urlscan.io logo urlscan.io
SecurityTrails logo

ar.whotwi.com Open in urlscan Pro
2606:4700:3037::ac43:dd52  Public Scan

Go To Rescan Add Verdict Report
URL: https://ar.whotwi.com/
Submission Tags: falconsandbox
Submission: On December 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 17 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3037::ac43:dd52, located in United States and belongs to CLOUDFLARENET, US. The main domain is ar.whotwi.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time ar.whotwi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
1 202.47.25.79 2914 (NTT-COMMU...)
2 13.225.80.25 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.68.78 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
4 172.217.18.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 153.254.173.97 2914 (NTT-COMMU...)
1 143.204.89.12 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.244.42.136 13414 (TWITTER)
56 24
11    2606:4700:3037::ac43:dd52 (United States)

ASN13335 (CLOUDFLARENET, US)
ar.whotwi.com
static.whotwi.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
1    202.47.25.79 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
js.gsspcln.jp
2    13.225.80.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-25.fra2.r.cloudfront.net
b.st-hatena.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    65.9.68.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
social-dog.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net
maxcdn.bootstrapcdn.com
4    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0a8f5ade3da49a2c69bc662f70853392.safeframe.googlesyndication.com
5    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    153.254.173.97 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
aladdin.genieesspv.jp
1    143.204.89.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-12.fra50.r.cloudfront.net
b.hatena.ne.jp
3    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
9 static.whotwi.com ar.whotwi.com
6 platform.twitter.com ar.whotwi.com
platform.twitter.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ar.whotwi.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com ar.whotwi.com
www.google-analytics.com
3 www.googletagservices.com ar.whotwi.com
securepubads.g.doubleclick.net
2 www.google.com securepubads.g.doubleclick.net
ar.whotwi.com
2 apis.google.com ar.whotwi.com
apis.google.com
2 connect.facebook.net ar.whotwi.com
connect.facebook.net
2 b.st-hatena.com ar.whotwi.com
2 maxcdn.bootstrapcdn.com ar.whotwi.com
maxcdn.bootstrapcdn.com
2 ar.whotwi.com ar.whotwi.com
1 syndication.twitter.com 1 redirects
1 www.google.de ar.whotwi.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com connect.facebook.net
1 b.hatena.ne.jp b.st-hatena.com
1 aladdin.genieesspv.jp ar.whotwi.com
1 0a8f5ade3da49a2c69bc662f70853392.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 social-dog.net ar.whotwi.com
1 ajax.googleapis.com ar.whotwi.com
1 js.gsspcln.jp ar.whotwi.com
56 25
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-22 -
2021-07-22		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.gsspcln.jp
GeoTrust RSA CA 2018		 2019-03-14 -
2021-03-25		 2 years crt.sh
*.b.st-hatena.com
Amazon		 2020-10-25 -
2021-11-24		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
social-dog.net
Amazon		 2020-05-07 -
2021-06-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.genieesspv.jp
GeoTrust RSA CA 2018		 2019-03-14 -
2021-03-25		 2 years crt.sh
*.b.hatena.ne.jp
Amazon		 2020-10-20 -
2021-11-19		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://ar.whotwi.com/
Frame ID: 52D64ADE7549683FBEC5ABB96BECD9D7
Requests: 40 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0V2mInBJGtGMTt0m67_-xDC4gyDmfDB5gCB8HAYG3vFmV6fhinMdaIECbFmQzvCfM72tFH0JhrDU2ImrPukLB3NmGxZ3UjdaoQB0FdpddQrzj9t0I8FQ17QRzZhnhp0X-Rz9nzMsqRF70Lb4MuPruK4ESB9Om26i89dDVSAavjsNeookWbeCUuWz0poLQhBA3RIKxPS1UjsFjyIePy1SrSKU2v-GxohiK3wop7S8QZpza-wxN9mcF5nArgQ_E9qdxanbSYNpMiw&sai=AMfl-YQaS_RL5i9eCULnpaXK_598fj32MnL24Ep2q2UyHfxowS7T_U4LzAG_eDcYmNYQE5SGu3Sk4vtRMdXJ-3ivMNaP7BJmx0K5NJHp2jJCIbOsMKNFxu2azTV5i9ylG6I&sig=Cg0ArKJSzF0m8PpMVIl_EAE&adurl=
Frame ID: DBC87367A64EF2B3AFBD22F8B65B0EB0
Requests: 9 HTTP requests in this frame

