elwajiha.com Open in urlscan Pro
2606:4700:3033::6818:67e3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.elwajiha.com/dm.php?e=edebuf%40icrc.org
Effective URL:
http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Submission: On September 29 via api (September 29th 2020, 2:58:12 am UTC) from US

Summary HTTP 34 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 10 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3033::6818:67e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is elwajiha.com.

This is the only time elwajiha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3033::6818:67e3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1 2	162.241.154.14 162.241.154.14	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
34	7

15 2606:4700:3033::6818:67e3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.elwajiha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
elwajiha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.154.14 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-154-14.unifiedlayer.com

timesprayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	elwajiha.com 1 redirects www.elwajiha.com elwajiha.com	232 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	190 KB
3	doubleclick.net googleads.g.doubleclick.net
2	google-analytics.com www.google-analytics.com	18 KB
2	timesprayer.com 1 redirects timesprayer.com	287 B
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	googleapis.com fonts.googleapis.com	1021 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	890 B
1	google.de adservice.google.de	890 B
34	10

	Domain	Requested by
14	elwajiha.com	elwajiha.com
5	pagead2.googlesyndication.com	elwajiha.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google-analytics.com	elwajiha.com www.google-analytics.com
2	timesprayer.com	1 redirects elwajiha.com
2	fonts.googleapis.com	elwajiha.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	pixel.wp.com	elwajiha.com
1	stats.wp.com	elwajiha.com
1	www.elwajiha.com	1 redirects
34	13

This site contains links to these domains. Also see Links.

Domain
plus.google.com
www.facebook.com
www.youtube.com
gmail.com
wquran.net

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
timesprayer.com cPanel, Inc. Certification Authority	`2020-08-03` - `2020-11-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Frame ID: 600611E5C659315281F1A1D848721306
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: F67405E85649F8AFA8D0E0799A64CF32
Requests: 1 HTTP requests in this frame

Frame: https://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true
Frame ID: B6966292AF57260EFFAAC38E49ACDA74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5944362249061261&output=html&adk=3046330955&adf=2044148826&lmt=1601348274&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&ea=0&flash=0&pra=5&wgl=1&dt=1601348273954&bpp=14&bdt=208&idt=126&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4134700865310&frm=20&pv=2&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=49982204&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=144
Frame ID: 112604EB9B08228D96A2877E50D15F58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5944362249061261&output=html&h=280&slotname=5037395239&adk=4146588170&adf=4117567796&w=728&fwrn=4&fwrnh=100&lmt=1601348274&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601348273970&bpp=35&bdt=225&idt=137&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4134700865310&frm=20&pv=1&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=586853116&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=67&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=0pCDj9mWKr&p=http%3A//elwajiha.com&dtd=142
Frame ID: C4AADF4BA67335C73CB12747C4779345
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 50B276FEDB596380265ABDD03B8C1665
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.elwajiha.com/dm.php?e=edebuf%40icrc.org HTTP 301
http://elwajiha.com/dm.php?e=edebuf%40icrc.org Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

34
Requests

53 %
HTTPS

71 %
IPv6

10
Domains

13
Subdomains

7
IPs

2
Countries

473 kB
Transfer

1362 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/u/0/b/118030158541839030096/118030158541839030096

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elwajihanews/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/%D9%85%D9%88%D9%82%D8%B9%D8%A7%D9%84%D9%88%D8%A7%D8%AC%D9%87%D8%A9

Search URL Search Domain Scan URL

URL: http://gmail.com/
Title: رشيد

Search URL Search Domain Scan URL

URL: http://wquran.net/
Title: واحة القرآن

Search URL Search Domain Scan URL

URL: https://plus.google.com/118030158541839030096
Title: ‪‬‏

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.elwajiha.com/dm.php?e=edebuf%40icrc.org HTTP 301
http://elwajiha.com/dm.php?e=edebuf%40icrc.org Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true HTTP 301
https://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true

Request Chain 21

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request dm.php Show response
elwajiha.com/
Redirect Chain

https://www.elwajiha.com/dm.php?e=edebuf%40icrc.org
http://elwajiha.com/dm.php?e=edebuf%40icrc.org

