elmouaten.com Open in urlscan Pro
154.91.176.79 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elmouaten.com/ap/login.jsp
Submission: On October 14 via api (October 14th 2024, 8:37:30 pm UTC) from CA — Scanned from CA

Summary HTTP 184 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 22 domains to perform 184 HTTP transactions. The main IP is 154.91.176.79, located in Hong Kong, Hong Kong and belongs to AROSS-AS, US. The main domain is elmouaten.com.
TLS certificate: Issued by R10 on October 14th 2024. Valid for: 3 months.

This is the only time elmouaten.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: au Jibun Bank (Financial)

Domain & IP information

	IP Address	AS Autonomous System
26	154.91.176.79 154.91.176.79	400619 (AROSS-AS) (AROSS-AS)
2	54.201.108.228 54.201.108.228	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:208... 2600:9000:208f:5000:10:3572:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.32.151.44 13.32.151.44	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:400d:c03::61	15169 (GOOGLE) (GOOGLE)
7	183.79.250.251 183.79.250.251	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
9	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:250... 2600:9000:2509:8000:18:15b9:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.220.141.110 23.220.141.110	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.220.140.31 23.220.140.31	16625 (AKAMAI-AS) (AKAMAI-AS)
4	157.240.229.1 157.240.229.1	32934 (FACEBOOK) (FACEBOOK)
1	18.160.10.33 18.160.10.33	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:27d... 2600:9000:27d1:2200:18:82c:9d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.47.29.181 23.47.29.181	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
6 22	173.194.68.157 173.194.68.157	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:400d:c1d::9b	15169 (GOOGLE) (GOOGLE)
2	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
2	57.181.202.230 57.181.202.230	16509 (AMAZON-02) (AMAZON-02)
15	209.85.201.155 209.85.201.155	15169 (GOOGLE) (GOOGLE)
8	209.85.201.97 209.85.201.97	15169 (GOOGLE) (GOOGLE)
3 6	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
6 22	173.194.68.106 173.194.68.106	15169 (GOOGLE) (GOOGLE)
22	209.85.232.94 209.85.232.94	15169 (GOOGLE) (GOOGLE)
4	183.79.255.28 183.79.255.28	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
6	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.69.71.194 52.69.71.194	16509 (AMAZON-02) (AMAZON-02)
1	43.206.243.253 43.206.243.253	16509 (AMAZON-02) (AMAZON-02)
6	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
184	30

26 154.91.176.79 (Hong Kong, Hong Kong)

ASN400619 (AROSS-AS, US)

elmouaten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.201.108.228 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-108-228.us-west-2.compute.amazonaws.com

seal.digicert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208f:5000:10:3572:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.151.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-44.iad66.r.cloudfront.net

p.fraud-alert.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c03::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 183.79.250.251 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

s.yimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apm.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2509:8000:18:15b9:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.141.110 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-141-110.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.220.140.31 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-140-31.deploy.static.akamaitechnologies.com

cdn.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i6.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-33.iad12.r.cloudfront.net

tk.csolution.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:27d1:2200:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

trj.valuecommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.29.181 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-29-181.deploy.static.akamaitechnologies.com

cdn.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.segreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 173.194.68.157 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: qr-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c1d::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.181.202.230 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-181-202-230.ap-northeast-1.compute.amazonaws.com

i.smartnews-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 209.85.201.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f155.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 209.85.201.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.31.155 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 173.194.68.106 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: qr-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 209.85.232.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 183.79.255.28 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

b99.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.69.71.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-71-194.ap-northeast-1.compute.amazonaws.com

a.imgvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.206.243.253 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-206-243-253.ap-northeast-1.compute.amazonaws.com

log-v4-insight.kaizenplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 td.doubleclick.net — Cisco Umbrella Rank: 192	38 KB
26	elmouaten.com elmouaten.com	2 MB
22	google.ca www.google.ca — Cisco Umbrella Rank: 12143	1 KB
22	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
16	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	1 MB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	7 KB
10	segreencolumn.com ob.segreencolumn.com — Cisco Umbrella Rank: 30124 obs.segreencolumn.com — Cisco Umbrella Rank: 24681	42 KB
9	yahoo.co.jp b99.yahoo.co.jp — Cisco Umbrella Rank: 25918 apm.yahoo.co.jp — Cisco Umbrella Rank: 19949	24 KB
9	bing.com bat.bing.com — Cisco Umbrella Rank: 348	17 KB
6	googleadservices.com 3 redirects www.googleadservices.com — Cisco Umbrella Rank: 89	8 KB
5	smartnews-ads.com cdn.smartnews-ads.com — Cisco Umbrella Rank: 76654 i.smartnews-ads.com — Cisco Umbrella Rank: 79589 i6.smartnews-ads.com — Cisco Umbrella Rank: 82414	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	78 KB
2	line.me tr.line.me — Cisco Umbrella Rank: 15973	850 B
2	kaizenplatform.net cdn.kaizenplatform.net — Cisco Umbrella Rank: 523912 log-v4-insight.kaizenplatform.net — Cisco Umbrella Rank: 431559	101 KB
2	yimg.jp s.yimg.jp — Cisco Umbrella Rank: 7512	11 KB
2	fraud-alert.net static.fraud-alert.net p.fraud-alert.net	21 KB
2	digicert.com seal.digicert.com — Cisco Umbrella Rank: 10638	8 KB
1	imgvc.com a.imgvc.com — Cisco Umbrella Rank: 235197	317 B
1	valuecommerce.com trj.valuecommerce.com — Cisco Umbrella Rank: 224359	5 KB
1	csolution.jp tk.csolution.jp	2 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 16514	10 KB
0	Failed function sub() { [native code] }. Failed
184	22

	Domain	Requested by
26	elmouaten.com	elmouaten.com
22	www.google.ca
22	www.google.com	6 redirects
22	googleads.g.doubleclick.net	6 redirects www.googletagmanager.com
19	td.doubleclick.net	www.googletagmanager.com
16	www.googletagmanager.com	elmouaten.com
12	www.facebook.com
9	obs.segreencolumn.com	ob.segreencolumn.com
9	bat.bing.com	elmouaten.com bat.bing.com
6	www.googleadservices.com	3 redirects www.googletagmanager.com
5	apm.yahoo.co.jp	s.yimg.jp
4	b99.yahoo.co.jp	s.yimg.jp
4	connect.facebook.net	elmouaten.com connect.facebook.net
2	i6.smartnews-ads.com
2	i.smartnews-ads.com
2	tr.line.me
2	s.yimg.jp	elmouaten.com ob.segreencolumn.com
2	seal.digicert.com	elmouaten.com
1	log-v4-insight.kaizenplatform.net	cdn.kaizenplatform.net
1	a.imgvc.com
1	cdn.kaizenplatform.net	elmouaten.com
1	trj.valuecommerce.com	elmouaten.com
1	tk.csolution.jp	elmouaten.com
1	cdn.smartnews-ads.com	elmouaten.com
1	d.line-scdn.net	elmouaten.com
1	ob.segreencolumn.com	elmouaten.com
1	p.fraud-alert.net	static.fraud-alert.net
1	static.fraud-alert.net	elmouaten.com
0	localhost Failed	elmouaten.com
184	29

This site contains links to these domains. Also see Links.

Domain
ib.jibunbank.co.jp
help.jibunbank.co.jp
www.jibunbank.co.jp

Subject Issuer	Validity	Valid
elmouaten.com R10	`2024-10-14` - `2025-01-12`	3 months	crt.sh
seal.digicert.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-01-30`	a year	crt.sh
*.fraud-alert.net Amazon RSA 2048 M02	`2024-09-13` - `2025-10-13`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2024-09-20` - `2025-10-19`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.segreencolumn.com Amazon RSA 2048 M03	`2024-06-18` - `2025-07-17`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2024-09-24` - `2025-09-23`	a year	crt.sh
*.smartnews-ads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-14` - `2025-02-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.csolution.jp Amazon RSA 2048 M03	`2024-09-25` - `2025-10-25`	a year	crt.sh
*.valuecommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-09` - `2025-10-10`	a year	crt.sh
*.kaizenplatform.net GeoTrust RSA CA 2018	`2024-03-04` - `2025-03-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2024-08-08` - `2025-09-09`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.ca WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
mscedge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-20` - `2024-12-19`	a year	crt.sh
*.googleadservices.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.imgvc.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-30` - `2025-10-31`	a year	crt.sh

This page contains 20 frames:

Frame: http://localhost/
Frame ID: 7D51B8BC73229E36A32119D81ED08A65
Requests: 163 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1728938225057&cv=11&fst=1728938225057&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 29C64FCAEEFDE7D6B6B6D0AF4E442180
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1728938225090&cv=11&fst=1728938225090&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: E7A9BA563C345DFE35F95864EB3D227D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1728938225172&cv=11&fst=1728938225172&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 11F562E592C54A28275AB489DA1C97C3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1728938225237&cv=11&fst=1728938225237&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: F35F5C5FD7C330D501C0948599265391
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1728938225312&cv=11&fst=1728938225312&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 34E6B60AF0F7482AAA46BBB9C99F9329
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1728938225370&cv=11&fst=1728938225370&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 0B615874B4971F921E5B3027258A42A4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709179453?random=1728938225429&cv=11&fst=1728938225429&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: C28BD970F3333B3A40766B8D5A7F78FB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/723623815?random=1728938225462&cv=11&fst=1728938225462&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: FE97BA64848DACE266DD41DEDF2E9D75
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/942787950?random=1728938225705&cv=11&fst=1728938225705&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1E80C4E441EAE7B96FC8933D5A021FB1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/709209482?random=1728938225785&cv=11&fst=1728938225785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 98DF7DE67DBCDB4C3FB74A8D8600E87E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721159065?random=1728938225861&cv=11&fst=1728938225861&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 35C53DBA96F1F22599AA1B03EB603281
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/612303449?random=1728938225922&cv=11&fst=1728938225922&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E340C1F96A5EE892CC72BD4194EA878A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721477044?random=1728938225972&cv=11&fst=1728938225972&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4076908D67E18C1CCBD76645B06C6076
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1728938226054&cv=11&fst=1728938226054&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 54E83B0B94CAF2C21053F19F7CBD2605
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721521220?random=1728938226094&cv=11&fst=1728938226094&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 64F9A31F31C435863E2FD9D11E370BD0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1728938226121&cv=11&fst=1728938226121&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 92F32E8A5457D87A972385F82578C4CE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/721484514?random=1728938226167&cv=11&fst=1728938226167&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 8609383F1C332C23ACD7320B442E39E7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1728938226196&cv=11&fst=1728938226196&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4EA636DC3E47D17B5F34EF2283A083A5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/856479406?random=1728938226240&cv=11&fst=1728938226240&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 82B2F4DF59DEC234C7EF9CBD2CF3687C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ログイン | ログイン | auじぶん銀行

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

184
Requests

95 %
HTTPS

28 %
IPv6

22
Domains

29
Subdomains

30
IPs

3
Countries

4302 kB
Transfer

7614 kB
Size

25
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://ib.jibunbank.co.jp/security/ap/manageloginpw/resetloginpw/resetloginpwidentificationinit
Title: ログインパスワードを忘れた・ロックしてしまったお客さま

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=999
Title: ログインできなくなりました。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=518
Title: ログインパスワードとは何ですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=536
Title: お客さま番号とログインパスワードを正しく入力しても、インターネットバンキングにログインできません。

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=528
Title: ログインパスワードを忘れてしまいました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://help.jibunbank.co.jp/faq_detail.html?id=599
Title: ログインパスワードを何度も間違えて、入力できなくなりました。どうすればいいですか？

Search URL Search Domain Scan URL

URL: https://www.jibunbank.co.jp/common/redirector.html?id=3484
Title: 全てを見る

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=IhMIwtaa5tyOiQMV0gRoCB33XTqMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=IhMIwtaa5tyOiQMV0gRoCB33XTqMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfEPLWFLEp7Nv7c-88sScB7PTqbmVNEEJvPo528HrX-K0rIWx2&random=2046133547 HTTP 302
https://www.google.ca/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=IhMIwtaa5tyOiQMV0gRoCB33XTqMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfEPLWFLEp7Nv7c-88sScB7PTqbmVNEEJvPo528HrX-K0rIWx2&random=2046133547&ipr=y

Request Chain 91

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMIr9Oa5tyOiQMVEWZHAR38hjl8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMIr9Oa5tyOiQMVEWZHAR38hjl8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfCCEva7WjgxT1BV4byPv4MvVQvsPH6Q8fshieQzlry8fl3ONl&random=506188883 HTTP 302
https://www.google.ca/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMIr9Oa5tyOiQMVEWZHAR38hjl8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfCCEva7WjgxT1BV4byPv4MvVQvsPH6Q8fshieQzlry8fl3ONl&random=506188883&ipr=y