Frame: https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1089751&cb=65408516793&charset=UTF-8&loc=https%3A%2F%2Far.whotwi.com%2F&fif=1&sw=1200&sh=1600&topframe=0
Frame ID: A8CB7F215B08A526D88AE0EF5F48603B
Requests: 1 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
Frame ID: 1FBFC82FF67DBCF93D9CBB4658344B00
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Far.whotwi.com
Frame ID: E2703E7E805DF2D8C874D6D6AD78AAF2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df808027ec8d3e8%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff469ee220a872%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 4244BC294166BF32E8897812E09D50BE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Frame ID: B9FE6B5A8676493B9009B9835A48A935
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Frame ID: 5E6FC1ADED0FE98C1EC8961DAD50D416
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: FFBFD94F2E6272867A59A7CABA460336
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: BF13196B4DE7484E209BB8BCBA9D85FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

56
Requests

100 %
HTTPS

67 %
IPv6

17
Domains

25
Subdomains

24
IPs

6
Countries

662 kB
Transfer

1624 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ar.whotwi.com/ 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4329a7f4f5cbce57906388b48310a7904abe91245613393b1eb7ab54d3d79c52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ar.whotwi.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d4766a270c1e28def6bdeba7fdd39a5431606786942; expires=Thu, 31-Dec-20 01:42:22 GMT; path=/; domain=.whotwi.com; HttpOnly; SameSite=Lax csrf_cookie_name=9e00a5500a6029d684bbbe28d54675d3; expires=Tue, 01-Dec-2020 03:42:22 GMT; Max-Age=7200; path=/; domain=.whotwi.com
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-cache-status
MISS
x-whotwi-no-cache
0
cf-cache-status
DYNAMIC
cf-request-id
06bd901d4000001786ec950000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QTx41Wtg70S90xo3s2uYNPoI1QFEmuWOG07kWrt4SV%2Fsh6ENAOOdfP%2BGSTw0qqcCsuoT0buBEvpP5wZbw3EG9oNM77SyUBjGOZIb%2FAe%2B3hpWzsqQhatW2iZv"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5fa91c7539d11786-FRA
content-encoding
br
bootstrap.min.css
static.whotwi.com/whotwi_web/library/bootstrap/css/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/library/bootstrap/css/bootstrap.min.css
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2150492
cf-request-id
06bd901fdc00001786d916e000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
W/"59672e96-1deac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sAwnPxK5jMF6jzXVUDCHx17Bcr%2BXtPbxMAo8voxb4fvo%2FhmnzJwZF2OidQqm1C8XZ69tPScpQBSinLLxaSFzwk2DAcP2wfFvSoezEOTtcMlm66gdPrT6FeNHac8VQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c796dba1786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.css
static.whotwi.com/whotwi_web/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/common.css?20180327
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a86d5b5fcb0adc176517ec76f2e4c8891a16502d8305aa04939bf0f35d9ce9

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2318895
cf-bgj
minify
cf-request-id
06bd901fdd00001786042cc000000001
last-modified
Tue, 27 Mar 2018 07:44:07 GMT
server
cloudflare
etag
W/"5ab9f647-205f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i%2Fp34XFcP6%2FeMAO0XMLFr26VmLsN08Ff87dpkaRVugBSZsL2jrjLbax22MOvjKJXUVge8XjVcbQB1lFtuarRgze1dmgQR4PE1a0G2Mz8q0X4H4CiSjJ9SGpVHjrvNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c796dbc1786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
socialdog_register_modal.css
static.whotwi.com/whotwi_web/css/ 		1 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/socialdog_register_modal.css?20180327
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222dc10adfe6a68bf11df2dc66253235d453b9b971432800426b26b24e016567

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2245254
cf-bgj
minify
cf-request-id
06bd901fdd00001786a0b00000000001
last-modified
Tue, 27 Mar 2018 07:45:15 GMT
server
cloudflare
etag
W/"5ab9f68b-569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HBEPOp2kcnFhBDsvG9hBT6kFCCqjXtZ2WiixJe6ANsstSZWBPYkPN9EEkakwfDLimg1jI5zNNVcziLWbz3GYeYwP14ya3P8n5cIFXk2soFlG82Ob9duAus5tWrwe8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c796dbd1786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
welcome.css
static.whotwi.com/whotwi_web/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/welcome.css?1522129276
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89aa7e406b977fe29591cd0fba254386c873ad08b50a8d40a663c2b353e59c7