170 KB
36 KB

1934ms
1921ms

Document
text/html

2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.22
Resource Hash: a16f02ccbbe9a159c669bffdf460ff79e9f49cc8d46b53f024251fc124b9ed99

Request headers

Host: elwajiha.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=df7a3fda39312d3580b420616583722c41601348269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.22
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://elwajiha.com/wp-json/>; rel="https://api.w.org/"
CF-Cache-Status: DYNAMIC
cf-request-id: 05796496d200001fd2abbd7200000001
Server: cloudflare
CF-RAY: 5da2706aece51fd2-AMS
Content-Encoding: gzip

Redirect headers

status: 301
date: Tue, 29 Sep 2020 02:57:51 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df7a3fda39312d3580b420616583722c41601348269; expires=Thu, 29-Oct-20 02:57:49 GMT; path=/; domain=.elwajiha.com; HttpOnly; SameSite=Lax
x-powered-by: PHP/7.3.22
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
location: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
cf-cache-status: DYNAMIC
cf-request-id: 0579648c9f00000b534704b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5da2705a99f40b53-AMS

GET
H/1.1 200
OK style-rtl.min.css
elwajiha.com/wp-includes/css/dist/block-library/ 52 KB
8 KB 39ms
25ms Stylesheet
text/css 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.5.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2d402072f792fd75a519a7994a0427991afa072302b404841e31861764d5a9

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
last-modified: Wed, 02 Sep 2020 15:01:14 GMT
Server: cloudflare
Age: 10
etag: W/"d1e6-5ae55e8312c0a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da2707708c40c71-AMS
cf-int-pingora-origin-digest: {"ext_ip":"141.101.76.75","ext_port":64902,"upstream_rtt":6,"upstream_reused":false,"http_version":1}
cf-request-id: 0579649e6700000c71f7a39200000001

GET
H/1.1 200
OK style.css
elwajiha.com/wp-content/themes/jarida/ 140 KB
27 KB 52ms
39ms Stylesheet
text/css 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/themes/jarida/style.css?ver=5.5.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cc740e91f32c8b01426c905abf0fa494f3ceb99e7b43a0a3a1a76a6472398c

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 25 Jan 2018 18:22:15 GMT
Server: cloudflare
Age: 9
ETag: W/"2302f-5639ddbf783c0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da27077095bbf50-AMS
cf-request-id: 0579649e670000bf50ada5a200000001

GET
H2 200 droidarabicnaskh
fonts.googleapis.com/earlyaccess/ 1 KB
403 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/droidarabicnaskh?ver=5.5.1

Requested by

Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 29 Sep 2020 02:57:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
618 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700&ver=5.5.1

Requested by

Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ef61b0855ecdcb1721cccf976e5df79f0de0e8bb4c0af4527ef16028631f901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 02:57:53 GMT
server: ESF
date: Tue, 29 Sep 2020 02:57:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Sep 2020 02:57:53 GMT

GET
H/1.1 200
OK jetpack-rtl.css
elwajiha.com/wp-content/plugins/jetpack/css/ 75 KB
14 KB 37ms
24ms Stylesheet
text/css 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/plugins/jetpack/css/jetpack-rtl.css?ver=8.9.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0cee7b5cd326b016ae5859f1abe6989c14532c237c8a0da5817cef3cb24ab8

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 17 Sep 2020 01:39:25 GMT
Server: cloudflare
Age: 10
ETag: W/"12d4e-5af7874469aad"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da2707709bd0bf1-AMS
cf-request-id: 0579649e6700000bf1d7a27200000001

GET
H/1.1 200
OK jquery.js Show response
elwajiha.com/wp-includes/js/jquery/ 95 KB
33 KB 40ms
26ms Script
application/javascript 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 02 Sep 2020 14:59:30 GMT
Server: cloudflare
Age: 10
ETag: W/"17a69-5ae55e1f9875b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270770c21d8b1-AMS
cf-request-id: 0579649e680000d8b10fa06200000001