Request Chain 92

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjNea5tyOiQMVjEhHAR0JBT2RMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjNea5tyOiQMVjEhHAR0JBT2RMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfILsNITN65RCNkxG7eD-ZcAg90xegxkTEDVnINoBg5_iUQueO&random=1270312600 HTTP 302
https://www.google.ca/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjNea5tyOiQMVjEhHAR0JBT2RMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfILsNITN65RCNkxG7eD-ZcAg90xegxkTEDVnINoBg5_iUQueO&random=1270312600&ipr=y

Request Chain 167

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI6Mq55tyOiQMV3FlHAR0V2ziQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTTVSTElGcDYyMm9vaWVJZ3oxcU1ycFFUTUY4RDNRVDBIMnRXcmw0eUMxQTR3R240VWZ1QQ HTTP 302
https://www.google.com/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI6Mq55tyOiQMV3FlHAR0V2ziQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTTVSTElGcDYyMm9vaWVJZ3oxcU1ycFFUTUY4RDNRVDBIMnRXcmw0eUMxQTR3R240VWZ1QQ&is_vtc=1&cid=CAQSKQDpaXnfa2zCMbfuvVg4R9SbN6KYUkq4fJt7Qiji-hS_9qe0Uar4mXvO&random=3585166316 HTTP 302
https://www.google.ca/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI6Mq55tyOiQMV3FlHAR0V2ziQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTTVSTElGcDYyMm9vaWVJZ3oxcU1ycFFUTUY4RDNRVDBIMnRXcmw0eUMxQTR3R240VWZ1QQ&is_vtc=1&cid=CAQSKQDpaXnfa2zCMbfuvVg4R9SbN6KYUkq4fJt7Qiji-hS_9qe0Uar4mXvO&random=3585166316&ipr=y

Request Chain 170

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-IO-5tyOiQMV4UZHAR3HiBCaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTmFtQ25fZ3dXOVZaamZCZlVLZGI0ZXBVSjB0VnBtM3I0ZDdaU2g1d2N1VHkxejFhc0FDUQ HTTP 302
https://www.google.com/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-IO-5tyOiQMV4UZHAR3HiBCaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTmFtQ25fZ3dXOVZaamZCZlVLZGI0ZXBVSjB0VnBtM3I0ZDdaU2g1d2N1VHkxejFhc0FDUQ&is_vtc=1&cid=CAQSKQDpaXnfUIj0odcpU3E2IZcW4Df0kLpVglELqtLBP34bUJ91fqLQq1dG&random=2478423326 HTTP 302
https://www.google.ca/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-IO-5tyOiQMV4UZHAR3HiBCaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTmFtQ25fZ3dXOVZaamZCZlVLZGI0ZXBVSjB0VnBtM3I0ZDdaU2g1d2N1VHkxejFhc0FDUQ&is_vtc=1&cid=CAQSKQDpaXnfUIj0odcpU3E2IZcW4Df0kLpVglELqtLBP34bUJ91fqLQq1dG&random=2478423326&ipr=y

Request Chain 173

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImNXC5tyOiQMV9lRHAR0rbgFVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTno2Mm9VWVRHSjRyWmJ1WE5zZHcyeFYxaU5xWHJKLWo5M3g3blFBbkRleURSQzRtUWY3QQ HTTP 302
https://www.google.com/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImNXC5tyOiQMV9lRHAR0rbgFVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTno2Mm9VWVRHSjRyWmJ1WE5zZHcyeFYxaU5xWHJKLWo5M3g3blFBbkRleURSQzRtUWY3QQ&is_vtc=1&cid=CAQSKQDpaXnfe0Al54qdRIG88ztaD50XrsDaXjQ8K0t6o1XwMegaq9u89XES&random=3115649018 HTTP 302
https://www.google.ca/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImNXC5tyOiQMV9lRHAR0rbgFVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTno2Mm9VWVRHSjRyWmJ1WE5zZHcyeFYxaU5xWHJKLWo5M3g3blFBbkRleURSQzRtUWY3QQ&is_vtc=1&cid=CAQSKQDpaXnfe0Al54qdRIG88ztaD50XrsDaXjQ8K0t6o1XwMegaq9u89XES&random=3115649018&ipr=y

184 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.jsp Show response
elmouaten.com/ap/ 19 KB
19 KB 1321ms
254ms Document
text/html 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 19673
content-type: text/html;charset=UTF-8
date: Mon, 14 Oct 2024 20:36:59 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 all.js Show response
elmouaten.com/ap/js/ 256 KB
257 KB 263ms
258ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/all.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"261634-1727680664000"
accept-ranges: bytes
content-length: 261634
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 app.js Show response
elmouaten.com/ap/js/ 190 KB
191 KB 263ms
258ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/app.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"194353-1727680664000"
accept-ranges: bytes
content-length: 194353
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 style.css
elmouaten.com/ap/style/css/ 516 KB
520 KB 259ms
255ms Stylesheet
text/css 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/style/css/style.css
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"528492-1727698150000"
accept-ranges: bytes
content-length: 528492
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Mon, 30 Sep 2024 12:09:10 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 common.js Show response
elmouaten.com/ap/js/ 4 KB
4 KB 260ms
256ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/common.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"4484-1727714620000"
accept-ranges: bytes
content-length: 4484
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Mon, 30 Sep 2024 16:43:40 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 extended_timeout.js Show response
elmouaten.com/ap/js/ 3 KB
3 KB 259ms
255ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/extended_timeout.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"3334-1727680664000"
accept-ranges: bytes
content-length: 3334
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 jquery-3.4.1.min.js Show response
elmouaten.com/ap/js/ 86 KB
87 KB 259ms
255ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/jquery-3.4.1.min.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"88145-1680887322000"
accept-ranges: bytes
content-length: 88145
date: Mon, 14 Oct 2024 20:36:59 GMT
last-modified: Fri, 07 Apr 2023 17:08:42 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 img_site-logo_pc.png
elmouaten.com/ap/style/img/ 2 KB
2 KB 664ms
661ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/img_site-logo_pc.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 2154
date: Mon, 14 Oct 2024 20:36:59 GMT
etag: W/"2154-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 img_site-logo_sp.png
elmouaten.com/ap/style/img/ 2 KB
2 KB 260ms
257ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/img_site-logo_sp.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 1829
date: Mon, 14 Oct 2024 20:36:59 GMT
etag: W/"1829-1727687748000"
last-modified: Mon, 30 Sep 2024 09:15:48 GMT
content-type: image/png
server: Apache

GET
H2 200 before_auth.css
elmouaten.com/ap/style/css/ 447 B
520 B 238ms
236ms Stylesheet
text/css 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/style/css/before_auth.css
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"447-1727680708000"
accept-ranges: bytes
content-length: 447
date: Mon, 14 Oct 2024 20:37:01 GMT
last-modified: Mon, 30 Sep 2024 07:18:28 GMT
content-type: text/css
server: Apache
vary: Accept-Encoding

GET
H2 200 question.svg
elmouaten.com/ap/style/img/ 717 B
824 B 237ms
236ms Image
image/svg+xml 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/question.svg
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 717
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"717-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 gtm.js Show response
elmouaten.com/ap/js/ 504 KB
507 KB 241ms
238ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"515639-1727680328000"
accept-ranges: bytes
content-length: 515639
date: Mon, 14 Oct 2024 20:37:01 GMT
last-modified: Mon, 30 Sep 2024 07:12:08 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK /
seal.digicert.com/seals/cascade/ 155 B
560 B 517ms
275ms Image
image/png 54.201.108.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.digicert.com/seals/cascade/?tag=BDWjGLpY&referer=ib.jibunbank.co.jp&format=png&lang=ja&seal_number=18&seal_size=s&an=min

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.201.108.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-108-228.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Strict-Transport-Security: max-age=31536000
cache-control: max-age=7776000
x-envoy-upstream-service-time: 24
Connection: keep-alive
X-Content-Type-Options: nosniff
expires: Sun, 12 Jan 2025 20:37:02 GMT
Content-Length: 155
Date: Mon, 14 Oct 2024 20:37:02 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
last-modified: Mon, 14 Oct 2024 20:37:01 GMT
Server: nginx

GET
H2 200 seal.min.js Show response
elmouaten.com/ap/js/ 8 KB
8 KB 241ms
238ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/seal.min.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"7741-1727688784000"
accept-ranges: bytes
content-length: 7741
date: Mon, 14 Oct 2024 20:37:01 GMT
last-modified: Mon, 30 Sep 2024 09:33:04 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 p_img04.png
elmouaten.com/ap/style/img/ 17 KB
17 KB 242ms
239ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img04.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 17497
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"17497-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img05.png
elmouaten.com/ap/style/img/ 18 KB
19 KB 2772ms
2770ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img05.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 18851
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"18851-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img06.png
elmouaten.com/ap/style/img/ 17 KB
17 KB 2769ms
2767ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img06.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 16987
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"16987-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 pc_cachcard_back.gif
elmouaten.com/ap/style/img/ 76 KB
77 KB 2769ms
2768ms Image
image/gif 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/pc_cachcard_back.gif
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 78211
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"78211-1727688220000"
last-modified: Mon, 30 Sep 2024 09:23:40 GMT
content-type: image/gif
server: Apache

GET
H2 200 fraudalert_form.js Show response
elmouaten.com/ap/js/ 950 B
1000 B 253ms
249ms Script
application/javascript 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/js/fraudalert_form.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

etag: W/"950-1727680664000"
accept-ranges: bytes
content-length: 950
date: Mon, 14 Oct 2024 20:37:01 GMT
last-modified: Mon, 30 Sep 2024 07:17:44 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

POST
H2 200 pageServlet Show response
elmouaten.com/ap/api/ 2 B
28 B 2772ms
2766ms XHR
text/html 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/api/pageServlet
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567

Request headers

Referer: https://elmouaten.com/ap/login.jsp
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: text/plain, */*; q=0.01
Content-Type: application/x-www-form-urlencoded

Response headers

content-length: 2
date: Mon, 14 Oct 2024 20:37:01 GMT
content-type: text/html;charset=UTF-8
server: Apache

GET
H2 200 NotoSansCJKjp-RegularSubset.woff
elmouaten.com/ap/style/font/ 397 KB
400 KB 2761ms
2760ms Font
font/woff 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/style/font/NotoSansCJKjp-RegularSubset.woff
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://elmouaten.com
Referer: https://elmouaten.com/ap/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406344
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"406344-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET
H2 200 question.svg
elmouaten.com/ap/style/img/ 717 B
0 1ms
1ms Image
image/svg+xml 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/question.svg
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 717
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"717-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

GET
H/1.1 200
OK seal.min.js Show response
seal.digicert.com/seals/cascade/ 8 KB
8 KB 393ms
212ms Script
text/javascript 54.201.108.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://seal.digicert.com/seals/cascade/seal.min.js

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.201.108.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-108-228.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Strict-Transport-Security: max-age=31536000
etag: "1e3d-623fd8823a780"
x-envoy-upstream-service-time: 1
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 7741
Date: Mon, 14 Oct 2024 20:37:02 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
last-modified: Tue, 08 Oct 2024 21:07:58 GMT
Server: nginx

GET
H2 200 p_img04.png
elmouaten.com/ap/style/img/ 17 KB
0 6ms
6ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img04.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 17497
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"17497-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img05.png
elmouaten.com/ap/style/img/ 18 KB
0 2538ms
2538ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img05.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 18851
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"18851-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 p_img06.png
elmouaten.com/ap/style/img/ 17 KB
0 2537ms
2536ms Image
image/png 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/p_img06.png
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/login.jsp

Response headers

accept-ranges: bytes
content-length: 16987
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"16987-1727689012000"
last-modified: Mon, 30 Sep 2024 09:36:52 GMT
content-type: image/png
server: Apache

GET
H2 200 NotoSansCJKjp-MediumSubset.woff
elmouaten.com/ap/style/font/ 397 KB
398 KB 2542ms
2542ms Font
font/woff 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://elmouaten.com/ap/style/font/NotoSansCJKjp-MediumSubset.woff
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://elmouaten.com
Referer: https://elmouaten.com/ap/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 406932
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"406932-1727681130000"
last-modified: Mon, 30 Sep 2024 07:25:30 GMT
content-type: font/woff
server: Apache