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1985287
cf-bgj
minify
cf-request-id
06bd901fdd00001786f1a25000000001
last-modified
Tue, 27 Mar 2018 05:41:16 GMT
server
cloudflare
etag
W/"5ab9d97c-e85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8EPzayjKhEQNJAW0iCHB4y0SnkGjwKas0LdpPV2vAWySycDNSIKCFdGAIl46vyIm%2FoL1KL4d0I60W7hDnDH4rgF79dwx4SI0otrTIrxMhKSw6LaoROV%2Bn6HO1LCHgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c796dbe1786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
gpt.js
www.googletagservices.com/tag/js/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e37970414645d03fda1b2d9490b59ed026a54194e65a16044be51a69c8a1585f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"710 / 238 of 1000 / last-modified: 1606134076"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18520
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:23 GMT
index_logo_pc_en.png
static.whotwi.com/whotwi_web/img/welcome/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/whotwi_web/img/welcome/index_logo_pc_en.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b34934b6fa28e88f3089771ffcac3dbe9c39dc873ad904f4cbf7dae16257e89

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2402872
content-length
7734
cf-request-id
06bd901ffd000017869b982000000001
last-modified
Tue, 30 Oct 2018 11:04:30 GMT
server
cloudflare
etag
"5bd83abe-1e36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4pdHvKVClxTyDdzj5nq%2BYP4Nk5iGf1CivzV3v0bP5MRVsIyEo81kF3rgdg%2Beu0GLdoquthf6q0iEUhcUqHwXKnhlVNk6ywm0D8IE8YBmXiOL6KOLrb41c36UhAYFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5fa91c799df71786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
a1089751.js
js.gsspcln.jp/t/089/751/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gsspcln.jp/t/089/751/a1089751.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.79 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash
c153a03df554df84942527d973fbc6bda5ecd3bb8f15782af718207ce7fafd72

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 01:42:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Oct 2020 10:55:40 GMT
Server
nginx
ETag
W/"5f9a9fac-3a31"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=900, private
Connection
keep-alive
Expires
Tue, 01 Dec 2020 01:57:23 GMT
button-only@2x.png
b.st-hatena.com/images/entry-button/ 		441 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.st-hatena.com/images/entry-button/button-only@2x.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-25.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 01:19:26 GMT
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
last-modified
Wed, 13 May 2020 05:44:30 GMT
server
nginx
age
6481377
etag
"5ebb893e-1b9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
441
x-amz-cf-id
M_XqG_1KsZXst0Sy_d-wJCQLx6oYmqfOxL5DfUiTzAUQGOxWRgsTfQ==
expires
Fri, 17 Sep 2021 01:19:26 GMT
bookmark_button.js
b.st-hatena.com/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/js/bookmark_button.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-25.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
d5b2ca6d99341ed6b2648e99f0131258f39c3b4a611c5c444bbaf57b1184a618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 23:49:45 GMT
content-encoding
gzip
last-modified
Mon, 30 Nov 2020 05:38:19 GMT
server
nginx
age
6758
etag
W/"5fc4854b-898b"
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
AJH9Xut9c80B717qIbHGCobRtyOVUH18T81FzIZ8PU3NNozaE3Ly5g==
expires
Tue, 01 Dec 2020 23:49:45 GMT
footer_whotwi_logo.png
static.whotwi.com/trends_web/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/trends_web/img/footer_whotwi_logo.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baabc0df5d263f582e49876c014dfc05ee82cfa7e32e4bd7f6e16144d2394688

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
179350
content-length
2646
cf-request-id
06bd901ffd00001786ca194000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
"59672e96-a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=trn2zJb0L6WqRUzuJUXV3amSfXMMJfd4%2F8vNB5cjvhurJpVUqK0KyM0Kb4PaM94J0CrCfkLiRt1ntGNTZtxwye7aZcdrLnIA00LVTTztkUv6pq60qhq4ip050%2FCisw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5fa91c799df81786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading2.gif
static.whotwi.com/whotwi_web/img/common/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/whotwi_web/img/common/loading2.gif
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac86ed07ad9909bc06f77b4bedeab15bf8e12d3aca9685c96cf4a3271993dc8

