urlscan.io logo urlscan.io
SecurityTrails logo

ar.whotwi.com Open in urlscan Pro
2606:4700:3031::681b:a10f  Public Scan

Go To Rescan Add Verdict Report
URL: https://ar.whotwi.com/
Submission Tags: falconsandbox
Submission: On October 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 6 countries across 16 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3031::681b:a10f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ar.whotwi.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time ar.whotwi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 202.47.25.78 2914 (NTT-COMMU...)
2 99.86.243.91 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.243.76 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
6 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 99.86.243.101 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.244.42.72 13414 (TWITTER)
56 24
11    2606:4700:3031::681b:a10f (United States)

ASN13335 (CLOUDFLARENET, US)
ar.whotwi.com
static.whotwi.com
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    202.47.25.78 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914, US)
js.gsspcln.jp
2    99.86.243.91 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-91.vie50.r.cloudfront.net
b.st-hatena.com
1    2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    99.86.243.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-76.vie50.r.cloudfront.net
social-dog.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
4    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
5    2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
pagead2.googlesyndication.com
1    2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
963f072bfb54dea173f795584cd29d70.safeframe.googlesyndication.com
6    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    99.86.243.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-101.vie50.r.cloudfront.net
b.hatena.ne.jp
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
9 static.whotwi.com ar.whotwi.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 platform.twitter.com ar.whotwi.com
platform.twitter.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ar.whotwi.com
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com ar.whotwi.com
www.google-analytics.com
3 www.googletagservices.com ar.whotwi.com
securepubads.g.doubleclick.net
2 www.google.com securepubads.g.doubleclick.net
ar.whotwi.com
2 apis.google.com ar.whotwi.com
apis.google.com
2 connect.facebook.net ar.whotwi.com
connect.facebook.net
2 b.st-hatena.com ar.whotwi.com
2 maxcdn.bootstrapcdn.com ar.whotwi.com
maxcdn.bootstrapcdn.com
2 ar.whotwi.com ar.whotwi.com
1 syndication.twitter.com 1 redirects
1 www.google.de ar.whotwi.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com connect.facebook.net
1 b.hatena.ne.jp b.st-hatena.com
1 963f072bfb54dea173f795584cd29d70.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 social-dog.net ar.whotwi.com
1 ajax.googleapis.com ar.whotwi.com
1 js.gsspcln.jp ar.whotwi.com
56 24
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-22 -
2021-07-22		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gsspcln.jp
GeoTrust RSA CA 2018		 2019-03-14 -
2021-03-25		 2 years crt.sh
*.b.st-hatena.com
Amazon		 2019-11-23 -
2020-12-23		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
social-dog.net
Amazon		 2020-05-07 -
2021-06-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.b.hatena.ne.jp
Amazon		 2019-11-18 -
2020-12-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://ar.whotwi.com/
Frame ID: C5CB42AEF4CC06EBBCDCE1A2FDA90C00
Requests: 41 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWw1XUiwJeZWeO8anMRwokQkJQpy8qReLVOCzF0-ABnZ0xkDET57lIFx3zpAVv7Nodqgz8k_UCLt0lj8-PhLlL13rCHd0qdq-OkNoicH_OxM5oH3e6_87KAFIG5mMpSKqDMlC0heL_SZ7ECBP8UiiUXQLsboOPliX5aOLEPeuzmX_cz41I89JG8k4gmiZNPEj6gBi2SM24I4WHm1fzNVG-2zIOytOCMNPLVurtTSuFER21YRNb5ubIx-9lBC01b2_hTA-71QhFNg&sai=AMfl-YRbDQpakAdMwjGrxt4R4B5bXkIpMsA-wYARS8sBwdiFzTQPjZODvHIb_ZqlIcfA18yJEgN42p1gYXtXf6RxQdd2swDOrv5Mnp4x7taEtWBkpVYqlF7MqOqcHWLFSrob&sig=Cg0ArKJSzB043yUff_xqEAE&adurl=
Frame ID: 0F0F2269B91C6EBE803CA4493F0B2062
Requests: 9 HTTP requests in this frame

Frame: https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
Frame ID: C954252FC721CB5F5E24C4B995720A39
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Far.whotwi.com
Frame ID: 3732BF1812F56DB5669E18B917E5A775
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa7dfa50b4868%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff1fb5a7558bdb68%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
Frame ID: 2F377C901E6940464900894542865EBF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Frame ID: 29A02197B36B297C6257AE491F83D1B8
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Frame ID: 90E5955010ACAC29755B04D89F327F4E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 3492035E9083311887F51031F8CF5707
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 9F17162054648D7A926F447CDE7F0D1F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