GET
H2 200 f.js Show response
static.fraud-alert.net/ 56 KB
20 KB 321ms
33ms Script
application/javascript 2600:9000:208f:5000:10:3572:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.fraud-alert.net/f.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/fraudalert_form.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:5000:10:3572:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

x-amz-cf-pop: IAD79-C3
content-encoding: gzip
etag: W/"f98f7793266711a8689fe211e9d65b52"
age: 41314
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: kaQxIreTtfg-07N1b7kVbrgVqkErPZmhvbW2ogYNjnI0RkIJYyivbw==
date: Mon, 14 Oct 2024 09:09:08 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Sun, 22 Oct 2023 12:05:34 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 arrow_gray.svg
elmouaten.com/ap/style/img/ 539 B
588 B 2541ms
2540ms Image
image/svg+xml 154.91.176.79
AROSS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elmouaten.com/ap/style/img/arrow_gray.svg
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/style/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.91.176.79 Hong Kong, Hong Kong, ASN400619 (AROSS-AS, US),
Reverse DNS
Software: Apache /
Resource Hash: 7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/ap/style/css/style.css

Response headers

accept-ranges: bytes
content-length: 539
date: Mon, 14 Oct 2024 20:37:01 GMT
etag: W/"539-1727688026000"
last-modified: Mon, 30 Sep 2024 09:20:26 GMT
content-type: image/svg+xml
server: Apache

POST
H2 200 accept Show response
p.fraud-alert.net/ 31 B
512 B 692ms
459ms XHR
text/plain 13.32.151.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.fraud-alert.net/accept
Requested by: Host: static.fraud-alert.net
URL: https://static.fraud-alert.net/f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.151.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-151-44.iad66.r.cloudfront.net
Software: /
Resource Hash: 444a8982521b912ce12a350c1047d1c2d6ef172d461ac88fe151cc46a19db4f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://elmouaten.com/

Response headers

access-control-allow-credentials: true
via: 1.1 8a39851a9fdfa096ba6f1e618ed88f40.cloudfront.net (CloudFront)
access-control-allow-origin: https://elmouaten.com
x-cache: Miss from cloudfront
content-length: 31
x-amz-cf-id: OF07O4rktloaYbkuqVOG1u2xyqE-EzxT_P685jCluEjByYfqETIf-Q==
date: Mon, 14 Oct 2024 20:37:02 GMT
x-amz-cf-pop: IAD66-C2

GET /
localhost/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 159ms
45ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-14077821&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1bcca44433c4d21658a73858e9ba081c05d04a068d5be2d15219000cea7a956e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81514
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
11 KB 692ms
207ms Script
application/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 351
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10561
date: Mon, 14 Oct 2024 20:31:14 GMT
last-modified: Tue, 01 Oct 2024 08:29:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nghttpx
x-ntap-sg-trace-id: ed328c43e11e5da

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 302ms
192ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

616ce066c628baf01694f23441be25e45934192b66b5867fafa4c096dc39f9bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92263
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 310ms
200ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb123687ae55507f9ebdf405b392a6b2788bb52271387d648d5c7eeea1972e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90222
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 194ms
53ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "01973e1111cdb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94F501480C5C48F2BACF8A0D1BC80889 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:04Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14538
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 19:15:06 GMT
vary: Accept-Encoding

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 270ms
162ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b47d89b17729d4c7627ff27799f43dec314c28768c65b7c9d9cb260f95b5016

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90196
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 289ms
183ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f36e8f9d137877baf01230cc296c414d7e3229d4626194b85cadb306dc207ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90210
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 231ms
125ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b46106641bbc5417ab9cc469adc988ed245ffc4c115b58e801bdead4bcabce9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90235
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
90 KB 140ms
138ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709179453

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0b8a1de08cf26941fab8dd8ac15896ab763bda57347eaf77690ec02a7700101

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92293
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 132ms
130ms Script
application/javascript 2607:f8b0:400d:c03::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-723623815

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c03::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2db115c506ff6b2ad1664e57dc254cb6c5ed778b614b95c0142519eef251088a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87231
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.js Show response
ob.segreencolumn.com/i/ 108 KB
40 KB 155ms
33ms Script
text/javascript 2600:9000:2509:8000:18:15b9:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2509:8000:18:15b9:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 48dea352eea86f6910d83b4313f1b4727c92de063eb3daa842c394f16c7a33f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "1af88-hfQT3Ht2BRxVCDvJXVQDnp5tufM"
age: 992
via: 1.1 2bd6353c0a987182c26c3a5219b81cee.cloudfront.net (CloudFront)
expires: Tue, 15 Oct 2024 08:20:32 GMT
x-cache: Hit from cloudfront
content-length: 40391
x-amz-cf-id: tnuGW9X7qntZcHCisIUdkKkqbhIF9apWTKL9B2qEv1KE6LN2sk2U7A==
date: Mon, 14 Oct 2024 20:21:08 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Caddy
x-amz-cf-pop: IAD12-P2

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 285ms
30ms Script
application/javascript 23.220.141.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.220.141.110 Ashburn, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-220-141-110.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: gzip
x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
expires: Tue, 29 Oct 2024 22:01:39 GMT
x-rgw-object-type: Normal
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cache-control: max-age=1301075
x-amz-request-id: tx0000063917f0b3c13088d-00651a6066-14071e65-jp2
accept-ranges: bytes
content-length: 9865
server: VOS

GET
H2 200 pixel.js Show response
cdn.smartnews-ads.com/i/ 5 KB
2 KB 180ms
31ms Script
application/javascript 23.220.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartnews-ads.com/i/pixel.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.140.31 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-140-31.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: max-age=182
content-encoding: gzip
x-amz-meta-version: 8.4.6
etag: "709c82eb76cb41d00bb431534c33b6ff"
x-amz-version-id: U_040zL3HHLQ_Xb5czsQ1qGGPFoW.rFj
expires: Mon, 14 Oct 2024 20:40:06 GMT
accept-ranges: bytes
content-length: 1922
date: Mon, 14 Oct 2024 20:37:04 GMT
last-modified: Mon, 21 Nov 2022 09:11:10 GMT
content-type: application/javascript
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 71ms
37ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/login.jsp

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4426, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: XaqkY6e9k21OlHkx+EK9HbnpFmyZDp33LrkWX3K/pnl5mQA2bWX+vUiXR/dkW7kmhO3oSTv8fJ9kr602BdK5dw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 adme_tk.neo Show response
tk.csolution.jp/ 1 KB
2 KB 982ms
630ms Script
binary/octet-stream 18.160.10.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tk.csolution.jp/adme_tk.neo
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.10.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-10-33.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

etag: "01b42b52842905b667f426f1145dfab9"
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 1231
x-amz-cf-id: c8jUWnrk46TMWo1m85zym_eZv206o9317MpSn6JxwZxqYQl5sjnEew==
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 14 Jan 2020 06:27:43 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P3

GET
H2 200 vclp.js Show response
trj.valuecommerce.com/ 4 KB
5 KB 149ms
30ms Script
application/javascript 2600:9000:27d1:2200:18:82c:9d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trj.valuecommerce.com/vclp.js
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:27d1:2200:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type, Content-Range, x-goog-resumable
x-goog-hash: crc32c=OgAn0A==, md5=kCQf0OwmWvrHxLOR4fgqqw==
etag: "90241fd0ec265afac7c4b391e1f82aab"
age: 50
x-goog-stored-content-encoding: identity
expires: Mon, 14 Oct 2024 20:41:15 GMT
x-goog-stored-content-length: 3874
x-cache: Hit from cloudfront
x-amz-cf-id: pKPFdm8ZBCISpaKuc0YSrYuTDjI-pyhQcrrvX9lbtGGaE2z_eqHAoQ==
date: Mon, 14 Oct 2024 20:36:15 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 07:06:52 GMT
vary: Accept-Encoding
x-guploader-uploadid: AD-8ljs5_3aaGBWy-gMZrPWki0tWI5XaxvWgYjrfbEoZsavoWuOFy_y5HTBiL5NE6_juJyXDs1MQWMoHTg
cache-control: max-age=300
x-goog-storage-class: REGIONAL
via: 1.1 5b0b018dc5d72a42f205b24b17f4f56e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1642403212642544
content-length: 3874
x-amz-cf-pop: IAD55-P8
server: UploadServer

GET
H2 200 8c9dd94c00f839.js Show response
cdn.kaizenplatform.net/s/df/ 317 KB
101 KB 611ms
363ms Script
application/javascript 23.47.29.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Requested by: Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.29.181 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-29-181.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c2ab3622cbd9d4084fea689b66c0fdde34d148dc7fb413a4d1d02cd37ab7c0ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: "a36f0b4887663d8ab54559ffe8291e0a"
x-amz-version-id: null
access-control-allow-methods: GET
date: Mon, 14 Oct 2024 20:37:05 GMT
last-modified: Wed, 09 Oct 2024 04:43:49 GMT
vary: Accept-Encoding
content-type: application/javascript
x-amz-id-2: tfFapKrzjvT78Lv4uy6j3RiTbGEscc0ORPSqRLoBh7yi3iyy/fHiayWXIiKw5mL6ozqjRI1e7do=
cache-control: max-age=300
x-amz-request-id: GRH947ADBCFHJW77
accept-ranges: bytes
access-control-allow-origin: *
content-length: 102758
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ad1f1040ad9ca638cc6ee793ef48a4f6.html
obs.segreencolumn.com/ns/ 0
162 B 186ms
59ms Image
text/html 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/ns/ad1f1040ad9ca638cc6ee793ef48a4f6.html?ch=cheq4ppc&gtmcb=1581510710
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 14 Oct 2024 20:37:05 GMT
pragma: no-cache
content-type: text/html
cross-origin-resource-policy: cross-origin

