epa5JmHS4%2F%2BOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd0f35f9-FRA
expires
Sat, 14 Sep 2024 18:02:18 GMT
0960191b-1a75-4ed5-8c48-6d14a2689603_16x9_1200x676-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/04/0960191b-1a75-4ed5-8c48-6d14a2689603_16x9_1200x676-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556ef8ba71414ecf6101d96acb3f3bd2227852b16bffcf4dd6188b5edc17f0e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773308
alt-svc
h3=":443"; ma=86400
content-length
13978
last-modified
Wed, 26 Apr 2023 23:58:49 GMT
server
cloudflare
etag
"6449bab9-369a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7glNz%2B1YG1z1rxFzKL6SAswNcq3ZoePReTm9ienCjkXrLTHesJ94MPVNdQ5vVAfslgviBcAgfXP%2BErx6dpWTqZ5B1RTy2EtYy8WrZ8epw%2Fe22IAS20yBjKCTDD0TjSFagWkvctsxC%2Bu%2FSqmgDHbnPM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd1135f9-FRA
expires
Sat, 14 Sep 2024 18:02:18 GMT
9dbd1005-2a47-45e7-8635-ca8a17c2d2d5_16x9_1200x676-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/04/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/04/9dbd1005-2a47-45e7-8635-ca8a17c2d2d5_16x9_1200x676-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa9c2b304eb5abf5765d9519f7555ebd0ebd5bbdebecc116848769e52c0e0ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41347
alt-svc
h3=":443"; ma=86400
content-length
11584
last-modified
Wed, 26 Apr 2023 23:53:01 GMT
server
cloudflare
etag
"6449b95d-2d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xs4pS2uV0FKSJ0ReBn4YbNgr1%2BQ%2FBhSJe8%2Bbhk%2FXZ%2F9Jh%2F6Z4yenS8fFj2ki%2FDnSaIQzGo%2FMT7xPlAcKSl85A%2F6PMKoGQJFjQWJ3oRUsCB5WGLOfMbTysGv9OwWGhMzqnYFIVAFfDG5w2I525Q%2FcR2w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd1235f9-FRA
expires
Fri, 04 Oct 2024 19:07:40 GMT
6a868e65-c6b0-4389-86f3-0741bb331399_16x9_1200x676-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/04/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/04/6a868e65-c6b0-4389-86f3-0741bb331399_16x9_1200x676-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22811fb59157181e47f4c328ea7873484d30b791fccd095d8045c0e5a047298

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773308
alt-svc
h3=":443"; ma=86400
content-length
8148
last-modified
Tue, 18 Apr 2023 01:13:40 GMT
server
cloudflare
etag
"643deec4-1fd4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAsRo7%2Bdm%2F0RE6AAK3egawSU1TPd0OXoGBZPmsShyavuhTzkh7oFnWznfOrk6%2BOjmBrz85drpiSjQ4EwlP6eSYTY%2BiC4W9qI%2BYmK9XmPvxFQD2j5hd5mhR2deqjxA0Yn8wK214cTus8AqJDsiMd8hbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd1335f9-FRA
expires
Sat, 14 Sep 2024 18:02:18 GMT
51f58f98-0e64-4507-bc7b-5996e01bb15a_16x9_1200x676-300x169.webp
ch.elfares-live.co/wp-content/uploads/2023/04/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/04/51f58f98-0e64-4507-bc7b-5996e01bb15a_16x9_1200x676-300x169.webp
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac10d9bd813a51c02bf290e459008ac92550558b552179b6dbc909d414106db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41347
alt-svc
h3=":443"; ma=86400
content-length
11226
last-modified
Tue, 18 Apr 2023 01:03:17 GMT
server
cloudflare
etag
"643dec55-2bda"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hENeR6i%2B0QJg04oOZQFU6zU97xSted5fNhW1bMeTzUECOSd9wg2sli%2B5QHcIqYtXv51iI7tApS1rsi1oqJ7EhVvC%2BQ7PhxSLLsuhVgTL5nM86Xz%2BgHjOXyQ%2BNWSh%2BU9K8I4tw%2FyWYdS8CMNj1TKRVuo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd1535f9-FRA
expires
Fri, 04 Oct 2024 19:07:40 GMT
06606CAE-76CA-4C13-A773-A10441292ABD-300x169.jpeg
ch.elfares-live.co/wp-content/uploads/2023/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ch.elfares-live.co/wp-content/uploads/2023/04/06606CAE-76CA-4C13-A773-A10441292ABD-300x169.jpeg
Requested by
Host: ch.elfares-live.co
URL: https://ch.elfares-live.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbb851f3f0cc33eca38ce6cf437463fc1cf0b9a4389454341d386d1da82f94c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41347
alt-svc
h3=":443"; ma=86400
content-length
22844
last-modified
Tue, 11 Apr 2023 00:48:00 GMT
server
cloudflare
etag
"6434ae40-593c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TpDf%2BU70H1GNHvbssGtFQge%2BZcXhCmXmAKbi9bLsAqOYFtRj2Vjq6xPtIqYItp4Xii9WkoNwyDItblIgcbNB5ZtH7ZTHIgdYCpnI9h0FGbYZTy0cEpXsrLJ%2BU6nhZFKwGhsZL9CQNidMImjNi8zAq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811beb2afd1835f9-FRA