56
Requests

100 %
HTTPS

75 %
IPv6

16
Domains

24
Subdomains

24
IPs

6
Countries

705 kB
Transfer

1562 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ar.whotwi.com/ 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
191e44b7867c9a51bf9c2f14a2c00a4d919ad686c7dd999ed658a93d74764a23
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ar.whotwi.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 15 Oct 2020 23:44:20 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da70ed8518e1041aade3ef6762aed42de1602805459; expires=Sat, 14-Nov-20 23:44:19 GMT; path=/; domain=.whotwi.com; HttpOnly; SameSite=Lax csrf_cookie_name=93a3bd29620a2b189dca402318365f89; expires=Fri, 16-Oct-2020 01:44:20 GMT; Max-Age=7200; path=/; domain=.whotwi.com
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-cache-status
MISS
x-whotwi-no-cache
0
cf-cache-status
DYNAMIC
cf-request-id
05d03f82e40000c2b816ab3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5e2d684b08c2c2b8-FRA
content-encoding
br
bootstrap.min.css
static.whotwi.com/whotwi_web/library/bootstrap/css/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/library/bootstrap/css/bootstrap.min.css
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30471106
status
200
cf-request-id
05d03f85030000c2b85a19a000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
W/"59672e96-1deac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5e2d684e6bdbc2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.css
static.whotwi.com/whotwi_web/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/common.css?20180327
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a86d5b5fcb0adc176517ec76f2e4c8891a16502d8305aa04939bf0f35d9ce9

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21747782
status
200
cf-request-id
05d03f85020000c2b85a199000000001
last-modified
Tue, 27 Mar 2018 07:44:07 GMT
server
cloudflare
etag
W/"5ab9f647-205f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
5e2d684e6bd9c2b8-FRA
cf-bgj
minify
socialdog_register_modal.css
static.whotwi.com/whotwi_web/css/ 		1 KB
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/socialdog_register_modal.css?20180327
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
222dc10adfe6a68bf11df2dc66253235d453b9b971432800426b26b24e016567

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
19224674
status
200
cf-request-id
05d03f85020000c2b83836a000000001
last-modified
Tue, 27 Mar 2018 07:45:15 GMT
server
cloudflare
etag
W/"5ab9f68b-569"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
5e2d684e6bd8c2b8-FRA
cf-bgj
minify
welcome.css
static.whotwi.com/whotwi_web/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/css/welcome.css?1522129276
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d89aa7e406b977fe29591cd0fba254386c873ad08b50a8d40a663c2b353e59c7

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21747313
status
200
cf-request-id
05d03f85030000c2b86a2a6000000001
last-modified
Tue, 27 Mar 2018 05:41:16 GMT
server
cloudflare
etag
W/"5ab9d97c-e85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
cf-ray
5e2d684e6bdcc2b8-FRA
cf-bgj
minify
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
gpt.js
www.googletagservices.com/tag/js/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d82222bd15b15d482909702e54a4c204371a138a55a5b2a92bf1285aa85d6bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"664 / 540 of 1000 / last-modified: 1602799739"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
17673
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:20 GMT
index_logo_pc_en.png
static.whotwi.com/whotwi_web/img/welcome/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/whotwi_web/img/welcome/index_logo_pc_en.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b34934b6fa28e88f3089771ffcac3dbe9c39dc873ad904f4cbf7dae16257e89