GET
H2 200 97022402.js Show response
bat.bing.com/p/action/ 370 B
425 B 47ms
47ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97022402.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A7ED35872E19475785CBB847DDE25563 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:04Z
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97114338.js Show response
bat.bing.com/p/action/ 370 B
395 B 47ms
45ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97114338.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2AE8B5E2FEAB40A397DC76E5037D1474 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:04Z
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050327.js Show response
bat.bing.com/p/action/ 370 B
394 B 49ms
48ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050327.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 148A088732C64E2581C33EF84E164DBC Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:04Z
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 97050325.js Show response
bat.bing.com/p/action/ 370 B
395 B 50ms
49ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/97050325.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4C7F763EBFF54B6FAF3482888E749193 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:04Z
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 ct Show response
obs.segreencolumn.com/ 4 KB
2 KB 75ms
58ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/ct?id=46070&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1728938225014&hl=2&op=0&ag=566412661&rand=8486572686188692201862015211107024725937099868849228715776612396151981105726101511160&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDc2NDVdLFsiYWJuY2giLDI5XSxbLTIsIjksZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwSXNnSUlqU1ErOGlLZ3FJMG9zSUFpcEZFRVFSSWtVZ2RFUVFwVW9KU0F0Q0FxU0g5R3l5N1pXWitlci9kK2U5MmJ3c0NTRC8xZSJdLFstMTYsIjAiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy01MiwiLSJdLFstNTgsIi0iXSxbLTY5LCJMaW51eCB4ODZfNjR8R29vZ2xlIEluYy58OHwxNnx8MCJdLFstOSwiKyJdLFstMTMsIi0iXSxbLTE3LCIxNiJdLFstMzgsImMsLTEsLTEsMCwwLDEsMCw1OTEsNDc1LDQ4NSwtMSwwLDM4NjAuMywzODYwLjMsNjk3MSw2OTcxIl0sWzEyLCJ7XCJjdHhcIjpcIndlYmdsXCIsXCJ2XCI6XCJpbnRlbCBpbmMuXCIsXCJyXCI6XCJpbnRlbCBpcmlzIG9wZW5nbCBlbmdpbmVcIixcInNsdlwiOlwid2ViZ2wgZ2xzbCBlcyAxLjAgKG9wZW5nbCBlcyBnbHNsIGVzIDEuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDEuMCAob3BlbmdsIGVzIDIuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6MTEsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTgsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTIzLCIrIl0sWy0zMiwiMiJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEwIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstNDUsIjYyMCw2NzcsMCwwLDAsNTYyLDAsMCw2NDgsMCwwLDAsMCwwLDAsMCwwLDAsMCw2ODQsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ5LCItIl0sWy01MSwiLSJdLFstMTksIlszMCwzMCwzMCwzMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy00NCwiMCwwLDAsNSJdLFstNjcsIjI1MzIzMTI4ODg6MjgiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTI1LCItIl0sWy03MSwiYTAxMTAwMTAxMDAxMDAxMDEwMDAxMDEwMDExMTExMDEwMDAwMTAiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0xMCwiLSJdLFstMjAsIi0iXSxbLTIxLCItIl0sWy0zMywiLSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTUzLCIxMDAiXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3BhY2tlZF80eDhfaW50ZWdlcl9kb3RfcHJvZHVjdDt1bnJlc3RyaWN0ZWRfcG9pbnRlcl9wYXJhbWV0ZXJzO3BvaW50ZXJfY29tcG9zaXRlX2FjY2VzcztyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstNjYsImdlb2xvY2F0aW9uLGNodWFmdWxsdmVyc2lvbmxpc3QsY3Jvc3NvcmlnaW5pc29sYXRlZCxzY3JlZW53YWtlbG9jayxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxzaGFyZWRzdG9yYWdlc2VsZWN0dXJsLGNodWFhcmNoLGNvbXB1dGVwcmVzc3VyZSxjaHByZWZlcnNyZWR1Y2VkdHJhbnNwYXJlbmN5LHVzYixjaHNhdmVkYXRhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLHNoYXJlZHN0b3JhZ2UscnVuYWRhdWN0aW9uLGNodWFmb3JtZmFjdG9ycyxjaGRvd25saW5rLG90cGNyZWRlbnRpYWxzLHBheW1lbnQsY2h1YSxjaHVhbW9kZWwsY2hlY3QsYXV0b3BsYXksY2FtZXJhLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsYWNjZWxlcm9tZXRlcixjaHVhcGxhdGZvcm12ZXJzaW9uLGlkbGVkZXRlY3Rpb24scHJpdmF0ZWFnZ3JlZ2F0aW9uLGludGVyZXN0Y29ob3J0LGNodmlld3BvcnRoZWlnaHQsbG9jYWxmb250cyxjaHVhcGxhdGZvcm0sbWlkaSxjaHVhZnVsbHZlcnNpb24seHJzcGF0aWFsdHJhY2tpbmcsY2xpcGJvYXJkcmVhZCxnYW1lcGFkLGRpc3BsYXljYXB0dXJlLGtleWJvYXJkbWFwLGpvaW5hZGludGVyZXN0Z3JvdXAsY2h3aWR0aCxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLGJyb3dzaW5ndG9waWNzLGVuY3J5cHRlZG1lZGlhLGd5cm9zY29wZSxzZXJpYWwsY2hydHQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LHVubG9hZCxjaGRwcixjaHByZWZlcnNjb2xvcnNjaGVtZSxjaHVhd293NjQsYXR0cmlidXRpb25yZXBvcnRpbmcsZnVsbHNjcmVlbixpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixoaWQsY2h1YWJpdG5lc3Msc3RvcmFnZWFjY2VzcyxzeW5jeGhyLGNoZGV2aWNlbWVtb3J5LGNodmlld3BvcnR3aWR0aCxwaWN0dXJlaW5waWN0dXJlLG1hZ25ldG9tZXRlcixjbGlwYm9hcmR3cml0ZSxtaWNyb3Bob25lIl0sWy00LCItIl0sWy00NiwiMCJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy02MCwyMDddLFstNjIsIjgwIl0sWy02MywiMCJdLFstNjUsIi0iXSxbLTY4LCItIl0sWy0xLCItIl0sWy0xMiwibnVsbCJdLFstMjYsIntcInRqaHNcIjoxNjg1MDg0NSxcInVqaHNcIjoxMTA0MTc1MyxcImpoc2xcIjo0Mjk0NzA1MTUyfSJdLFstMzEsImZhbHNlIl0sWy00MSwiLSJdLFstNDgsIjAsMCJdLFstNTAsIi0iXSxbLTU5LCJkZWZhdWx0Il0sWy03MCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzUsIlsxNzI4OTM4MjI0OTk5LDddIl0sWy00MCwiMzMiXSxbLTQ3LCJBbWVyaWNhL1ZhbmNvdXZlcixlbi1HQixsYXRuLGdyZWdvcnkiXSxbLTU1LCIxIl0sWyJibmNoIiwxODddLFstMjQsIltdIl0sWy0yNywiWzUwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0zNCwiLSJdLFstNTQsIntcImhcIjpbXSxcImRcIjpbXSxcImJcIjpbXCJfMVwiLFwiMjU4Njc4Njk2MVwiXSxcInNcIjoxfSJdLFstNTcsIldFMFpWMXhPY1ZoWFhWVmNTeGNGV2xaVVNVeE5YRjBIR1dKWVNobFlTVWxWUUdRWkVWeFBXRlVaV0UwWkJWaFhWbGRBVkZaTVNnY1pFUU1PQXdnTUNRb0pBUkFWR1FWWVYxWlhRRlJXVEVvSEF3Z0JBd29KRUJWWVRSbDRTMHRZUUJkS1hCa1JVVTFOU1VvREZoWldXeGRLWEY1TFhGeFhXbFpWVEZSWEYxcFdWQlpRRmxoZENGOElDUTBKV0YwQVdsZ1BDZ0ZhV2c5Y1hBNEFDbHhmRFFGWURWOFBGMU5LQXdnRER3RUlDZ2tRRlZoTkdVc1pFVkZOVFVsS0F4WVdWbHNYU2x4ZVMxeGNWMXBXVlV4VVZ4ZGFWbFFXVUJaWVhRaGZDQWtOQ1ZoZEFGcFlEd29CV2xvUFhGd09BQXBjWHcwQldBMWZEeGRUU2dNSUF3NExEZz09Il0sWyJkZGIiLCIwLDEwLDAsMCwwLDIsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDEsMSwwLDEsMCwxLDEsMSwyLDE3LDAsMTEsMCwxLDAsMCwwLDAsMCwwLDAsMSw0LDAsMTIsMCwwLDEsMCwwLDAsMjksMCwxLDEsMSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCw0LDAsMCwxNCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=w2I7ORCxAO&pto=7114&ver=62&gac=-&mei=&ap=&fe=1&duid=1.1728938225.WulxtYOBRNborDfC&suid=1.1728938225.MoWeEXEQ7Id4Zg7j&tuid=1.1728938225.MCWuqxVVDM2y8NGA&fbc=-&gtm=W10%3D&it=40%2C6721%2C191&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=aGA2Og%3D%3D
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 65728cc5e44929ba52ef371102b2e3e171db9d42d96fe7c70915cd06eb2ac7f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://elmouaten.com
content-encoding: gzip
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 1686
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 129ms
52ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1728938225057&cv=11&fst=1728938225057&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

7250ca16a189f7d79bec5408af4fee5df86e5046b1d96ad5908450f2b56858d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2351
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame 29C6 0
0 172ms
62ms Document
text/html 2607:f8b0:400d:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1728938225057&cv=11&fst=1728938225057&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 5 KB
2 KB 97ms
49ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1728938225090&cv=11&fst=1728938225090&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

526193dec6d30cdda19950c705e4a6912a7f8effa55d3312d218d3acf18d8b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2352
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721484514
td.doubleclick.net/td/rul/ Frame E7A9 0
0 155ms
49ms Document
text/html 2607:f8b0:400d:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1728938225090&cv=11&fst=1728938225090&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 0
bat.bing.com/action/ 0
360 B 47ms
47ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97022402&Ver=2&mid=b3ccf77d-441f-475b-be38-9443ee29f910&bo=1&sid=12f5bc508a6c11ef8ce4374004a25d5b&vid=12f66d208a6c11ef9be9c34e8486c68f&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&r=&lt=4108&evt=pageLoad&sv=1&cdb=AQAQ&rn=88249

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A3E93B738F34A7C890F5B377CEF6164 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 108ms
108ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97114338&tm=gtm002&Ver=2&mid=35e3ff1f-1ea5-4b11-81e9-e456990efa73&bo=1&sid=12f5bc508a6c11ef8ce4374004a25d5b&vid=12f66d208a6c11ef9be9c34e8486c68f&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&r=&lt=4108&evt=pageLoad&sv=1&cdb=AQAQ&rn=888726

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9DC5B1A57D4548409680C1568A242C7D Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 107ms
107ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050327&tm=gtm002&Ver=2&mid=16ab578f-6706-4842-b1d7-d05deda641fe&bo=1&sid=12f5bc508a6c11ef8ce4374004a25d5b&vid=12f66d208a6c11ef9be9c34e8486c68f&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&r=&lt=4108&evt=pageLoad&sv=1&cdb=AQAQ&rn=953374

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FEAE411272CE4DA2807D8C8F50086337 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT

GET
H2 204 0
bat.bing.com/action/ 0
231 B 104ms
104ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=97050325&tm=gtm002&Ver=2&mid=e5775d1b-0090-4705-9056-00c797687e8a&bo=1&sid=12f5bc508a6c11ef8ce4374004a25d5b&vid=12f66d208a6c11ef9be9c34e8486c68f&vids=0&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&p=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&r=&lt=4108&evt=pageLoad&sv=1&cdb=AQAQ&rn=218721

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 27511C05D1544F29A6680CEC8BFE2D52 Ref B: YMQ01EDGE0314 Ref C: 2024-10-14T20:37:05Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 14 Oct 2024 20:37:04 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 612ms
186ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=ba6f0aba-cfd1-4e93-8398-27fc57112842&b_u=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&b_d=elmouaten.com&b_p=%2Fap%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=abc7e14b-e97c-4e6b-bf23-f49c61bb0e21&s_id=6867ac51-c5bf64dd&x4=100&e=pv&v=3.4.1&_t=1728938225126
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Mon, 14 Oct 2024 20:37:05 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 611ms
186ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=ba6f0aba-cfd1-4e93-8398-27fc57112842&b_u=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&b_d=elmouaten.com&b_p=%2Fap%2Flogin.jsp&b_t=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&c_t=lap&t_id=9dd1ca22-3499-4044-8a02-0c2d3241b696&s_id=6867ac51-c5bf64dd&x4=400&e=pv&v=3.4.1&_t=1728938225129
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Cache-Control: private, no-store, no-cache, must-revalidate
Content-Length: 43
Date: Mon, 14 Oct 2024 20:37:05 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 594307549455110 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 102ms
102ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/594307549455110?v=2.9.170&r=stable&domain=elmouaten.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

86342493a9368b0beb087f9c364864423c86de13d68145f6df7f34cb126e36c9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=75, mss=1232, tbw=68438, tp=64, tpl=0, uplat=56, ullat=0
pragma: public
x-fb-debug: iDBdBLZcp/0TTrecvlcxGAKP6ruAFhOoOE31sPgthxzbe5ixQOpdkdzsGGSObHYHliN/NXXfohhd6LvCPcIRog==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 p
i.smartnews-ads.com/ 2 B
640 B 847ms
251ms Image
text/plain 57.181.202.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=d650045319e0726eca67e9c1&t=1728938225&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=00fb1179-1a89-4550-b4c8-6af30850cb75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 57.181.202.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-57-181-202-230.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H2 200 smallest.png
i6.smartnews-ads.com/ 95 B
327 B 152ms
35ms Image
image/png 23.220.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=d650045319e0726eca67e9c1&t=1728938225&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=00fb1179-1a89-4550-b4c8-6af30850cb75
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.140.31 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-140-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

etag: "71a50dbba44c78128b221b7df7bb51f1"
x-amz-request-id: C164RKVHRFKEA8TF
accept-ranges: bytes
content-length: 95
date: Mon, 14 Oct 2024 20:37:05 GMT
last-modified: Wed, 09 Feb 2022 07:40:21 GMT
content-type: image/png
server: AmazonS3
x-amz-id-2: P6nWmobbX6o58tKM/v/gsnLDFFXKg1kk/Mj34CqUgo/vgjnZUcrlbBo7x2K8XPJDyI3M88tpWHE=

GET
H2 200 p
i.smartnews-ads.com/ 2 B
640 B 845ms
252ms Image
text/plain 57.181.202.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.smartnews-ads.com/p?id=20e53d0c41d51e3a8a128563&t=1728938225&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=00fb1179-1a89-4550-b4c8-6af30850cb75
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 57.181.202.230 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-57-181-202-230.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/plain; charset=utf-8
content-length: 2

GET
H2 200 smallest.png
i6.smartnews-ads.com/ 95 B
327 B 108ms
33ms Image
image/png 23.220.140.31
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i6.smartnews-ads.com/smallest.png?id=20e53d0c41d51e3a8a128563&t=1728938225&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&referrer=&e=PageView&v=1.0.0&exid=00fb1179-1a89-4550-b4c8-6af30850cb75
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.220.140.31 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-140-31.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

etag: "71a50dbba44c78128b221b7df7bb51f1"
x-amz-request-id: C164RKVHRFKEA8TF
accept-ranges: bytes
content-length: 95
date: Mon, 14 Oct 2024 20:37:05 GMT
last-modified: Wed, 09 Feb 2022 07:40:21 GMT
content-type: image/png
server: AmazonS3
x-amz-id-2: P6nWmobbX6o58tKM/v/gsnLDFFXKg1kk/Mj34CqUgo/vgjnZUcrlbBo7x2K8XPJDyI3M88tpWHE=