GET
H/1.1 200
OK rtl.css
elwajiha.com/wp-content/themes/jarida/ 13 KB
4 KB 38ms
26ms Stylesheet
text/css 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/themes/jarida/rtl.css
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3fdcca8239da04af28bf1f3fc372ec22ffb07b6524ad591550b196b27397584

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 25 Jan 2018 18:22:15 GMT
Server: cloudflare
Age: 10
ETag: W/"354e-5639ddbf783c0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270770ddb1ec2-AMS
cf-request-id: 0579649e6800001ec2f80f6200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
45 KB 47ms
26ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45153
x-xss-protection: 0
server: cafe
etag: 585107306576143112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 02:57:53 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
45 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 585107306576143112
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 45153
X-XSS-Protection: 0
Expires: Tue, 29 Sep 2020 02:57:53 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
elwajiha.com/wp-includes/js/ 14 KB
5 KB 23ms
22ms Script
application/javascript 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 02 Sep 2020 14:52:45 GMT
Server: cloudflare
Age: 9
ETag: W/"37a6-5ae55c9de62dd"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270776970bf50-AMS
cf-request-id: 0579649ea40000bf50ada5e200000001

GET
H/1.1 200
OK elwajiha-2.jpg
elwajiha.com/wp-content/uploads/2018/02/ 47 KB
47 KB 20ms
19ms Image
image/jpeg 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elwajiha.com/wp-content/uploads/2018/02/elwajiha-2.jpg
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dd5b34bda391aaced548b39f1346645722a6b1dd085e3dd0e79d2a2632eb133

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 06 Feb 2018 19:57:25 GMT
Server: cloudflare
Age: 9
ETag: "bace-564909667b340"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5da270776c74d8b1-AMS
Content-Length: 47822
cf-request-id: 0579649ea40000d8b10fa08200000001

GET
H/1.1 200
OK ge-ss-med.ttf
elwajiha.com/wp-content/themes/jarida/fonts/ 30 KB
15 KB 19ms
19ms Font
application/font-sfnt 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/themes/jarida/fonts/ge-ss-med.ttf
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/wp-content/themes/jarida/rtl.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dcee071040500dd82d90677e11d47cbb6e8ec24c568d2b164af26aa876c9ffc

Request headers

Origin: http://elwajiha.com
Referer: http://elwajiha.com/wp-content/themes/jarida/rtl.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 25 Jan 2018 18:23:47 GMT
Server: cloudflare
Age: 9
ETag: W/"7830-5639de17352c0"
Vary: Accept-Encoding
Content-Type: application/font-sfnt
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270778e8a1ec2-AMS
cf-request-id: 0579649eb100001ec2f8107200000001

GET
H/1.1 200
OK tiefontello.woff
elwajiha.com/wp-content/themes/jarida/fonts/ 17 KB
18 KB 39ms
38ms Font
application/font-woff 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/themes/jarida/fonts/tiefontello.woff?48072461
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/wp-content/themes/jarida/style.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa

Request headers

Origin: http://elwajiha.com
Referer: http://elwajiha.com/wp-content/themes/jarida/style.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 25 Jan 2018 18:23:48 GMT
Server: cloudflare
ETag: W/"45d4-5639de1829500"
Vary: Accept-Encoding
Content-Type: application/font-woff
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270778c7e1fd2-AMS
cf-request-id: 0579649eb500001fd2ab8ca200000001

GET
H/1.1 200
OK top-shadow.png
elwajiha.com/wp-content/themes/jarida/images/ 6 KB
6 KB 16ms
16ms Image
image/png 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://elwajiha.com/wp-content/themes/jarida/images/top-shadow.png
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/wp-content/themes/jarida/style.css?ver=5.5.1
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10