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4924308
status
200
content-length
7734
cf-request-id
05d03f85220000c2b8828c3000000001
last-modified
Tue, 30 Oct 2018 11:04:30 GMT
server
cloudflare
etag
"5bd83abe-1e36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5e2d684e9bfac2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
a1089751.js
js.gsspcln.jp/t/089/751/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://js.gsspcln.jp/t/089/751/a1089751.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.47.25.78 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 23:44:20 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/x-javascript
button-only@2x.png
b.st-hatena.com/images/entry-button/ 		441 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.st-hatena.com/images/entry-button/button-only@2x.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-91.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 01:19:26 GMT
via
1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
age
2499894
x-cache
Hit from cloudfront
status
200
content-length
441
last-modified
Wed, 13 May 2020 05:44:30 GMT
server
nginx
etag
"5ebb893e-1b9"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
x-amz-cf-id
EDmuzjkIO5n0vLnhApdDPeeefiPTjI2OCHL_rSDqo8X64x9txZTGhg==
expires
Fri, 17 Sep 2021 01:19:26 GMT
bookmark_button.js
b.st-hatena.com/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/js/bookmark_button.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.91 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-91.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
8c42a0975ff4ae6d3572e61c5b37679a6c8b5a3381a39afae58cd4fe1fde3649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 01:05:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
81537
x-cache
Hit from cloudfront
status
200
last-modified
Thu, 08 Oct 2020 05:46:42 GMT
server
nginx
etag
W/"5f7ea7c2-8766"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
via
1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
XLVRBOkec7A8AO2H5ohaiU4GWXLjUWN9r1LOUOjrP1H09YI4UJ4TSg==
expires
Fri, 16 Oct 2020 01:05:23 GMT
footer_whotwi_logo.png
static.whotwi.com/trends_web/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/trends_web/img/footer_whotwi_logo.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baabc0df5d263f582e49876c014dfc05ee82cfa7e32e4bd7f6e16144d2394688

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10300795
status
200
content-length
2646
cf-request-id
05d03f85220000c2b80eb4d000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
"59672e96-a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5e2d684e9bfbc2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
loading2.gif
static.whotwi.com/whotwi_web/img/common/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.whotwi.com/whotwi_web/img/common/loading2.gif
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac86ed07ad9909bc06f77b4bedeab15bf8e12d3aca9685c96cf4a3271993dc8

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30471106
status
200
content-length
10453
cf-request-id
05d03f85220000c2b82c346000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
"59672e96-28d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5e2d684e9bfcc2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 14:23:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120036
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29725
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Oct 2021 14:23:44 GMT
bootstrap.min.js
static.whotwi.com/whotwi_web/library/bootstrap/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/library/bootstrap/js/bootstrap.min.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15104120
status
200
cf-request-id
05d03f85210000c2b813214000000001
last-modified
Thu, 13 Jul 2017 08:25:58 GMT
server
cloudflare
etag
W/"59672e96-8fd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5e2d684e9bf7c2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
common.min.js
static.whotwi.com/whotwi_web/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.whotwi.com/whotwi_web/js/common.min.js?190724
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3324cfb21d40ee2038b00d7d859383b9f3e8ee53e23e4fbfac06fa7fbdccc853

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21747782
status
200
cf-request-id
05d03f85210000c2b85528f000000001
last-modified
Wed, 24 Jul 2019 08:44:12 GMT
server
cloudflare
etag
W/"5d381a5c-ed2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
5e2d684e9bf9c2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
socialdog_logo.png
ar.whotwi.com/common/img/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.whotwi.com/common/img/socialdog_logo.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:a10f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c414f5b95826eb6de86b1cee0e3e9fc678839796997ab46e029d11b3be01dd34