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 5 KB
2 KB 74ms
73ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1728938225172&cv=11&fst=1728938225172&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

3d5954bff7febbab334e9d2c6f35a19732c014faf4904ec799bc24b73e1d9c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2379
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 856479406
td.doubleclick.net/td/rul/ Frame 11F5 0
0 58ms
54ms Document
text/html 2607:f8b0:400d:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1728938225172&cv=11&fst=1728938225172&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 5 KB
2 KB 70ms
51ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1728938225237&cv=11&fst=1728938225237&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

02d7fb60c7ae18d482de1e63da9a6e0f27c984917820e0f4dba6e815270dc674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2378
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 721521220
td.doubleclick.net/td/rul/ Frame F35F 0
0 54ms
51ms Document
text/html 2607:f8b0:400d:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1728938225237&cv=11&fst=1728938225237&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 60ms
59ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1728938225312&cv=11&fst=1728938225312&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

d545171c9602e62fd1729ac8edac04cca1059fc661aeebdde57f7e3d228264f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2378
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709179453
td.doubleclick.net/td/rul/ Frame 34E6 0
0 56ms
54ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1728938225312&cv=11&fst=1728938225312&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-709179453&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 5 KB
2 KB 52ms
51ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1728938225370&cv=11&fst=1728938225370&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

98fb1ab56abd6b1f7cc13d3f418b6352f27c96a54415fdb43d032db21a043af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2377
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721159065
td.doubleclick.net/td/rul/ Frame 0B61 0
0 52ms
50ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1728938225370&cv=11&fst=1728938225370&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/ 5 KB
2 KB 63ms
63ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709179453/?random=1728938225429&cv=11&fst=1728938225429&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

d4e5f00be808b9eb67f7131be7dee1c816bb51d6170e0e7a4d855ef98a581e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2375
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709179453
td.doubleclick.net/td/rul/ Frame C28B 0
0 55ms
54ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709179453?random=1728938225429&cv=11&fst=1728938225429&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709179453

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 51ms
51ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ce33205aef6fa450f17fe68161ede7cbec9b46a7ef19c419ba8b178addfc87c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87174
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 56ms
56ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

b29584f8487c7cf418ff25c79627e0ed0edc07d9df1c1c0676ad7226a1f25277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87146
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 81ms
81ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

d841d98c39d94bdc0f09612199aa22459c0008606d8951f656377b17873a8646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87143
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 68ms
68ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1ad24f584f6f1488488aa7469a31543d485bd1603b0dae3e0f00ddfaf25369e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90130
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/ 5 KB
2 KB 52ms
52ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/723623815/?random=1728938225462&cv=11&fst=1728938225462&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

f9bd81a3980bc282502be4bd1a05c54457113fb6097e35d3b894d8809da89ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2372
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 723623815
td.doubleclick.net/td/rul/ Frame FE97 0
0 51ms
49ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/723623815?random=1728938225462&cv=11&fst=1728938225462&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-723623815

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
85 KB 87ms
81ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

bd945a27445a6b98a1dec3e984579aae4f3254698809d91f87227ddb6bb5f328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 87144
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ytag.js Show response
s.yimg.jp/images/listing/tool/cv/ 32 KB
0 0ms
0ms Script
application/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software: nghttpx /
Resource Hash: 0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age: 351
ats-carp-promotion: 1
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length: 10561
date: Mon, 14 Oct 2024 20:31:14 GMT
last-modified: Tue, 01 Oct 2024 08:29:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: nghttpx
x-ntap-sg-trace-id: ed328c43e11e5da

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 79ms
78ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

cc568cd093d779c3c482e7ad8a96eaa22bb36e20c1bb6c5e6e8dc30dc2aeecf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90166
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 80ms
79ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

631ab19460e9157982b8cf3b6304f5779d0db521d644627731465d4f4757a362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90251
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
88 KB 93ms
93ms Script
application/javascript 209.85.201.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Requested by

Host: elmouaten.com
URL: https://elmouaten.com/ap/js/gtm.js?id=GTM-T4FSCDF

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

8b7d63711c694ef0e82f16ac93562cc150e1a97a7f1b3cdb8c5be33bb5840443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 14 Oct 2024 20:37:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 14 Oct 2024 19:43:15 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 90195
x-xss-protection: 0
server: Google Tag Manager

GET 3b2916b1-afd6-48aa-9351-29b649ac6bd9
https://elmouaten.com/ Frame 0
0

GET
H3

200

/
www.google.ca/pagead/1p-conversion/721484514/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWx...
https://www.google.com/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd...
https://www.google.ca/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=...

42 B
64 B

48ms
45ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=IhMIwtaa5tyOiQMV0gRoCB33XTqMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfEPLWFLEp7Nv7c-88sScB7PTqbmVNEEJvPo528HrX-K0rIWx2&random=2046133547&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/721484514/?label=0jVCCJHEvfQYEOL1g9gC&guid=ON&script=0&ct_cookie_present=false&random=168804581&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCMPJsQI&pscrd=IhMIwtaa5tyOiQMV0gRoCB33XTqMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfEPLWFLEp7Nv7c-88sScB7PTqbmVNEEJvPo528HrX-K0rIWx2&random=2046133547&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/721521220/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscr...
https://www.google.ca/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd...

42 B
64 B

51ms
48ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMIr9Oa5tyOiQMVEWZHAR38hjl8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfCCEva7WjgxT1BV4byPv4MvVQvsPH6Q8fshieQzlry8fl3ONl&random=506188883&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/721521220/?label=3O7KCKLnu_QYEMSUhtgC&guid=ON&script=0&ct_cookie_present=false&random=1961941230&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOrGsQI&pscrd=IhMIr9Oa5tyOiQMVEWZHAR38hjl8MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfCCEva7WjgxT1BV4byPv4MvVQvsPH6Q8fshieQzlry8fl3ONl&random=506188883&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/856479406/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisW...
https://www.google.com/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIj...
https://www.google.ca/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjN...

42 B
64 B

49ms
46ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjNea5tyOiQMVjEhHAR0JBT2RMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfILsNITN65RCNkxG7eD-ZcAg90xegxkTEDVnINoBg5_iUQueO&random=1270312600&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/856479406/?label=zO1iCLGLvvQYEK6ts5gD&guid=ON&script=0&ct_cookie_present=false&random=1641247181&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybEC&pscrd=IhMIjNea5tyOiQMVjEhHAR0JBT2RMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20v&is_vtc=1&cid=CAQSKQDpaXnfILsNITN65RCNkxG7eD-ZcAg90xegxkTEDVnINoBg5_iUQueO&random=1270312600&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 tc_imp.gif
obs.segreencolumn.com/tracker/ 43 B
79 B 42ms
38ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.segreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268e6ce36e24588989225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5a178d6a2717071a10acf9f29f671b8686da052b6c13aa717104846f8a61c1556507779a54560a63010dc1b63d4777be26bb25cb43e2913df05565a90e2d7a1bda53ea46f490dfd93abb2807ff7ecaa8556d8e0e3143714493d60264fd60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7278ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82dfe56cc13a5bd5fe9d7d1e1ef1306ba8991c30e7dca8748803a943e3d61b901dd9d36d9a6d279c9827da6d92cefab6cdb3f11338ae6bf2fbb9234e2be98f3ecff113f710181f8402079a819185cff1803bc466d88fa7c836ae7a7c74dc2b65d484964d36dde433f350b6c803d676ef25026a778c78ff0d9c9ffd31f8903b8744b4c19ccb608a5e547dfa4e540b3e093087ad69f41d94cd8d23b6c877ef916c94c2e5fd6984b5e4496d7384a90604d7f7471a07f7cdec3ff164de9308fdea3caf6ebc23c301a7488efd62836373f6a4807b2d2372417619567ca9e28570d100b1594f4329f8b453de98180cfda4debabc6cc4f1e5fc86f8a8ed4a4f3cf8479ab7596e8042791ad763597770f567b27511c1f7dc608d69cb388aa82ed1a50b997a623d3256394ac8d2eec93d65549d1a4d9cd0d1b9b2cf4d62dbecf539ffb00119a6804d7e1dafe2cb4a33f462dc0b8d10f13e8513dcca1bf1b93ae0998dcce51805ba955316e371dfd9b4c1419b36260a17d02d1a04a3a94d8ef215cd9b93c157c5858536104a34d978ea4dcc33c6fc6bdf3a3d563028616da31ad893393ed473d2e5b16ccbc54d906627fe552d50c0bb804e03b12f97db4783586f1240bd273ed6fa957ac1543d939901e1828ced8a43c64f157f40b0652f519f99104efa61a5eccb2d93c1b34d0e2db060211416905403b3dbfc1212936b6dc1c8c4128bc6b0cf4530e366ee156057d05c723cc7da054789d1e5caf0eb50987ad4328a769ad65c93fff27d66b3c5158f&cri=w2I7ORCxAO&ts=506&cb=1728938225520
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 14 Oct 2024 20:37:05 GMT
pragma: no-cache
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 148ms
65ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1728938225090&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf91ZmIswUqVtn7pdI3qAIDaGZBv8uSg&random=3424543794&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721484514/ 42 B
64 B 129ms
48ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721484514/?random=1728938225090&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf91ZmIswUqVtn7pdI3qAIDaGZBv8uSg&random=3424543794&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 53ms
50ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1728938225057&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfEnGWCQRZYZ9qDCDGPFLAec59oTsZfw&random=1323618494&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721484514/ 42 B
64 B 52ms
50ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721484514/?random=1728938225057&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfEnGWCQRZYZ9qDCDGPFLAec59oTsZfw&random=1323618494&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET 5a5d828f-7c0a-4f6a-97ec-c0c2d070a7de
https://elmouaten.com/ Frame 0
0

GET
H/1.1 200
OK conversion_async.js Show response
b99.yahoo.co.jp/pagead/ 56 KB
22 KB 1042ms
272ms Script
text/javascript 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://b99.yahoo.co.jp/pagead/conversion_async.js

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

a45a89a6c73aed50bd56b6d31374f39778c1006d883c0de36a79e2111659a050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Content-Encoding: br
ETag: 11723272464307787475
Age: 0
X-Content-Type-Options: nosniff
Expires: Mon, 14 Oct 2024 20:37:06 GMT
Date: Mon, 14 Oct 2024 20:37:06 GMT
Content-Type: text/javascript; charset=UTF-8
Content-Disposition: attachment; filename="f.txt"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
X-XSS-Protection: 0
Server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 55ms
50ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1728938225172&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfdUG9FQIzFwswnDG0oKyYPxYwJBXSN72SeVbBL1zvPGN8K8kW&random=1493975627&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/856479406/ 42 B
64 B 54ms
49ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/856479406/?random=1728938225172&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfdUG9FQIzFwswnDG0oKyYPxYwJBXSN72SeVbBL1zvPGN8K8kW&random=1493975627&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 54ms
49ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1728938225237&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfPFzfAMuonf4tRD6YxzetIAJelGIlzb8FK_ubWwzqQGAfrybp&random=354673412&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721521220/ 42 B
64 B 60ms
55ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721521220/?random=1728938225237&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfPFzfAMuonf4tRD6YxzetIAJelGIlzb8FK_ubWwzqQGAfrybp&random=354673412&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 54ms
49ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1728938225312&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfvk_G3oRQhIlRgkAuHafmMXDa3WiQIqMQlgnH4d-iBBU9IXtM&random=2421150500&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/709179453/ 42 B
64 B 66ms
61ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/709179453/?random=1728938225312&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101529665~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfvk_G3oRQhIlRgkAuHafmMXDa3WiQIqMQlgnH4d-iBBU9IXtM&random=2421150500&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 52ms
48ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1728938225370&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfeDmDIM3lRCEt6oo-8qnrWD84aSiGxfJmaM0NyBaAPVcq8k_i&random=1605157265&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721159065/ 42 B
64 B 58ms
51ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721159065/?random=1728938225370&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90z8812496802za201zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfeDmDIM3lRCEt6oo-8qnrWD84aSiGxfJmaM0NyBaAPVcq8k_i&random=1605157265&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 2401863046519079 Show response
connect.facebook.net/signals/config/ 28 KB
5 KB 117ms
115ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519079?v=2.9.170&r=stable&domain=elmouaten.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