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
40016
content-length
10453
cf-request-id
06bd901ffe000017869c3a2000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
"59672e96-28d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F2Bw4Uvhx3I%2BerE9tCRKCxMmThiOVVvGtcDIUZSr2qMSTIa2E8wY5VXTJ3BUGHk6DjjuPw%2BAoQhJrMV9O3xRABkRUfc7vMUpxiQTBSr0IKx1m%2F8g%2Bs0kE7AbKW%2BpMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5fa91c799df91786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 09:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490755
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 Nov 2021 09:23:07 GMT
bootstrap.min.js
static.whotwi.com/whotwi_web/library/bootstrap/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/library/bootstrap/js/bootstrap.min.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1879518
cf-request-id
06bd901ffd00001786ea8e0000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
W/"59672e96-8fd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=50MeGdfolAydzC8ttdJq1kX9M%2Bo6FJcL4GSzOmXj042gRbP63jbc7wZcjfyJ7psn2pvvOff9%2FktMB4C2WZfES1FJFm15CfgmYITnKwLhQ9vFYOuQsmO8aJI7TP9qNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c799df41786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.min.js
static.whotwi.com/whotwi_web/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/js/common.min.js?190724
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3324cfb21d40ee2038b00d7d859383b9f3e8ee53e23e4fbfac06fa7fbdccc853

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1882999
cf-request-id
06bd901ffd00001786d80e5000000001
last-modified
Wed, 24 Jul 2019 08:44:12 GMT
server
cloudflare
etag
W/"5d381a5c-ed2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8HWbSKu5w0L1aUqM6b5T1DaAKqMeldRp5L1FETLTh%2BnDN0wBGum5FasI%2FMQRdZB1mdo%2BnIM1WBOdjAHjPoKaCybA0SEJ%2BKtgxX45iXFgIt6%2BDB9kZ%2FfMEzicFkkaGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5fa91c799df61786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
socialdog_logo.png
ar.whotwi.com/common/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.whotwi.com/common/img/socialdog_logo.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:dd52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c414f5b95826eb6de86b1cee0e3e9fc678839796997ab46e029d11b3be01dd34