Request headers

Referer: http://elwajiha.com/wp-content/themes/jarida/style.css?ver=5.5.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
CF-Cache-Status: HIT
last-modified: Thu, 25 Jan 2018 18:23:52 GMT
Server: cloudflare
Age: 9
etag: "162f-5639de1bf9e00"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 5da27077bec51ec2-AMS
cf-int-pingora-origin-digest: {"ext_ip":"141.101.104.66","ext_port":13694,"upstream_rtt":6,"upstream_reused":false,"http_version":1}
Content-Length: 5679
cf-request-id: 0579649ed700001ec2f810b200000001

GET
H/1.1 200
OK photon.min.js Show response
elwajiha.com/wp-content/plugins/jetpack/_inc/build/photon/ 758 B
859 B 18ms
16ms Script
application/javascript 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 17 Sep 2020 01:39:24 GMT
Server: cloudflare
Age: 9
ETag: W/"2f6-5af78743e7c98"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270782f271ec2-AMS
cf-request-id: 0579649f1c00001ec2f810e200000001

GET
H/1.1 200
OK tie-scripts.js Show response
elwajiha.com/wp-content/themes/jarida/js/ 61 KB
17 KB 19ms
17ms Script
application/javascript 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-content/themes/jarida/js/tie-scripts.js?ver=5.5.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556963873904f51de9af3c23c6b20ab85236986dc37de5c2da780d882f2b558e

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
last-modified: Thu, 25 Jan 2018 18:23:56 GMT
Server: cloudflare
Age: 9
etag: W/"f3d9-5639de1fca700"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270782d371fd2-AMS
cf-int-pingora-origin-digest: {"ext_ip":"162.158.111.34","ext_port":53192,"upstream_rtt":6,"upstream_reused":false,"http_version":1}
cf-request-id: 0579649f1c00001fd2ab8cf200000001

GET
H/1.1 200
OK wp-embed.min.js Show response
elwajiha.com/wp-includes/js/ 1 KB
1 KB 18ms
17ms Script
application/javascript 2606:4700:3033::6818:67e3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://elwajiha.com/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 2606:4700:3033::6818:67e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:53 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 02 Sep 2020 14:52:45 GMT
Server: cloudflare
Age: 9
ETag: W/"59a-5ae55c9d421ea"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5da270782d39d8b1-AMS
cf-request-id: 0579649f1c0000d8b10fa0f200000001

GET
H2 200 e-202040.js Show response
stats.wp.com/ 9 KB
3 KB 52ms
16ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202040.js
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT ams
date: Tue, 29 Sep 2020 02:57:53 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 27 Sep 2021 03:56:41 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ 229 KB
87 KB 51ms
37ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Sep 2020 02:57:53 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame F674 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200924/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 28 Sep 2020 19:21:11 GMT
expires: Mon, 12 Oct 2020 19:21:11 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 27402
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

widgets.php
timesprayer.com/ Frame B696
Redirect Chain

http://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true
https://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true

0
0

409ms
142ms

Document
text/html

162.241.154.14
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.241.154.14 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-154-14.unifiedlayer.com
Software: LiteSpeed /
Resource Hash

Request headers

:method: GET
:authority: timesprayer.com
:scheme: https
:path: /widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2224
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 29 Sep 2020 02:57:54 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

Redirect headers

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Tue, 29 Sep 2020 02:57:53 GMT
Server: LiteSpeed
Location: https://timesprayer.com/widgets.php?name=casablanca.html&frame=1&lang=ar&sound=true&avachang=true
Vary: User-Agent