f4bf1e8699b7fc613caf70f0c3a62a54353893ea0a96f050ea2c397b68bbecdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=87, mss=1232, tbw=83366, tp=79, tpl=0, uplat=65, ullat=0
pragma: public
x-fb-debug: hIJH9XhmdfViHjI+OTY9gV0Q3AJMCScyk7w1kgTObquoGJKBCDcQtkcpFSMzYSMOp+2Rmir/tUZNxEBpkwb06Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 105ms
31ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938225573&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=36b56c&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1297, tbw=2940, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 180ms
107ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=PageView&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938225573&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=36b56c&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733133427218278"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 4F9LR5ve99J4Bn4LM/iFfJY34Iyx4/W9kGdND3lup3AVirFyzn1FigpjSt+nQ1vkWjqjyr3ViIZhhMJqBn2v7A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733133427218278", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=12, mss=1297, tbw=3258, tp=-1, tpl=-1, uplat=76, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 251ms
218ms Fetch
text/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=A8K4W9L35V&label=&ref=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1728938226.433723&pvid=2nke2r38e1pm29h6gsv&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://elmouaten.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 260ms
230ms Fetch
text/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=&ref=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1728938225.6733322&pvid=2nke2r38e1pm29h6gsv&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://elmouaten.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 246ms
217ms Fetch
text/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=&ref=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1728938226.5207517&pvid=2nke2r38e1pm29h6gsv&su=1697e02e-3699-46cd-8fe8-80152b6ded02&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://elmouaten.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H3 200 /
www.google.com/pagead/1p-user-list/709179453/ 42 B
64 B 51ms
48ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709179453/?random=1728938225429&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf_Oq3cQyQrSzwgkCgchmRis-2Z-hlMtsrXALk8dL82RruQIVS&random=3847482041&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/709179453/ 42 B
64 B 51ms
48ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/709179453/?random=1728938225429&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnf_Oq3cQyQrSzwgkCgchmRis-2Z-hlMtsrXALk8dL82RruQIVS&random=3847482041&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/723623815/ 42 B
64 B 49ms
46ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/723623815/?random=1728938225462&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfZ48HHnllc9iJngvyug4p_Lc7NdjsL4Yz-XGrBBQLH0FT3A5I&random=3439757380&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/723623815/ 42 B
64 B 50ms
47ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/723623815/?random=1728938225462&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfZ48HHnllc9iJngvyug4p_Lc7NdjsL4Yz-XGrBBQLH0FT3A5I&random=3439757380&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 236ms
219ms Fetch
text/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=FUG7VWQ52M&label=cheq_invalidUsers&ref=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1728938226.3395722&pvid=2nke2r38e1pm29h6gsv&su=1697e02e-3699-46cd-8fe8-80152b6ded02&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://elmouaten.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H2 200 /
apm.yahoo.co.jp/rt/ 0
0 233ms
216ms Fetch
text/javascript 183.79.250.251
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to

Full URL

https://apm.yahoo.co.jp/rt/?p=VZFQ9QEGBW&label=cheq_invalidUsers&ref=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rref=&pt=&item=&cat=&price=&quantity=&r=1728938225.9675605&pvid=2nke2r38e1pm29h6gsv&su=1697e02e-3699-46cd-8fe8-80152b6ded02&__lt__cid_valid=true&_impl=ytag

Requested by

Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.250.251 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

age: 0
observe-browsing-topics: ?1
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Oct 2024 20:37:05 GMT
content-type: text/javascript; charset=utf-8
vary: Origin
x-frame-options: SAMEORIGIN
cache-control: no-store, no-cache, max-age=0, must-revalidate, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
permissions-policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
access-control-allow-origin: https://elmouaten.com
content-length: 0
x-xss-protection: 1;mode=block
server: nghttpx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/ 6 KB
2 KB 54ms
50ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/942787950/?random=1728938225705&cv=11&fst=1728938225705&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

53db6bdea5055646946fc10ca8f8d1a9f2daa97c7660ee77c90d7be774874a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2383
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 942787950
td.doubleclick.net/td/rul/ Frame 1E80 0
0 52ms
49ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/942787950?random=1728938225705&cv=11&fst=1728938225705&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-942787950&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/ 6 KB
2 KB 56ms
52ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/709209482/?random=1728938225785&cv=11&fst=1728938225785&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

91ce740af010d3fd2b1a7f5aab537b8cdb70e2e170fc4b3922e61ca081cbafdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2388
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 709209482
td.doubleclick.net/td/rul/ Frame 98DF 0
0 50ms
48ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/709209482?random=1728938225785&cv=11&fst=1728938225785&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-709209482&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/ 6 KB
2 KB 51ms
50ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721159065/?random=1728938225861&cv=11&fst=1728938225861&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

eeb2747dcfef38d78681efa9f80bcc1a69983609b8aaa51f46963470cc94f4ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2380
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721159065
td.doubleclick.net/td/rul/ Frame 35C5 0
0 51ms
50ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721159065?random=1728938225861&cv=11&fst=1728938225861&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721159065&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/ 6 KB
2 KB 51ms
50ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/612303449/?random=1728938225922&cv=11&fst=1728938225922&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

cd713dc444a01f05c1702da88e6b2af82febed93b1d194c6b6bd74d7ecdc01a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2383
date: Mon, 14 Oct 2024 20:37:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 612303449
td.doubleclick.net/td/rul/ Frame E340 0
0 53ms
49ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/612303449?random=1728938225922&cv=11&fst=1728938225922&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-612303449&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/ 6 KB
2 KB 48ms
47ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721477044/?random=1728938225972&cv=11&fst=1728938225972&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

2cc1f250ebb2147c24df26ded096b29aca0b1793d767ee7a3f45858ed15f54c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2384
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721477044
td.doubleclick.net/td/rul/ Frame 4076 0
0 51ms
50ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721477044?random=1728938225972&cv=11&fst=1728938225972&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721477044&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2401863046519070 Show response
connect.facebook.net/signals/config/ 2 KB
1 KB 90ms
89ms Script
application/x-javascript 157.240.229.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2401863046519070?v=2.9.170&r=stable&domain=elmouaten.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C145%2C172%2C158%2C117%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-iad3.fbcdn.net

Software

Resource Hash

fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=91, mss=1232, tbw=88534, tp=86, tpl=0, uplat=58, ullat=0
pragma: public
x-fb-debug: DSTNkAGbsdvZTzLxPWGC1N0LtVpnHicb+n60OBOavJk2Xxbyss0UCMIP0I9bbVUDylqQi+JELCO3SkPbw7VUGg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
125 B 32ms
29ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226021&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=c73904&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&cas=7469710046409932&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=6604, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
2 KB 69ms
68ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=PageView&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226021&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=c73904&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&cas=7469710046409932&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733138942051052"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733138942051052", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: Xhihgxwb1cqmrh9V2hYgheNcVzjBOn2NJK8uVGTUTswSZ5wOI33CkcA/xWxUkq7MIJ7xtytG7hsI66hbGsLmmw==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1297, tbw=6805, tp=-1, tpl=-1, uplat=36, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 31ms
30ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226023&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=a5b8ac&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&tm=1&cs_cc=1&cas=8378614588859965%2C6234696556613005&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=12, mss=1297, tbw=6604, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
884 B 194ms
194ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CompleteRegistration&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226023&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=a5b8ac&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&tm=1&cs_cc=1&cas=8378614588859965%2C6234696556613005&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733137535313258"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8DjCwU4W0E2WaxobOthraBNvQDwqtccXxiseoEe6K7FsZ8r/XXxdhnnajs59wGqxao6yNFS5rGBhzMFTE1+L7A==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733137535313258", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=31, rtx=0, c=12, mss=1297, tbw=9230, tp=-1, tpl=-1, uplat=165, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/ 6 KB
2 KB 64ms
63ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=1728938226054&cv=11&fst=1728938226054&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

615df9ab0c32d74a5bcf9361ec1a6e196e37523086e5d4b5757cf7f77eddd12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2392
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame 54E8 0
0 54ms
52ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1728938226054&cv=11&fst=1728938226054&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721521220/ 5 KB
3 KB 50ms
49ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721521220/?random=1728938226094&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

3abe223e54d3f15c38ed078f5ec3db17822da7d389cfaacddfa7b604670115bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2642
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721521220
td.doubleclick.net/td/rul/ Frame 64F9 0
0 51ms
50ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721521220?random=1728938226094&cv=11&fst=1728938226094&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721521220&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/ 6 KB
2 KB 50ms
49ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=1728938226121&cv=11&fst=1728938226121&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

831864429a05516e946c7cc557bc69e2b82775402b5a7e818cc36f72d375c3b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2381
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame 92F3 0
0 54ms
53ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1728938226121&cv=11&fst=1728938226121&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/721484514/ 5 KB
3 KB 47ms
47ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/721484514/?random=1728938226167&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

172f7a340fe3fb76c4ba27a8c39c01b1dae8fbcfbe32178f5ea12114e2d1e045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2651
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 721484514
td.doubleclick.net/td/rul/ Frame 8609 0
0 56ms
52ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/721484514?random=1728938226167&cv=11&fst=1728938226167&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-721484514&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/ 6 KB
2 KB 56ms
56ms Script
text/javascript 173.194.68.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=1728938226196&cv=11&fst=1728938226196&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f157.1e100.net

Software

cafe /

Resource Hash

dd0e4ac95f8800bf7c5549c72762322192731e5edb3abc66df5ccf2e2abaddd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2394
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame 4EA6 0
0 52ms
51ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1728938226196&cv=11&fst=1728938226196&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/856479406/ 5 KB
3 KB 69ms
69ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/856479406/?random=1728938226240&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

c5f733cc4d990604e2c4d284b3692d77c0113144f44c5c8c7dd3ad3b26918315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2651
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 856479406
td.doubleclick.net/td/rul/ Frame 82B2 0
0 51ms
50ms Document
text/html 209.85.201.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/856479406?random=1728938226240&cv=11&fst=1728938226240&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-856479406&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://elmouaten.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Oct 2024 20:37:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/942787950/ 42 B
64 B 48ms
47ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/942787950/?random=1728938225705&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfmAXRlrAd7EtAHWd1E8s0U71Rh6vjgHOGWIOSUoMzivurruH7&random=3742595764&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/942787950/ 42 B
64 B 43ms
43ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/942787950/?random=1728938225705&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfmAXRlrAd7EtAHWd1E8s0U71Rh6vjgHOGWIOSUoMzivurruH7&random=3742595764&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 bf.png
a.imgvc.com/i/ 105 B
317 B 857ms
258ms Image
image/png 52.69.71.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.imgvc.com/i/bf.png?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.69.71.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-69-71-194.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 15f8c6fa9d4f29c56a15f1b2efa34147746d53fcae9ef5dc6e98946d40783050

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://elmouaten.com
Referer: https://elmouaten.com/

Response headers

front-end-https: on
cache-control: max-age=63072000, private
expires: Wed, 14 Oct 2026 20:37:06 GMT
access-control-allow-origin: *
content-length: 105
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
last-modified: Wed, 09 May 2018 15:00:00 GMT
server: nginx

POST
H2 200 event Show response
log-v4-insight.kaizenplatform.net/kz/insight/ 254 B
478 B 880ms
268ms XHR
application/json 43.206.243.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log-v4-insight.kaizenplatform.net/kz/insight/event
Requested by: Host: cdn.kaizenplatform.net
URL: https://cdn.kaizenplatform.net/s/df/8c9dd94c00f839.js?kz_namespace=kzs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.206.243.253 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-206-243-253.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: fe4178327e0aed56372838cc9c5f6063ff92b2c3fdc445ea7f1bf1c3d1643c22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://elmouaten.com/

Response headers

cache-control: no-cache,max-age=0
access-control-allow-credentials: true
expires: Wed, 13 Nov 2024 20:37:07 GMT
access-control-allow-origin: https://elmouaten.com
content-length: 254
p3p: CP="CAO PSA OUR"
date: Mon, 14 Oct 2024 20:37:07 GMT
content-type: application/json
vary: Origin