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2150519
content-length
21044
cf-request-id
06bd901ffe00001786bfacf000000001
last-modified
Tue, 27 Mar 2018 07:44:07 GMT
server
cloudflare
etag
"5ab9f647-5234"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h56byeOqgR%2B0TdC3iI6XHnjgv3NpTb0ClXTPUWmJwb%2BtsukRL8eDFSN3HLfqTlQ7PnMEdLeUJTorRJF2r2negNoBzyImE%2FPOvzylRR1DQgXOpLe8dlj6G1U4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5fa91c799dfa1786-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-btn-tw@2x.png
social-dog.net/assets/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://social-dog.net/assets/img/icon-btn-tw@2x.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24f8ac870fcd71ba6cb461f06f0a00a394cf06b7dff3ea7d9d5783512bf438a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GjP057P1tiv/CJ990msqCw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"bea851c60a8ea40ef796266e7fa2732b"
x-fb-debug
TF91jPgky5ZCY9k1Ma3FerRcssOTi8PUoFd+PyfnHNBgUGZtSpM+v3y/kcCAzkxKgEOeyqQDzlNOnN6t2WTUaQ==
x-fb-trip-id
664085054
x-fb-content-md5
1e9d8b0260f974b7458e5aac67bca1b3
x-frame-options
DENY
date
Tue, 01 Dec 2020 01:42:22 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 01 Dec 2020 02:00:58 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 01:42:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40FC)
Age
525
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28698
plusone.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
000bd65a7d023646b4ba348305c1ac4e81a7052cfd8fcd58090888b8e756e1e7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tABK1ZftBQPNEgwYF9n9eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"430c853b1b0dfec9e56426ea5072343a"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-tABK1ZftBQPNEgwYF9n9eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 01 Dec 2020 01:42:23 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://ar.whotwi.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
sdk.js
connect.facebook.net/ar_AR/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=cf8192b4e219bea672dff8ddc21ba15b&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17a6fb5dee64cd400866d80550df0fea3087b7c4e056281a3350e1c2ce709ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://ar.whotwi.com
Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eZV0rR+UAfxHSmPX8navAQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60210
etag
"51d7bfa637bb9f0d1c11129c2b14543c"
x-fb-debug
lV2nIOidMC5OH21zor7snC5o0WYQTmBJ8RmFhno9/SeRy69FkNs/pZ7gX5dykperusf4Vrukg1q2w4ROdpq7Vw==
x-fb-trip-id
664085054
x-fb-content-md5
26c1262b6c64a035a346e6c14825d471
x-frame-options
DENY
date
Tue, 01 Dec 2020 01:42:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 01 Dec 2021 00:28:27 GMT
pubads_impl_2020111701.js
securepubads.g.doubleclick.net/gpt/ 		277 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
sffe /
Resource Hash
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Nov 2020 09:43:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99766
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:23 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 21:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 19 Nov 2020 17:03:00 GMT
server
sffe
age
362032
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49552
x-xss-protection
0
expires
Fri, 26 Nov 2021 21:08:31 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ar.whotwi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ar.whotwi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2481712671778828&correlator=1740765196725814&output=ldjh&impl=fifs&eid=21067994%2C21066995%2C21068418&vrg=2020111701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201201&iu_parts=21616213261%2Cwhotwi_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1606786943&dt=1606786943289&dlt=1606786942927&idt=342&frm=20&biw=1600&bih=1200&oid=3&adxs=498&adys=412&adks=213411077&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Far.whotwi.com%2F&dssz=17&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=709861891.1606786943&ga_sid=1606786943&ga_hid=183349032&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
c80b505ae4a28c496e6f19f95e3dfea291d0dd17aa1f46931f068890c00fe81a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11192
x-xss-protection
0
google-lineitem-id
4621449326
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138228758468
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0a8f5ade3da49a2c69bc662f70853392.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0a8f5ade3da49a2c69bc662f70853392.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame DBC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0V2mInBJGtGMTt0m67_-xDC4gyDmfDB5gCB8HAYG3vFmV6fhinMdaIECbFmQzvCfM72tFH0JhrDU2ImrPukLB3NmGxZ3UjdaoQB0FdpddQrzj9t0I8FQ17QRzZhnhp0X-Rz9nzMsqRF70Lb4MuPruK4ESB9Om26i89dDVSAavjsNeookWbeCUuWz0poLQhBA3RIKxPS1UjsFjyIePy1SrSKU2v-GxohiK3wop7S8QZpza-wxN9mcF5nArgQ_E9qdxanbSYNpMiw&sai=AMfl-YQaS_RL5i9eCULnpaXK_598fj32MnL24Ep2q2UyHfxowS7T_U4LzAG_eDcYmNYQE5SGu3Sk4vtRMdXJ-3ivMNaP7BJmx0K5NJHp2jJCIbOsMKNFxu2azTV5i9ylG6I&sig=Cg0ArKJSzF0m8PpMVIl_EAE&adurl=
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Dec 2020 01:42:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/ Frame DBC8 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 16:13:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7327
x-xss-protection
0
server
cafe
etag
4109265994257346226
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Dec 2020 16:13:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/ Frame DBC8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201112/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 14:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
39746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1336
x-xss-protection
0
server
cafe
etag
4033927919502905291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Dec 2020 14:39:57 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame DBC8 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605702985553312"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
29194
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:23 GMT
l
www.google.com/ads/measurement/ Frame DBC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRL0IGHf7wjQ6p9pNTXnoCs9-5_eFvQHE0Bo-vSf9vKfPJt02W-xS3VfaTd1UwiRU94mQq6
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
11692991903692371461
tpc.googlesyndication.com/simgad/ Frame DBC8 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11692991903692371461
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999f70e8c2ab72997582f8ef459adeec656fb169a46f32f2c8401593046eaf3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 11:23:29 GMT
x-content-type-options
nosniff
age
397134
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59902
x-xss-protection
0
last-modified
Tue, 27 Mar 2018 04:37:49 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 11:23:29 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605702985553312"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DBC8 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkw3bsPRmJD61YiQ2ycBpJRMyfs6gbohgKeuifXgIHIDXeotG4e8oA2FFry7VzcoF61FjW0_2h4u7gj6kSwL09rhet_37UF6FucFiMH1CBoTdZC1wh9fYxoLgLM0WtPHjbc5rfPfunWANXJomaB7rHRiqRvv6beRgxI0I-8qy4JfPqlGScNW1AQZb_4CgD_JjnKMGoY4IjU71cCDT5ct7D23yraIG3eTrIYyuGRGS8p2Cad5gyFOXVsf9So9NhBnSYY_wkCMOboQHA&sai=AMfl-YSNmx0ZW37xSaMRQsccIyKdOQmuDENNo4XwQYCQwuncJEZUGZgW4iCFSf00VzcLfiA9C7juX1Cu5yxdF1izvrY4_cvRqsq6vMf512c8nCwmUXTCKhddyu6ExZOfd3o&sig=Cg0ArKJSzBH_7i-rcCcFEAE&adurl=
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Dec 2020 01:42:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame DBC8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a52be1718c80bc43807433076e965141a25fd46500968f725987e1c92ac660b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
jsk
aladdin.genieesspv.jp/yie/ld/ Frame A8CB 		724 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1089751&cb=65408516793&charset=UTF-8&loc=https%3A%2F%2Far.whotwi.com%2F&fif=1&sw=1200&sh=1600&topframe=0
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
153.254.173.97 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
/
Resource Hash
9e1520b442f3f64f77c6ebd2cc3b3d26f2deb7937d6124b4c5cdf290b374fc7c