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1453
date: Tue, 29 Sep 2020 02:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 29 Sep 2020 04:33:41 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK g.gif
pixel.wp.com/ 50 B
215 B 32ms
17ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.wp.com/g.gif?v=ext&j=1%3A8.9.1&blog=66636822&post=0&tz=1&srv=elwajiha.com&host=elwajiha.com&ref=&fcp=4691&rand=0.33043692963791105
Requested by: Host: elwajiha.com
URL: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
Protocol: HTTP/1.1
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 02:57:54 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 50
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
17ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=elwajiha.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 02:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 35ms
16ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=elwajiha.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 02:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1126 0
0 43ms
42ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5944362249061261&output=html&adk=3046330955&adf=2044148826&lmt=1601348274&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&ea=0&flash=0&pra=5&wgl=1&dt=1601348273954&bpp=14&bdt=208&idt=126&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4134700865310&frm=20&pv=2&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=49982204&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5944362249061261&output=html&adk=3046330955&adf=2044148826&lmt=1601348274&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&ea=0&flash=0&pra=5&wgl=1&dt=1601348273954&bpp=14&bdt=208&idt=126&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4134700865310&frm=20&pv=2&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=49982204&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 02:57:54 GMT
server: cafe
content-length: 539
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 02:57:54 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601033670363931"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Tue, 29 Sep 2020 02:57:54 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C4AA 0
0 54ms
53ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5944362249061261&output=html&h=280&slotname=5037395239&adk=4146588170&adf=4117567796&w=728&fwrn=4&fwrnh=100&lmt=1601348274&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601348273970&bpp=35&bdt=225&idt=137&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4134700865310&frm=20&pv=1&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=586853116&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=67&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=0pCDj9mWKr&p=http%3A//elwajiha.com&dtd=142

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5944362249061261&output=html&h=280&slotname=5037395239&adk=4146588170&adf=4117567796&w=728&fwrn=4&fwrnh=100&lmt=1601348274&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=728x280&url=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1601348273970&bpp=35&bdt=225&idt=137&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4134700865310&frm=20&pv=1&ga_vid=1051922977.1601348274&ga_sid=1601348274&ga_hid=1874652307&ga_fc=0&iag=0&icsg=586853116&dssz=23&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=220&ady=67&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105%2C21067499%2C21066706&oid=3&pvsid=1531819377826872&pem=433&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=23&ifi=1&uci=a!1&fsb=1&xpc=0pCDj9mWKr&p=http%3A//elwajiha.com&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 29 Sep 2020 02:57:54 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Sep-2020 03:12:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 29 Sep 2020 02:57:54 GMT
cache-control: private

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1874652307&t=pageview&_s=1&dl=http%3A%2F%2Felwajiha.com%2Fdm.php%3Fe%3Dedebuf%2540icrc.org&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9.%20%7C%20%D8%A7%D9%84%D9%88%D8%A7%D8%AC%D9%87%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1171234234&gjid=1550214980&cid=1051922977.1601348274&tid=UA-11482259-22&_gid=896674587.1601348274&_r=1&_slc=1&z=821624898

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 02:57:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://elwajiha.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 42ms
28ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a161a9168da7da9218741169a8d8eb625958d190aaeb269c85990af7620e0177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Sep 2020 02:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6587
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 02:57:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Tue, 29 Sep 2020 02:57:55 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 50B2 0
0 27ms
13ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Mon, 28 Sep 2020 23:02:44 GMT
expires: Tue, 28 Sep 2021 23:02:44 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14111
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gda_r20200924&jk=1531819377826872&bg=!ERKlEgpYBnaPZQY_t-sCAAAAQlIAAAAKCgEZXjgOUktZba3jrbubpXx2QdpnaLKa2Tohf5kteA4JAM-e2Eb6UBYnpwWLGZJ-5YeT7aD053F14UoyFnigJnRi5-ozf5CEeFh1ifZS8Ailp1VvxERPO_vC9Bf5l15X3KwGhFoNxfT9BQdy5RsPQROzMeL98wCg9oGTtmZNe_pPqrf50EAsg8nVXuZaMrwkXe45VQjUTeXYgrNEMwr3J-QeINhN4hqRrlc9Qj7L2wmUWWOE3FcLD0fo-qcD4MRbI04kxEzNTSvCb19iT8LVfcpR65gG4wD-7unIsrDvQtyx18NK6FQD2EbyZtiWUmRUm17RGCAnJmWnfIOGfesM25j-apm4d0XVB8ss1ShTtZHiOU-kMUmNX-WuCPiZAbQUE8cVk13XJA4qvic6WRPPVCTz_HbcY1GwkMo5zE67seFeacmLizWFInh1qu1MZ7x2dNQ5YUsoLFG8Jqk9JZwiPQBqPLRuhHBJluTDQwdxrqlcvnwoexDZrnTfzY9XhfPmqcrPWYlcNOoVkKRG6gdhvoIqMdNS_zL3Klrs1AdUgNhydSlL91RX6lbtQRvxGij0TY-6qhQO460UmcgOHQm6piybTnVlzn5I5_9YtHyJ4vh1ep3vctLtNabrIr0FZs_ZjmeVKGtZhGyP2IMlYg3HmhZuZLi-SX1KzStt7ZR4zvc2m8zVRkV3_wsKd1-RS7G5zk688z_rcH7M1RNU3W-KjG_wVwL0qmKb5V6157KafLtZIZiXoLm1aQLWs4oHn4ocaJE_nXkPy-MEyxovhpgjCts3D9zfbBStQj_bY0at0TSU3b-QZ703i4IapcyOLk6VOxHY7vTndCC6l7PEKICQikDkHssf37gxlWeau6kj0dS7GB7pfSqVaVNgyoIwy861lvnwnQxr8iTukFSkDp8EuTKSAFxOWCkdLuM_NnHD5Uw2NjxtKQeTPJ2b5DUIzQAXI87f