GET
H3 200 /
www.google.com/pagead/1p-user-list/709209482/ 42 B
64 B 45ms
45ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/709209482/?random=1728938225785&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfRYhXI4SOcx09bFl9OYIIV3SpcQIboicYWQKVLFc9K7uvmpD5&random=1413359686&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/709209482/ 42 B
64 B 43ms
42ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/709209482/?random=1728938225785&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533422~101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfRYhXI4SOcx09bFl9OYIIV3SpcQIboicYWQKVLFc9K7uvmpD5&random=1413359686&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721159065/ 42 B
64 B 44ms
43ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721159065/?random=1728938225861&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnffdW0UAcpbaxFjTLZiOLGNN0-97hcyzRGM_vlZ0eXth6vNWIA&random=1649519053&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721159065/ 42 B
64 B 46ms
45ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721159065/?random=1728938225861&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnffdW0UAcpbaxFjTLZiOLGNN0-97hcyzRGM_vlZ0eXth6vNWIA&random=1649519053&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/612303449/ 42 B
64 B 43ms
42ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/612303449/?random=1728938225922&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfmAxYRD_iNsC9JIQHSluDNg-_TDqozCtbzDU8Pb5R8GtE04LY&random=3414737685&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/612303449/ 42 B
64 B 45ms
43ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/612303449/?random=1728938225922&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfmAxYRD_iNsC9JIQHSluDNg-_TDqozCtbzDU8Pb5R8GtE04LY&random=3414737685&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721477044/ 42 B
64 B 45ms
44ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721477044/?random=1728938225972&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfZrGIzW-4fkZ4mndfVnzEduFBPNdib_NFh8CSfk2A1HMYsnGY&random=2590315467&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721477044/ 42 B
64 B 46ms
44ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721477044/?random=1728938225972&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfZrGIzW-4fkZ4mndfVnzEduFBPNdib_NFh8CSfk2A1HMYsnGY&random=2590315467&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 34ms
30ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226299&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=29c58d&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4459, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
194 B 109ms
104ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594307549455110&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226299&sw=1600&sh=1200&v=2.9.170&r=stable&ec=1&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=29c58d&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733138202134933"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: HUcQU+6XnObHlNSfINzmu0gQ2xaW+jWOejAo22/PFiv3mDyUcYDX1xpYuk5b9JYNZayIKk9gVRilTiPiGVHLpg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733138202134933", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=26, mss=1232, tbw=9531, tp=24, tpl=0, uplat=75, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 36ms
30ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226302&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=40303c&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&cas=24333884979543306&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=5019, tp=16, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
190 B 106ms
101ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519079&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com&rl=&if=false&ts=1728938226302&sw=1600&sh=1200&v=2.9.170&r=stable&ec=2&o=4124&fbp=fb.1.1728938225570.250583249212989389&pm=1&hrl=40303c&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&cs_cc=1&cas=24333884979543306&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733138740806579"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: nDUkbLfyTVfqzWRmuUlIKf9hetumAC305jiD/a17ynN1wvGGkoLOhHDy4fMsi4OadlYtQLKtjiiQJfyneiSReQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733138740806579", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=26, mss=1232, tbw=8619, tp=23, tpl=0, uplat=71, ullat=1
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 36ms
31ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rl=&if=false&ts=1728938226303&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=5211, tp=18, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 77ms
71ms Image
image/png 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2401863046519070&ev=CHEQ&dl=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&rl=&if=false&ts=1728938226303&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=28&ler=empty&cdl=API_unavailable&it=1728938225148&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7425733139456486794"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: Vpwv7tZL2cyr/XDqsenCn4kMqrUU6ewQMnAQ8KGeYJFSiO65irAxc7GRcbvJmWZ/U855vkMwXi0sm0C4+cCHhg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7425733139456486794", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=24, mss=1232, tbw=5403, tp=20, tpl=0, uplat=41, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.google.com/pagead/1p-user-list/721521220/ 42 B
64 B 46ms
42ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721521220/?random=1728938226054&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfYGMLy8yzIyveGCjbBFr01Ka5_WEgExzFyFi-Y77ygQEc6kca&random=1645374564&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721521220/ 42 B
64 B 47ms
42ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721521220/?random=1728938226054&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfYGMLy8yzIyveGCjbBFr01Ka5_WEgExzFyFi-Y77ygQEc6kca&random=1645374564&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/721521220/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016...
https://www.google.ca/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=10167...

42 B
64 B

47ms
46ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI6Mq55tyOiQMV3FlHAR0V2ziQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTTVSTElGcDYyMm9vaWVJZ3oxcU1ycFFUTUY4RDNRVDBIMnRXcmw0eUMxQTR3R240VWZ1QQ&is_vtc=1&cid=CAQSKQDpaXnfa2zCMbfuvVg4R9SbN6KYUkq4fJt7Qiji-hS_9qe0Uar4mXvO&random=3585166316&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/721521220/?random=974160865&cv=11&fst=1728938226094&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9100464315za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=3O7KCKLnu_QYEMSUhtgC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI6Mq55tyOiQMV3FlHAR0V2ziQMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTTVSTElGcDYyMm9vaWVJZ3oxcU1ycFFUTUY4RDNRVDBIMnRXcmw0eUMxQTR3R240VWZ1QQ&is_vtc=1&cid=CAQSKQDpaXnfa2zCMbfuvVg4R9SbN6KYUkq4fJt7Qiji-hS_9qe0Uar4mXvO&random=3585166316&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/721484514/ 42 B
64 B 48ms
43ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721484514/?random=1728938226121&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfYg5gtE-0mS2eIXVfFdHnWJQsHVgH1nzqWAll6DSiHmaPetcb&random=4264129816&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/721484514/ 42 B
64 B 54ms
49ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/721484514/?random=1728938226121&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfYg5gtE-0mS2eIXVfFdHnWJQsHVgH1nzqWAll6DSiHmaPetcb&random=4264129816&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/721484514/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag...
https://www.google.com/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686...
https://www.google.ca/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~1016866...

42 B
64 B

46ms
46ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-IO-5tyOiQMV4UZHAR3HiBCaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTmFtQ25fZ3dXOVZaamZCZlVLZGI0ZXBVSjB0VnBtM3I0ZDdaU2g1d2N1VHkxejFhc0FDUQ&is_vtc=1&cid=CAQSKQDpaXnfUIj0odcpU3E2IZcW4Df0kLpVglELqtLBP34bUJ91fqLQq1dG&random=2478423326&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/721484514/?random=27581879&cv=11&fst=1728938226167&bg=ffffff&guid=ON&async=1&gtm=45be4a90za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=0jVCCJHEvfQYEOL1g9gC&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECSixub3QtbmF2aWdhdGlvbi1zb3VyY2UsIHRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI-IO-5tyOiQMV4UZHAR3HiBCaMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTmFtQ25fZ3dXOVZaamZCZlVLZGI0ZXBVSjB0VnBtM3I0ZDdaU2g1d2N1VHkxejFhc0FDUQ&is_vtc=1&cid=CAQSKQDpaXnfUIj0odcpU3E2IZcW4Df0kLpVglELqtLBP34bUJ91fqLQq1dG&random=2478423326&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/856479406/ 42 B
64 B 51ms
48ms Image
image/gif 173.194.68.106
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/856479406/?random=1728938226196&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfoJQGV9MXIJJd6gB73x2UoPB83FDImVxL7LePsh0wPa5zIOGu&random=1839840931&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f106.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/856479406/ 42 B
64 B 47ms
45ms Image
image/gif 209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/856479406/?random=1728938226196&cv=11&fst=1728936000000&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfoJQGV9MXIJJd6gB73x2UoPB83FDImVxL7LePsh0wPa5zIOGu&random=1839840931&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/856479406/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1...
https://www.google.com/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=1016...
https://www.google.ca/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=10167...

42 B
64 B

48ms
48ms

Image
image/gif

209.85.232.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImNXC5tyOiQMV9lRHAR0rbgFVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTno2Mm9VWVRHSjRyWmJ1WE5zZHcyeFYxaU5xWHJKLWo5M3g3blFBbkRleURSQzRtUWY3QQ&is_vtc=1&cid=CAQSKQDpaXnfe0Al54qdRIG88ztaD50XrsDaXjQ8K0t6o1XwMegaq9u89XES&random=3115649018&ipr=y

Protocol

Server

209.85.232.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/856479406/?random=652851502&cv=11&fst=1728938226240&bg=ffffff&guid=ON&async=1&gtm=45be4a90v9173729797za200zb812496802&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101686685&u_w=1600&u_h=1200&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&label=zO1iCLGLvvQYEK6ts5gD&hn=www.googleadservices.com&frm=0&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&gtm_ee=1&npa=0&pscdl=noapi&auid=1102786212.1728938225&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi_yrECCLnBsQIIscOxAgiKxbECCMLJsQJKJ2V2ZW50LXNvdXJjZT1uYXZpZ2F0aW9uLXNvdXJjZSwgdHJpZ2dlcloDCgEBYgQKAgID&pscrd=IhMImNXC5tyOiQMV9lRHAR0rbgFVMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhZodHRwczovL2VsbW91YXRlbi5jb20vQlZDaEVJOElLenVBWVFzYzJfNzZxa3VxR0NBUklyQUhCYzBPTno2Mm9VWVRHSjRyWmJ1WE5zZHcyeFYxaU5xWHJKLWo5M3g3blFBbkRleURSQzRtUWY3QQ&is_vtc=1&cid=CAQSKQDpaXnfe0Al54qdRIG88ztaD50XrsDaXjQ8K0t6o1XwMegaq9u89XES&random=3115649018&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 14 Oct 2024 20:37:06 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
143 B 46ms
45ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
16 B 50ms
47ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:06 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088208/ 42 B
742 B 679ms
266ms Image
image/gif 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088208/?random=1728938226989&cv=9&fst=1728938226989&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=cheq_invalidUsers%3Dtrue&frm=0&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Mon, 14 Oct 2024 20:37:07 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088130/ 42 B
742 B 682ms
267ms Image
image/gif 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1728938226994&cv=9&fst=1728938226994&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Mon, 14 Oct 2024 20:37:07 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

GET
H/1.1 200
OK /
b99.yahoo.co.jp/pagead/conversion/1001088130/ 42 B
742 B 696ms
271ms Image
image/gif 183.79.255.28
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b99.yahoo.co.jp/pagead/conversion/1001088130/?random=1728938226995&cv=9&fst=1728938226995&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-420&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=cheq_invalidUsers%3Dtrue&frm=0&url=https%3A%2F%2Felmouaten.com%2Fap%2Flogin.jsp&tiba=%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20%E3%83%AD%E3%82%B0%E3%82%A4%E3%83%B3%20%7C%20au%E3%81%98%E3%81%B6%E3%82%93%E9%8A%80%E8%A1%8C&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

183.79.255.28 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://elmouaten.com/

Response headers

Age: 0
X-Content-Type-Options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Date: Mon, 14 Oct 2024 20:37:07 GMT
Content-Type: image/gif
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'none'; object-src 'none'
Cache-Control: no-cache, no-store, must-revalidate
Timing-Allow-Origin: *
Pragma: no-cache
Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Permissions-Policy: unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length: 42
X-XSS-Protection: 0
Server: cafe

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 46ms
45ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:08 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 46ms
44ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:10 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 42ms
39ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:15 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

POST
H2 200 mon Show response
obs.segreencolumn.com/ 0
39 B 41ms
40ms XHR
application/json 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.segreencolumn.com/mon
Requested by: Host: ob.segreencolumn.com
URL: https://ob.segreencolumn.com/i/ad1f1040ad9ca638cc6ee793ef48a4f6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://elmouaten.com/

Response headers

access-control-allow-origin: https://elmouaten.com
content-length: 0
date: Mon, 14 Oct 2024 20:37:20 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: localhost
URL: http://localhost/

Domain: elmouaten.com
URL: blob:https://elmouaten.com/3b2916b1-afd6-48aa-9351-29b649ac6bd9

Domain: elmouaten.com
URL: blob:https://elmouaten.com/5a5d828f-7c0a-4f6a-97ec-c0c2d070a7de

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: au Jibun Bank (Financial)