expires
Fri, 04 Oct 2024 19:07:40 GMT
truncated
/ 		37 B
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		215 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HX7TRYEWFW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237442691-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
239bd6d425408adfe97d71b6929518fa27ce7bafcd20217290c61d5457ad86d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78985
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 06:41:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-237442691-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 05:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3104
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 06 Oct 2023 07:49:42 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4W97XZBM34&gtm=45Pe3a40&_p=265851980&gdid=dZGIzZG.dZTNiMT&cid=1732030802.1696574486&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696574486&sct=1&seg=0&dl=https%3A%2F%2Fch.elfares-live.co%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%81%D8%A7%D8%B1%D8%B3%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WKGBNR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 06:41:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ch.elfares-live.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GE16YFPG4X&gtm=45je3a40&_p=265851980&gdid=dZGIzZG.dZTNiMT&cid=1732030802.1696574486&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696574486&sct=1&seg=0&dl=https%3A%2F%2Fch.elfares-live.co%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%81%D8%A7%D8%B1%D8%B3%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GE16YFPG4X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 06:41:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ch.elfares-live.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=265851980&t=pageview&_s=1&dl=https%3A%2F%2Fch.elfares-live.co%2F&ul=en-us&de=UTF-8&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%81%D8%A7%D8%B1%D8%B3%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=705657756&gjid=926761781&cid=1732030802.1696574486&tid=UA-237442691-1&_gid=265613405.1696574486&_r=1&gtm=457e3a40&did=dZGIzZG%2CdZTNiMT&gdid=dZGIzZG.dZTNiMT&jsscut=1&z=2131417128
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 06:41:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ch.elfares-live.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9026749675825649&plah=ch.elfares-live.co&bust=31078466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9026749675825649&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1efe171da742af8aae10fec1c24bf52526309ded55a95968907c0ca46836f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131796
x-xss-protection
0
server
cafe
etag
8621021873637392690
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 06 Oct 2023 06:41:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 617C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9026749675825649&host=ca-host-pub-2644536267352236
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
58377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 14:28:29 GMT
etag
2603938475786422795
expires
Thu, 19 Oct 2023 14:28:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HX7TRYEWFW&gtm=45je3a40&_p=265851980&cid=1732030802.1696574486&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1696574486&sct=1&seg=0&dl=https%3A%2F%2Fch.elfares-live.co%2F&dt=%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D9%81%D8%A7%D8%B1%D8%B3%20%D9%84%D8%A7%D9%8A%D9%81%20%7C%20%D9%85%D8%A8%D8%A7%D8%B1%D9%8A%D8%A7%D8%AA%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AB%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HX7TRYEWFW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 06:41:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ch.elfares-live.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ch.elfares-live.co&callback=_gfp_s_&client=ca-pub-9026749675825649