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
30470948
status
200
content-length
21044
cf-request-id
05d03f85230000c2b826b9f000000001
last-modified
Tue, 27 Mar 2018 07:44:07 GMT
server
cloudflare
etag
"5ab9f647-5234"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602805460"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
5e2d684e9bfdc2b8-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon-btn-tw@2x.png
social-dog.net/assets/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://social-dog.net/assets/img/icon-btn-tw@2x.png
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-76.vie50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1b7b649d1068038d118ebaa91b7e6c04d47d237fea1bbbc0343ec23ce9efd93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iVgO68sIXVZVMo9iTbejDw==
status
200
cross-origin-resource-policy
cross-origin
expires
Thu, 15 Oct 2020 23:55:27 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"b9185e983616a1abfb55b7f3fbfc6319"
x-fb-debug
YcnOC4uww82jkfCU3TZHhEn8govh7bOBzDy3l1GE5avjQCDxv1WOLppYvRzOGNuHgJibB8lNXvVHuSzeGTD6ZQ==
x-fb-trip-id
664085054
x-fb-content-md5
1ef9a22b2f8e27957fed8d3a93636966
date
Thu, 15 Oct 2020 23:44:20 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 23:44:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40F7)
Age
1454
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28698
plusone.js
apis.google.com/js/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
758564edb90e7304792f6d37364e79ed384934e13143efd6635d3b0e0ba4e626
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4937kWTVkXFvsLIKFkyAUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"55d429851f32fac761aa7dda5c357e83"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-4937kWTVkXFvsLIKFkyAUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 15 Oct 2020 23:44:20 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://ar.whotwi.com
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
status
200
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
sdk.js
connect.facebook.net/ar_AR/ 		194 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=03f392daf55394f204decc76abd3f1dd&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d171790b85ee1201a0fd7ff59673fde0c709a8ca859e76536f7fd0fc1f5b78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://ar.whotwi.com
Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gZK8HMjFCjdfeRDdLI3hSQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60073
etag
"b4a0c4b4f8d7f93c917672752f9883d0"
x-fb-debug
lt4BKLyF6+zchmCrGYZ8iUel6/Jg+H1feBHFRyLRiRr4d17HJuPeADm12CCC+HkVTzbMeYv5Iisu6+OfcamzWA==
x-fb-trip-id
664085054
x-fb-content-md5
d1990ada740fc64dbfc241239957474f
x-frame-options
DENY
date
Thu, 15 Oct 2020 23:44:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Fri, 15 Oct 2021 23:35:28 GMT
pubads_impl_2020101201.js
securepubads.g.doubleclick.net/gpt/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
sffe /
Resource Hash
46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 12 Oct 2020 08:39:13 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97729
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:20 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2laq3Py8kJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNOVyb6DDYv7xgJGtF_6RiAl0K1Kw/ 		137 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2laq3Py8kJk.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCNOVyb6DDYv7xgJGtF_6RiAl0K1Kw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5754a78fea82bb52d068d3c64de5ab9ae7ed70de719090407bb2ade232a5b7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 12 Oct 2020 11:21:27 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Oct 2020 15:53:30 GMT
server
sffe
age
303773
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
140661
x-xss-protection
0
expires
Tue, 12 Oct 2021 11:21:27 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ar.whotwi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
320 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ar.whotwi.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2121352011725579&correlator=1671409893056874&output=ldjh&impl=fifs&eid=21067692%2C21067711%2C21067753%2C21067654&vrg=2020101201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201015&iu_parts=21616213261%2Cwhotwi_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1602805460&dt=1602805460570&dlt=1602805460209&idt=345&frm=20&biw=1600&bih=1200&oid=3&adxs=498&adys=412&adks=213411077&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Far.whotwi.com%2F&dssz=17&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1460013368.1602805461&ga_sid=1602805461&ga_hid=1707473310&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
b02661d01daafd1dd63e2181a92bf3117e747a3ccb10d755d311aa01a02bb875
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11190
x-xss-protection
0
google-lineitem-id
4621449326
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138228710838
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
963f072bfb54dea173f795584cd29d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://963f072bfb54dea173f795584cd29d70.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0F0F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWw1XUiwJeZWeO8anMRwokQkJQpy8qReLVOCzF0-ABnZ0xkDET57lIFx3zpAVv7Nodqgz8k_UCLt0lj8-PhLlL13rCHd0qdq-OkNoicH_OxM5oH3e6_87KAFIG5mMpSKqDMlC0heL_SZ7ECBP8UiiUXQLsboOPliX5aOLEPeuzmX_cz41I89JG8k4gmiZNPEj6gBi2SM24I4WHm1fzNVG-2zIOytOCMNPLVurtTSuFER21YRNb5ubIx-9lBC01b2_hTA-71QhFNg&sai=AMfl-YRbDQpakAdMwjGrxt4R4B5bXkIpMsA-wYARS8sBwdiFzTQPjZODvHIb_ZqlIcfA18yJEgN42p1gYXtXf6RxQdd2swDOrv5Mnp4x7taEtWBkpVYqlF7MqOqcHWLFSrob&sig=Cg0ArKJSzB043yUff_xqEAE&adurl=
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 23:44:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:20 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/ Frame 0F0F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 21:22:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7201
x-xss-protection
0
server
cafe
etag
13490672151077077007
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Oct 2020 21:22:04 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/ Frame 0F0F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20201014/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 21:17:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1335
x-xss-protection
0
server
cafe
etag
1884878862150193934
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 29 Oct 2020 21:17:21 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 0F0F 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28907
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:20 GMT
l
www.google.com/ads/measurement/ Frame 0F0F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQVlvF8-HgxooLqWGcENQ0qNNrKqkr9Eebg5wjyrvHK6eE22M_AdSGNI1079EXGBnb089B7
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
13388516114383338360
tpc.googlesyndication.com/simgad/ Frame 0F0F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13388516114383338360
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f0d8fe61008540f69f8ecc34a59971c2f8d0840d19691aa7374aded93f12c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 11:04:04 GMT
x-content-type-options
nosniff
age
132016
x-dns-prefetch-control
off
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24211
x-xss-protection
0
last-modified
Tue, 27 Mar 2018 04:36:09 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Oct 2021 11:04:04 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1602674900477171"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27594
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0F0F 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi_U1F0OjgrnoloBvb5qmyErsBnOwxsR5VaPzP1rI53dzgZ7__QAtTu4HD6KWCJToqj-Ap4OgOmGnBvI_JnQ8oTcR0NXgwWF8Wy4grrCMXW9oevwTZp3O0KwNWgZf3_oFMlt5h0h4y2nktZzq3ej3vBzybTUcHu5xJfo8l4BMk5nPUHc0NyiwKnd1PJXuyd2F3AQvm1eE7faa2LahAk35dZocWIefleVUS3RjYv0s2nIv2EltGbOHo0KW_64bz0i3g_PRyx8yX5a-f&sai=AMfl-YSsIV_AaLO9mfnUFNWqUHfqCaQypSvJSNa3M9IvrUWOme4xqCiWUAGA56UkHmUMallyYMkHv-5Hg9jQ-auRccfpLikZkpcLlxdOFu-y7Mk47oyrV-hHaqAai9wuiTkZ&sig=Cg0ArKJSzNib05UDhogCEAE&adurl=
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 23:44:20 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 0F0F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1713ed765c655dda29b750a2aa0a5528c1ae352a1cf99cd5df3274889327a9b7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
/
b.hatena.ne.jp/entry/button/ Frame C954 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b.hatena.ne.jp/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
Requested by
Host: b.st-hatena.com
URL: https://b.st-hatena.com/js/bookmark_button.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-101.vie50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
b.hatena.ne.jp
:scheme
https
:path
/entry/button/?url=https%3A%2F%2Far.whotwi.com%2F&layout=simple-balloon&lang=ar&mode=popup
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