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://elwajiha.com/dm.php?e=edebuf%40icrc.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Sep 2020 02:57:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elwajiha.com/	1970-01-19 12:49:08	Name: _gat Value: 1
.elwajiha.com/	1970-01-19 12:50:34	Name: _gid Value: GA1.2.896674587.1601348274
.doubleclick.net/	1970-01-19 12:49:09	Name: test_cookie Value: CheckForPermission
.elwajiha.com/	1970-01-20 06:20:20	Name: _ga Value: GA1.2.1051922977.1601348274
.elwajiha.com/	1970-01-19 13:32:20	Name: __cfduid Value: df7a3fda39312d3580b420616583722c41601348269

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
elwajiha.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
timesprayer.com
tpc.googlesyndication.com
www.elwajiha.com
www.google-analytics.com
www.googletagservices.com
162.241.154.14
192.0.76.3
2606:4700:3033::6818:67e3
2a00:1450:4001:802::200a
2a00:1450:4001:817::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:820::200e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f4becf7aa4520a267deefcfb80ed580800fa75b8c968d6bfd2ea9e14d65b642
0facd387627530907acc0b41d7076a1313a748ba84d37983618c04f2e66f1849
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
556963873904f51de9af3c23c6b20ab85236986dc37de5c2da780d882f2b558e
5b09f18871051d90f639ce0474f3ce9ccef6b2a1a8b4572c8314e5069d99756f
5ef61b0855ecdcb1721cccf976e5df79f0de0e8bb4c0af4527ef16028631f901
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
62cc740e91f32c8b01426c905abf0fa494f3ceb99e7b43a0a3a1a76a6472398c
6dd5b34bda391aaced548b39f1346645722a6b1dd085e3dd0e79d2a2632eb133
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8dcee071040500dd82d90677e11d47cbb6e8ec24c568d2b164af26aa876c9ffc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a161a9168da7da9218741169a8d8eb625958d190aaeb269c85990af7620e0177
a16f02ccbbe9a159c669bffdf460ff79e9f49cc8d46b53f024251fc124b9ed99
cc2d402072f792fd75a519a7994a0427991afa072302b404841e31861764d5a9
d3fdcca8239da04af28bf1f3fc372ec22ffb07b6524ad591550b196b27397584
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fd0cee7b5cd326b016ae5859f1abe6989c14532c237c8a0da5817cef3cb24ab8

elwajiha.com Open in urlscan Pro 2606:4700:3033::6818:67e3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

53 %HTTPS

71 %IPv6

10 Domains

13 Subdomains

7 IPs

2 Countries

473 kBTransfer

1362 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elwajiha.com Open in urlscan Pro
2606:4700:3033::6818:67e3 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

53 %
HTTPS

71 %
IPv6

10
Domains

13
Subdomains

7
IPs

2
Countries

473 kB
Transfer

1362 kB
Size

5
Cookies

34 HTTP transactions
0 data transactions