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9026749675825649&plah=ch.elfares-live.co&bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20fb7a388f065fc5ac35611c8f6b73ee7344a422ec755165e492d63da46466ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C2A6 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9026749675825649&output=html&adk=1812271804&adf=3025194257&lmt=1696567286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fch.elfares-live.co%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696574486369&bpp=4&bdt=266&idt=280&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7020641079407&frm=20&pv=2&ga_vid=1732030802.1696574486&ga_sid=1696574487&ga_hid=265851980&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076839%2C44804782%2C31078466&oid=2&pvsid=2488033331712937&tmod=556418282&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9026749675825649&plah=ch.elfares-live.co&bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 06:41:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9026749675825649&plah=ch.elfares-live.co&bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
662db65c8844f416af488e27ef60908fc5d52341d9b7e7e2d70c4a0247870f5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12151
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9026749675825649&plah=ch.elfares-live.co&bust=31078466
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 06:41:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A056 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
83065
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 05 Oct 2023 07:37:05 GMT
expires
Fri, 04 Oct 2024 07:37:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9274 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
47113fa442be16ba4f513fdb9ed469b2a1b78a7c685145518466b3a507e2735d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8gYEA6A2zBU8b8MMzPYVqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8gYEA6A2zBU8b8MMzPYVqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 06 Oct 2023 06:41:30 GMT
expires
Fri, 06 Oct 2023 06:41:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
pagead2.googlesyndication.com/bg/ Frame A056 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
42237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14663
x-xss-protection
0
last-modified
Mon, 02 Oct 2023 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Oct 2024 18:57:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9274 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2488033331712937&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A056 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4mWQ5A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 06:41:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2488033331712937&bg=!OTqlOnXNAAbjlzx0w5c7ADQBe5WfOLtZMIeQ1XoWIpmqOn437nTBvMD_DKpJk3dHTzJkONJhwlm3SaYh-loCCqKst1FmAgAAAFBSAAAACWgBB5kCug26gWrp1zTGQJoTGZz3mCcx_K9qtW0nN8T0IFBKm27rnaQO8D5VbWCg5O5y3nAbHJgUYQOaUB3Xp1kR9dXKRgY4vYMztqL1_1y35hF7Y29eabTnyIDZp6iOI0u7Mnvq71xxZNifzuwVqq2sXcSDD-0nKrTgnYf0iM_WnoSQy2L9pZugOkYSQy5zBJfNdId_tNOFMzk3N40FrjoBaQtx5BOy5HY3TntB8hoTWnG4qXSWu70etbwVZqXcQ-aP6Q2Xlp_IKU27YDrF81zAoZvVBB9xzwInJnWXtLk2bArnj68XlwQnP4N6j6zZzGClfaBJbtI0BGJxXQc3Lu_uRPXD5YIybIM1taR21BKY5BXIlplUbjHIcYGTIWO2Vhj2UJrjrGEDf-6wOhY7aM17JFMiBQamdbtWjZ50MN14ttFCr_GDCusXNKINbwWauBhzRcdVYC9z6CktKn9hZO1KmHo9_TTcB77Dx8vA5YbYODpTMjxFiMPvzcxl7vGyrW0GuI764M4XqS9L0FGU0B3eMz1NW3n13yzFG58ZKg8lv1XHzyuwtgy5HSYl6vWvGkmJNFoA2aBwMtJSTUM_1iE4fV-HTpUyLTlAmN-rQ7jghP2Voy2Hqk-NzymxOHiQT8XyB33Id6Z-TjeBIdLaOblQ-TKzVQgNuFwvc-T2XjP2CCyyEqBJ0wAy1srJc6ctwm77P1NnH1csnkE9qTiHLLn31oSWAr0Bc-ofY1MKP67qXJYmjBGT-U1LmAq5AcDKeyO5cjdIB57NtLGX8mDpKnocDZIVYDbpIA5MPhSVj_EFWrDGyoSO-WhfiVtt_33VQYg4QHf5T1m1IyJ4RY-fFnbyGk365vT20l10DIMdxQWEId19UzTpmfRyxctpe76dKWe0tVyAxv0xaB6hc3yoMfDfop1-l72mS0-7Pf1SVdN7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| mi_version boolean| mi_track_user string| mi_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| dataLayer object| MonsterInsightsDualTracker function| gtag function| __gaTracker object| google_tag_manager object| google_tag_data object| gaGlobal function| MonsterInsights object| MonsterInsightsObject object| monsterinsights_frontend function| rdmode object| c2 function| AlbaLoadLazy function| HqyLazyload function| AlbaLoadMorPostScroall string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