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 01 Dec 2020 01:42:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
text/javascript; charset=UTF-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
/
b.hatena.ne.jp/entry/button/ Frame 1FBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
Requested by
Host: b.st-hatena.com
URL: https://b.st-hatena.com/js/bookmark_button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-12.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
b.hatena.ne.jp
:scheme
https
:path
/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

content-type
text/html; charset=utf-8
date
Tue, 01 Dec 2020 01:42:23 GMT
server
nginx
cache-control
public, max-age=3600, s-maxage=3600
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Nzh-2b4qF7hYkq5DQma3j7PLkdva_mmn1-8sklciMf77-OKtpD6esQ==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6752
date
Mon, 30 Nov 2020 23:49:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 01 Dec 2020 01:49:51 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame E270 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Far.whotwi.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
545929
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Dec 2020 01:42:23 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
like.php
www.facebook.com/v2.4/plugins/ Frame 4244 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df808027ec8d3e8%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff469ee220a872%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=cf8192b4e219bea672dff8ddc21ba15b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df808027ec8d3e8%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff469ee220a872%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

vary
Accept-Encoding
pragma
no-cache
x-content-type-options
nosniff
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v3.2
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
RdNTk0eC1cFPtLpCcXF9czEX+vf44fxXn7EKhtKjF8bw0UrUEK1G5IP2ixhUNBGRg9hPSNEC/J1s05gd1iwdCw==
date
Tue, 01 Dec 2020 01:42:23 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
688
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 01 Dec 2020 02:30:55 GMT
button.63c51c903061d0dbd843c41e8a00aa5a.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 01 Dec 2020 01:42:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/40FC)
Age
545931
Etag
"62d4b0301f07768d13f3ee5de8633739+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
collect
www.google-analytics.com/j/ 		4 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=183349032&t=pageview&_s=1&dl=https%3A%2F%2Far.whotwi.com%2F&ul=en-us&de=UTF-8&dt=%D8%AA%D8%AD%D9%84%D9%8A%D9%84%D8%A7%D8%AA%20%D8%AA%D9%88%D9%8A%D8%AA%D8%B1%20%D8%A7%D9%84%D8%B1%D8%B3%D9%88%D9%85%D9%8A%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D8%A9%20%D8%A8%D9%87%D9%88%D8%AA%D9%88%D9%8A%D8%AA%20%2F%20whotwi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEIhAAAAAC~&jid=271967631&gjid=1870879992&cid=709861891.1606786943&tid=UA-25118199-1&_gid=1593795330.1606786944&_r=1&_slc=1&cd1=0&cd2=OK&z=900375117
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 01:42:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
platform.twitter.com/widgets/ Frame B9FE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
545921
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Dec 2020 01:42:23 GMT
Etag
"5030b87ffec4b1f5361fb415296bd958+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40FC)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
14068
tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
platform.twitter.com/widgets/ Frame 5E6F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
545916
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Dec 2020 01:42:23 GMT
Etag
"2b33715fab53b1e4043f899d26636a80+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40FC)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12677
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-25118199-1&cid=709861891.1606786943&jid=271967631&gjid=1870879992&_gid=1593795330.1606786944&_u=aChAAEIgAAAAAC~&z=577971643
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 01 Dec 2020 01:42:23 GMT
content-type
text/plain
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25118199-1&cid=709861891.1606786943&jid=271967631&_u=aChAAEIgAAAAAC~&z=779012295