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
elmouaten.com/ap	1969-12-31 23:59:59	Name: JSESSIONID Value: C06D1A2FABA2054C208B268ECDB13887
elmouaten.com/	1970-01-21 09:41:33	Name: _pk_id.1077564906.624a Value: 0cb5e5db41ff2868.1728938222.1.1728938222.1728938222.
elmouaten.com/	1970-01-21 00:15:40	Name: _pk_ses.1077564906.624a Value: *
.fraud-alert.net/	1970-01-21 09:01:14	Name: caulisCookie Value: 1110668684332625922
.elmouaten.com/	1970-01-21 02:25:14	Name: _gcl_au Value: 1.1.1102786212.1728938225
.elmouaten.com/	1970-01-21 02:27:02	Name: _cq_duid Value: 1.1728938225.WulxtYOBRNborDfC
.elmouaten.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1728938225.MoWeEXEQ7Id4Zg7j
obs.segreencolumn.com/	1970-01-21 08:19:28	Name: cg_uuid Value: baf893e6c544a94ba30682b6e1bfdc4a
.elmouaten.com/	1970-01-21 00:17:04	Name: _uetsid Value: 12f5bc508a6c11ef8ce4374004a25d5b
.elmouaten.com/	1970-01-21 09:37:14	Name: _uetvid Value: 12f66d208a6c11ef9be9c34e8486c68f
.elmouaten.com/	1970-01-21 09:51:38	Name: __lt__cid Value: ba6f0aba-cfd1-4e93-8398-27fc57112842
.elmouaten.com/	1970-01-21 00:15:40	Name: __lt__sid Value: 6867ac51-c5bf64dd
elmouaten.com/	1970-01-21 09:51:38	Name: snexid Value: 00fb1179-1a89-4550-b4c8-6af30850cb75
.bat.bing.com/	1970-01-21 00:25:43	Name: MR Value: 0
.bing.com/	1970-01-21 09:37:14	Name: MUID Value: 0ED8A6606E5564D421B3B3786F836552
.doubleclick.net/	1970-01-21 09:51:38	Name: IDE Value: AHWqTUlKJMk_fARTWgM2quEb1sOQaOvreoc_yQ-4davnj0A92Wjd07DxC8XxdIVX
.elmouaten.com/	1970-01-21 09:01:14	Name: _yjsu_yjad Value: 1728938225.1697e02e-3699-46cd-8fe8-80152b6ded02
.elmouaten.com/	1970-01-21 02:25:14	Name: _fbp Value: fb.1.1728938225570.250583249212989389
.line.me/	1970-01-21 09:51:38	Name: _ldbrbid Value: tr__k1y/XGcNgPFnsdN1HPlAAg==
i.smartnews-ads.com/	1970-01-21 00:25:43	Name: AWSALBTGCORS Value: M11Fs5l4Foa2nzFMKTDx60sAkBToXgfa1p1Z4JNDJ1ns9id2mHjKsgn7mA9RuVLu2OdWQr7GtvGyev8LnyVCxwjxtop7oCBXsyPdpq+u86AI6oO6mKAh0k9AYHSVQbkh1/1wDkDWA0r8ZHpx82tsphs0+A+PBYanbR4NxQb5hEpZbJRv6uc=
.smartnews-ads.com/	1970-01-21 09:51:38	Name: g Value: AI9gAP77K7itjpOuTq2OXBDn7rBI1T2auGFqHM2LwUxb8VZeuOvdxtOm7E0UJMZWjSgXFzAYCjkAlxPmTzYQ4cQ%3D
.elmouaten.com/	1969-12-31 23:59:59	Name: _kys Value: QEkREk9xpNis4A_.elmouaten.com
.yahoo.co.jp/	1970-01-21 09:01:14	Name: XA Value: 1454qidjgr07i&sd=A&t=1728938226&u=1728938226&v=1
.yahoo.co.jp/	1970-01-21 09:51:38	Name: XB Value: 13ddf022-8a6c-11ef-9cff-37df7490d1df&v=6&u=1728938226&s=5g
.elmouaten.com/	1970-01-21 09:51:38	Name: _kyp Value: QEkQBhnM+P4CobL8uYJ2Qon0nStWIYJdCeEQbxmoGm0GPK1lIfJG6EnCEnKXJRl/ZNRgl0J4RBTYRJFA_.elmouaten.com+eh+elmouaten.com

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://elmouaten.com/ap/login.jsp Message: [DOM] Found 2 elements with non-unique id #pressedButtonId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://elmouaten.com/ap/login.jsp Message: [DOM] Found 2 elements with non-unique id #screenId: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://elmouaten.com/ap/login.jsp Message: [DOM] Found 2 elements with non-unique id #viewName: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://elmouaten.com/ap/login.jsp Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
worker	verbose	URL: blob:https://elmouaten.com/3b2916b1-afd6-48aa-9351-29b649ac6bd9(Line 1) Message: Error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.imgvc.com
apm.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
cdn.kaizenplatform.net
cdn.smartnews-ads.com
connect.facebook.net
d.line-scdn.net
elmouaten.com
googleads.g.doubleclick.net
i.smartnews-ads.com
i6.smartnews-ads.com
localhost
log-v4-insight.kaizenplatform.net
ob.segreencolumn.com
obs.segreencolumn.com
p.fraud-alert.net
s.yimg.jp
seal.digicert.com
static.fraud-alert.net
td.doubleclick.net
tk.csolution.jp
tr.line.me
trj.valuecommerce.com
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
elmouaten.com
localhost
13.32.151.44
142.250.31.155
147.92.191.92
154.91.176.79
157.240.229.1
157.240.229.35
173.194.68.106
173.194.68.157
18.160.10.33
183.79.250.251
183.79.255.28
209.85.201.155
209.85.201.97
209.85.232.94
23.220.140.31
23.220.141.110
23.47.29.181
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:208f:5000:10:3572:e540:93a1
2600:9000:2509:8000:18:15b9:5a80:93a1
2600:9000:27d1:2200:18:82c:9d80:93a1
2607:f8b0:400d:c03::61
2607:f8b0:400d:c1d::9b
2620:1ec:33:1::10
2a03:2880:f103:181:face:b00c:0:25de
43.206.243.253
52.69.71.194
54.201.108.228
57.181.202.230
02d7fb60c7ae18d482de1e63da9a6e0f27c984917820e0f4dba6e815270dc674
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0f39c718afa7f030e01c8f7299516f62808df2a207b37b3f6d4ec575e9fcdd17
105826eda8961b32f3856c547ab119e2685194f9491af047b9646009181880f8
15f8c6fa9d4f29c56a15f1b2efa34147746d53fcae9ef5dc6e98946d40783050
172f7a340fe3fb76c4ba27a8c39c01b1dae8fbcfbe32178f5ea12114e2d1e045
1ad24f584f6f1488488aa7469a31543d485bd1603b0dae3e0f00ddfaf25369e7
1bcca44433c4d21658a73858e9ba081c05d04a068d5be2d15219000cea7a956e
1dffa14ea00339fb59b13b3e2aa769fdb769d5d67bd3d8238ee5cdcb14bf0f49
275c9465b2561fcc96e4f99beb30d8bb4156f3405b6cb8354a51c1af400b771e
2cc1f250ebb2147c24df26ded096b29aca0b1793d767ee7a3f45858ed15f54c4
2db115c506ff6b2ad1664e57dc254cb6c5ed778b614b95c0142519eef251088a
3abe223e54d3f15c38ed078f5ec3db17822da7d389cfaacddfa7b604670115bc
3d5954bff7febbab334e9d2c6f35a19732c014faf4904ec799bc24b73e1d9c20
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
444a8982521b912ce12a350c1047d1c2d6ef172d461ac88fe151cc46a19db4f1
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
48dea352eea86f6910d83b4313f1b4727c92de063eb3daa842c394f16c7a33f4
4cf9036abe69464fdacd45e96d84ef45400515e75cfa4a1411b2a6d23e286fc8
526193dec6d30cdda19950c705e4a6912a7f8effa55d3312d218d3acf18d8b30
53db6bdea5055646946fc10ca8f8d1a9f2daa97c7660ee77c90d7be774874a28
58dcb9b4c4a8af93d049784e1be829d690b870d33cb49c693565f38e982ed5b6
60fb7676356c6f47177b6a602932a741b2368577fa6c33c5b1d383bdff7dd899
615df9ab0c32d74a5bcf9361ec1a6e196e37523086e5d4b5757cf7f77eddd12f
616ce066c628baf01694f23441be25e45934192b66b5867fafa4c096dc39f9bc
631ab19460e9157982b8cf3b6304f5779d0db521d644627731465d4f4757a362
65728cc5e44929ba52ef371102b2e3e171db9d42d96fe7c70915cd06eb2ac7f0
68c6d438afdae5288bf813d5e126a7c9f849238e46c96702614598cab3d1b51a
6b2cfc91bcb1bcdf077aad92873045da05e3fc81706797e120ff7384a8cdbd3d
6ed05b57ad40727d79d3c1d73aefca0e5d8c0406c76b057f6ce46348cd91d57c
7250ca16a189f7d79bec5408af4fee5df86e5046b1d96ad5908450f2b56858d4
72b3d7d8470cd110a49af79433d12034574ec1af9ca0151635e0580a279cfe8e
7644ed95768ef11745d9721a02060a8cddc9d99ff6e6abfc79f24d6093e3e4cc
79b58b88d2400e693ed7c89099cffe25a471b83c372ba638284503a72b2406f4
7dd771ade49a0a57e23c7791901ccbcde5cab2eacd117b248b9bc64c04799aba
7fb587c59b0120a6d8ff5d5e6b710c6afcb3b668495988f1e9c66626ea26c9cd
81f277888d1ee510668666fb819bcf637e488b613dac15cf78cbe9d1ac41658c
831864429a05516e946c7cc557bc69e2b82775402b5a7e818cc36f72d375c3b6
86342493a9368b0beb087f9c364864423c86de13d68145f6df7f34cb126e36c9
8b47d89b17729d4c7627ff27799f43dec314c28768c65b7c9d9cb260f95b5016
8b7d63711c694ef0e82f16ac93562cc150e1a97a7f1b3cdb8c5be33bb5840443
91ce740af010d3fd2b1a7f5aab537b8cdb70e2e170fc4b3922e61ca081cbafdf
9606095ff57e48fc137b15e8171ae6eab1b2cdeb99289d62103d3bfa56569ca1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98fb1ab56abd6b1f7cc13d3f418b6352f27c96a54415fdb43d032db21a043af3
a2759491fccf1317c5cb397216a9de3aab5c6d9eb6f1d16b543c3dd1afc9af2f
a45a89a6c73aed50bd56b6d31374f39778c1006d883c0de36a79e2111659a050
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af27551b9848d5372f44520be54c67c2bc0fd9f759aee442943a543d30232b7f
b29584f8487c7cf418ff25c79627e0ed0edc07d9df1c1c0676ad7226a1f25277
b46106641bbc5417ab9cc469adc988ed245ffc4c115b58e801bdead4bcabce9c
bd945a27445a6b98a1dec3e984579aae4f3254698809d91f87227ddb6bb5f328
c2ab3622cbd9d4084fea689b66c0fdde34d148dc7fb413a4d1d02cd37ab7c0ce
c3b78b1b07598ebf8d5b1575ebc0c93cf5f60a895fbc66e848a0c01a0ff913ac
c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b
c4da264867121b9f488748d2536849b092ba8df1e0529b45c4fa146d20d54b4c
c5f733cc4d990604e2c4d284b3692d77c0113144f44c5c8c7dd3ad3b26918315
c7dae3c7ee9f18d0e2c6c58877284c7e3efc52061a2ed31db79c6f4456ad1ee0
cc160f9188f87d0f995c97c540ac7dfab1f76678e2fea1775e471c2a0a46f002
cc568cd093d779c3c482e7ad8a96eaa22bb36e20c1bb6c5e6e8dc30dc2aeecf9
cd713dc444a01f05c1702da88e6b2af82febed93b1d194c6b6bd74d7ecdc01a9
ce33205aef6fa450f17fe68161ede7cbec9b46a7ef19c419ba8b178addfc87c7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b8a1de08cf26941fab8dd8ac15896ab763bda57347eaf77690ec02a7700101
d4e5f00be808b9eb67f7131be7dee1c816bb51d6170e0e7a4d855ef98a581e3d
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d545171c9602e62fd1729ac8edac04cca1059fc661aeebdde57f7e3d228264f3
d8252990d0b9cbcdec180720728a3be252cd124a9a96784cd64d57bda6e35e41
d841d98c39d94bdc0f09612199aa22459c0008606d8951f656377b17873a8646
d8d91b2e06df73d70eb998e274b63b433db68b4fa1cfd0904f21f139b14c5567
dd0e4ac95f8800bf7c5549c72762322192731e5edb3abc66df5ccf2e2abaddd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e557e6c5f8c1025b144bbca671c314820302284a1ab5c6f4151bc39de0d7b413
e8881877c2878d17c77087ae8395eeb362b57e2c41aa0970eca42ee2ad3cecbf
eb123687ae55507f9ebdf405b392a6b2788bb52271387d648d5c7eeea1972e5b
eeb2747dcfef38d78681efa9f80bcc1a69983609b8aaa51f46963470cc94f4ab
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36e8f9d137877baf01230cc296c414d7e3229d4626194b85cadb306dc207ab4
f4bf1e8699b7fc613caf70f0c3a62a54353893ea0a96f050ea2c397b68bbecdc
f9bd81a3980bc282502be4bd1a05c54457113fb6097e35d3b894d8809da89ec5
fbf7ca1d30c15f3d3fd302b8629f22227d54e61c4cd2ec880f82f81415ec0cd9
fce461e0fefe1d6d687b3eab8304d3affaf23fb674b18bfb5242ccfc544e1bb7
fe4178327e0aed56372838cc9c5f6063ff92b2c3fdc445ea7f1bf1c3d1643c22

elmouaten.com Open in urlscan Pro 154.91.176.79 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

184 Requests

95 %HTTPS

28 %IPv6

22 Domains

29 Subdomains

30 IPs

3 Countries

4302 kBTransfer

7614 kBSize

25 Cookies

7 Outgoing links

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elmouaten.com Open in urlscan Pro
154.91.176.79 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

95 %
HTTPS

28 %
IPv6

22
Domains

29
Subdomains

30
IPs

3
Countries

4302 kB
Transfer

7614 kB
Size

25
Cookies

184 HTTP transactions
0 data transactions