.elfares-live.co/ Name: _ga_WB0KPMTLTG
Value: GS1.1.1696574486.1.0.1696574486.0.0.0
.elfares-live.co/ Name: _ga_4W97XZBM34
Value: GS1.1.1696574486.1.0.1696574486.0.0.0
.elfares-live.co/ Name: _ga_GE16YFPG4X
Value: GS1.1.1696574486.1.0.1696574486.0.0.0
.elfares-live.co/ Name: _gid
Value: GA1.2.265613405.1696574486
.elfares-live.co/ Name: _gat_gtag_UA_237442691_1
Value: 1
.elfares-live.co/ Name: _ga_HX7TRYEWFW
Value: GS1.1.1696574486.1.0.1696574486.0.0.0
.elfares-live.co/ Name: _ga
Value: GA1.1.1732030802.1696574486
.elfares-live.co/ Name: __gads
Value: ID=4cedd813269858d6-2214b15d7be400a6:T=1696574486:RT=1696574486:S=ALNI_MYRHB82Dblu0GhLVqePL6D9eYXiFg
.elfares-live.co/ Name: __gpi
Value: UID=00000c8f7b83e385:T=1696574486:RT=1696574486:S=ALNI_Mbn4O_lY7EH6RGZ0BW8MHDdy1zIAw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9026749675825649&output=html&adk=1812271804&adf=3025194257&lmt=1696567286&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x810_l%7C260x810_r&format=0x0&url=https%3A%2F%2Fch.elfares-live.co%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696574486369&bpp=4&bdt=266&idt=280&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7020641079407&frm=20&pv=2&ga_vid=1732030802.1696574486&ga_sid=1696574487&ga_hid=265851980&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31076839%2C44804782%2C31078466&oid=2&pvsid=2488033331712937&tmod=556418282&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=296
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

al3med-live.com
ch.elfares-live.co
elfares-live.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3034::ac43:9813
2606:4700:3035::ac43:cfd3
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a06:98c1:3121::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
072d1c567a8fa07e9c8ca7d6f4ce800a7a181bf04fe985739ceb58853076ecb4
0ac10d9bd813a51c02bf290e459008ac92550558b552179b6dbc909d414106db
183a8a45d21c9e08f327306b313a677e14df544b7fbe005f832bae1ae0828f4a
18588f1581eeeebaef76be52d09261c5c1a886d1a02ede533adb62c334d122e6
20fb7a388f065fc5ac35611c8f6b73ee7344a422ec755165e492d63da46466ab
239bd6d425408adfe97d71b6929518fa27ce7bafcd20217290c61d5457ad86d5
3d79e1b4c0c8be1fce5a7594fa5fdbc9e537064bb756981e9cc5d1af8f7958f7
47113fa442be16ba4f513fdb9ed469b2a1b78a7c685145518466b3a507e2735d
50b355d30ddbdcfbc57eb2a32734c6574995395b4c64f278ce270f8646b5f3b4
556ef8ba71414ecf6101d96acb3f3bd2227852b16bffcf4dd6188b5edc17f0e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c59f96055c928ee9eaf57878012ac638416223ddb5040912c1ac822be54de43
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
662db65c8844f416af488e27ef60908fc5d52341d9b7e7e2d70c4a0247870f5e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725695280088b4a7f1f43936b2ff0ec321040d4921c1b782e97c74cc5c89e02f
762da70c6370055de33526a9779f84c1ed20d3af9f09b549941b02a52af7c853
796cf28f51c75a2c21d8910ba1267b2924c188000dc0bd8e2f8a5bcc1e88af12
7dc4ea337d083d3cecc8cf002c664c0f9b68776530e4e41b7fe74b86f95b9a8b
7df44996aeb436d6ed68bca67dee77de860d92303da3f8dbd5837c55e82a1d77
8b4aa54ebc66d78301b0bc7f076227fd11752ecabe142b2ed48ce7cb24fcc823
a0228aa7d5854de171e6f6d46c076c085616b189047fef118a58900d1df9e42c
aeebe0b66376a2cec2630d5de0979c956d3ee46f1444495dc5a316b0b1a5d28a
b28daf5f54eae5a6497b8c9d0c6d2278436183f2f38c77a4db1c91d0ffb2d50c
b9cd8dafa7e20bf8cde7f0e9944a66d6e957da099dda2b3f117733ad0208dbcb
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7269d642327a2174736fc2b0231d1626e6fff1ca2f57e19c59835e73febe85
c5a8cec60b5774c8e0ea5d3feed60f15820528d3cf18a4634cd29c6b23baa2b4
cbb851f3f0cc33eca38ce6cf437463fc1cf0b9a4389454341d386d1da82f94c2
d22811fb59157181e47f4c328ea7873484d30b791fccd095d8045c0e5a047298
d56c6c4ef8b84f9dfece36959396d3249911d138ff5f1c85884898b51be927e7
de103d5f4ad393bb96697192045e2f571c47b491690081364d746755fbc9a3f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1efe171da742af8aae10fec1c24bf52526309ded55a95968907c0ca46836f56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa9c2b304eb5abf5765d9519f7555ebd0ebd5bbdebecc116848769e52c0e0ba
f06ced921fb391f40010377e3616affe4715680e17d13e503999c59eed6a7e9b
faa6a8a7b2fa067af45ec25238dee0bf17abcc86c489ac7f017bc339a2e1aa37