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 01:42:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25118199-1&cid=709861891.1606786943&jid=271967631&_u=aChAAEIgAAAAAC~&z=779012295
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 01:42:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jot.html
platform.twitter.com/ Frame FFBF
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://ar.whotwi.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
545932
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 01 Dec 2020 01:42:24 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40FC)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Tue, 01 Dec 2020 01:42:24 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Tue, 01 Dec 2020 01:42:24 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
status
302 Found
strict-transport-security
max-age=631138519
x-connection-hash
e6b1575fd830e7272c24f38ea14ef293
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
107
x-transaction
0024f9f4004ec75d
x-tsa-request-body-time
1
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
825dc447f87c17b1b6480556b755343e5b85359c8767fc1194389acdcf358633
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 01 Dec 2020 01:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6404
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Tue, 01 Dec 2020 01:42:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame BF13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Mon, 30 Nov 2020 23:32:46 GMT
expires
Tue, 30 Nov 2021 23:32:46 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7778
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame DBC8 		42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstRNSEkJYojDbVOL5knqEWLvHVSuuqT04GVRWWfa1IDXgh2dDyEbX8K45oVRjBxB_nETV7xcdpe0qTWF3byAinoA-DjwZolOGr1_UhJSAE&sig=Cg0ArKJSzFLg2NxW1t_dEAE&adk=213411077&tt=-1&bs=1600%2C1200&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&p=417,498,667,798&mcvt=1025&rs=0&ht=0&tfs=110&tls=1135&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=15&md=2&btr=0&cpmav=0&lm=2&rst=1606786943428&dlt&rpt=126&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C1147&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1131&is=300%2C250&iframe_loc=https%3A%2F%2Far.whotwi.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201118
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 01:42:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111701&jk=2481712671778828&bg=!6uml6cnNAAUoamvQKFi-JCmgWdxP5gIAAACaUgAAABdoAQcKAQAcxtm1Ih2tUzxw3sdbbwLzq3foq_AfU5neR0UjchagKhs3w2zsZvWAt0uhqguRIjr2_nic7eVopKzzXSUiOlYgwW0pgFFpKctsJav8UjB3Z65hMjW6Xagl9KSJyViN91-d4Fpz4oZ_6-lbwRD1kDWJpr7G9NockWg1Ro9PllvkzkvM8d6V5-GY5-z8D7GJNod0lDDk4nlsEUjByakXUPDrJuApXXMW17xAtKue3OJhtbuLHMQsnFsb-W1SoxAtOeVWLweb8dK3TvCpd_QJt1_4GZoqQHgf8x4jwhxzM8oBq4D1cfE7gDNd0n-fqkpl2jCyZd0LKLzG3G5AvNGznoXXmQG2LY47mAHn6pO1Nur0yNR6zRYAxTnCm340OyjAoIPxHuFqP-zgprPUL2BmOp39LjcavTyOXOJonbWhdiF3aj6qnvh09y4EGIm4ItzWfMq1FiXsupV5X8mBZQWhyP8oJODhXS1VJ73GKdNbJ1m1zFc8vCMXi-B-INO4wCoTYHGJdNDSiWtc-ylfoAPm0GcoqzCqqqvbWbkNneaVGVCvrBDRCIXTo9gnnpIyglytyfpPGBdp2ErShzZ23asY_OrG-JS6wydGLFttCCzu9OK1EZdnZHPGmjHsGbZg8vyzpcffsEWZkZW5J0vO6EpovlJZdHF9caoiRP1PbtBe8RwprNNEdARnhs8Z-P929kAe-G4GtLw1o9IXgPeH2RzHI35QTNVjIcPzqXhf4ymZuUSs0XEOKk4e_iYBAI2lyEduPwrySVzyker8ixc4mpweYn0DocKmzVdxpaCG94ckyRwx5pzIVuqzJi9oMNL9aFatT8S7nIl1aygpQVsTP6BaM9v84_jYAcE2uLO4d59H3s2b7PMqwj5oIDu8Xj-Gg-AzUHiJGZjtNG5ESvUg-9naFHAqEDMBxELnijDE
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Dec 2020 01:42:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| NREUM object| newrelic function| __nr_require object| googletag function| fbAsyncInit object| twttr object| FB object| __twttrll object| __twttr object| ggeac object| google_js_reporting_queue object| gapi object| ___jsl object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Hatena object| page_data function| $ function| jQuery object| whotwi function| open_profile_modal string| url object| ga_debug string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.whotwi.com/ Name: _gat
Value: 1
.whotwi.com/ Name: _gid
Value: GA1.2.1593795330.1606786944
.whotwi.com/ Name: _ga
Value: GA1.2.709861891.1606786943
.whotwi.com/ Name: __gads
Value: ID=6bc3e7333f9b6503-22ad01167fa600ed:T=1606786943:S=ALNI_Mb5T2njqE3gylnfJQ9-F0IV-JQ55g
.whotwi.com/ Name: csrf_cookie_name
Value: 9e00a5500a6029d684bbbe28d54675d3
.whotwi.com/ Name: __cfduid
Value: d4766a270c1e28def6bdeba7fdd39a5431606786942

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a8f5ade3da49a2c69bc662f70853392.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aladdin.genieesspv.jp
apis.google.com
ar.whotwi.com
b.hatena.ne.jp
b.st-hatena.com
connect.facebook.net
js.gsspcln.jp
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
platform.twitter.com
securepubads.g.doubleclick.net
social-dog.net
static.whotwi.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.244.42.136
13.225.80.25
143.204.89.12
153.254.173.97
172.217.18.162
2001:4de0:ac19::1:b:3b
202.47.25.79
209.197.3.15
2606:2800:234:59:254c:406:2366:268c
2606:4700:3037::ac43:dd52
2a00:1450:4001:802::2004
2a00:1450:4001:803::200a
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
65.9.68.78
000bd65a7d023646b4ba348305c1ac4e81a7052cfd8fcd58090888b8e756e1e7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
17a6fb5dee64cd400866d80550df0fea3087b7c4e056281a3350e1c2ce709ffe
222dc10adfe6a68bf11df2dc66253235d453b9b971432800426b26b24e016567
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24a86d5b5fcb0adc176517ec76f2e4c8891a16502d8305aa04939bf0f35d9ce9
24f8ac870fcd71ba6cb461f06f0a00a394cf06b7dff3ea7d9d5783512bf438a6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3324cfb21d40ee2038b00d7d859383b9f3e8ee53e23e4fbfac06fa7fbdccc853
4329a7f4f5cbce57906388b48310a7904abe91245613393b1eb7ab54d3d79c52
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b34934b6fa28e88f3089771ffcac3dbe9c39dc873ad904f4cbf7dae16257e89
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80412b3870c5b5349ad52d6393130fe405055e16560a3398a03c9b85302ef320
825dc447f87c17b1b6480556b755343e5b85359c8767fc1194389acdcf358633
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a52be1718c80bc43807433076e965141a25fd46500968f725987e1c92ac660b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
999f70e8c2ab72997582f8ef459adeec656fb169a46f32f2c8401593046eaf3d
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9e1520b442f3f64f77c6ebd2cc3b3d26f2deb7937d6124b4c5cdf290b374fc7c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
baabc0df5d263f582e49876c014dfc05ee82cfa7e32e4bd7f6e16144d2394688
c153a03df554df84942527d973fbc6bda5ecd3bb8f15782af718207ce7fafd72
c414f5b95826eb6de86b1cee0e3e9fc678839796997ab46e029d11b3be01dd34
c80b505ae4a28c496e6f19f95e3dfea291d0dd17aa1f46931f068890c00fe81a
cac86ed07ad9909bc06f77b4bedeab15bf8e12d3aca9685c96cf4a3271993dc8
cc0d33aa4929b71fa775ae49b0ee486a10d5dcae89693d11ceaa95192dce774e
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d5b2ca6d99341ed6b2648e99f0131258f39c3b4a611c5c444bbaf57b1184a618
d89aa7e406b977fe29591cd0fba254386c873ad08b50a8d40a663c2b353e59c7
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e37970414645d03fda1b2d9490b59ed026a54194e65a16044be51a69c8a1585f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629