status
200
content-type
text/html; charset=utf-8
date
Thu, 15 Oct 2020 23:44:21 GMT
server
nginx
cache-control
public, max-age=3600, s-maxage=3600
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
Qgh8oZFTHVPeaXB5gbmhLOP6QUVDIfPl6B1C183XxYUZG6UB_oRfGA==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6896
date
Thu, 15 Oct 2020 21:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 15 Oct 2020 23:49:25 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 3732 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Far.whotwi.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
94458
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Oct 2020 23:44:21 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
like.php
www.facebook.com/v2.4/plugins/ Frame 2F37 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa7dfa50b4868%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff1fb5a7558bdb68%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=03f392daf55394f204decc76abd3f1dd&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.4/plugins/like.php?action=like&app_id=424683627555849&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa7dfa50b4868%26domain%3Dar.whotwi.com%26origin%3Dhttps%253A%252F%252Far.whotwi.com%252Ff1fb5a7558bdb68%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fwhotwi&layout=button_count&locale=ar_AR&sdk=joey&share=false&show_faces=false&size=small
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

status
200
vary
Accept-Encoding
pragma
no-cache
x-content-type-options
nosniff
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v3.1
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
28MiyAR55AAUPELlS/thoAY4Bb8KdDAqmtIoJrm1R0QPsnNfOWf50VL9qL8ddcRmlCIfKURvPteNqztEq5hjqw==
date
Thu, 15 Oct 2020 23:44:21 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 22:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3268
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:49:53 GMT
button.63c51c903061d0dbd843c41e8a00aa5a.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 15 Oct 2020 23:44:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/40F7)
Age
94457
Etag
"62d4b0301f07768d13f3ee5de8633739+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
collect
www.google-analytics.com/j/ 		4 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1707473310&t=pageview&_s=1&dl=https%3A%2F%2Far.whotwi.com%2F&ul=en-us&de=UTF-8&dt=%D8%AA%D8%AD%D9%84%D9%8A%D9%84%D8%A7%D8%AA%20%D8%AA%D9%88%D9%8A%D8%AA%D8%B1%20%D8%A7%D9%84%D8%B1%D8%B3%D9%88%D9%85%D9%8A%D8%A9%20%D8%A7%D9%84%D8%AE%D8%A7%D8%B5%D8%A9%20%D8%A8%D9%87%D9%88%D8%AA%D9%88%D9%8A%D8%AA%20%2F%20whotwi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEIhAAAAAC~&jid=578683321&gjid=344279997&cid=1460013368.1602805461&tid=UA-25118199-1&_gid=1759080841.1602805461&_r=1&_slc=1&cd1=0&cd2=OK&z=786663289
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:44:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
platform.twitter.com/widgets/ Frame 29A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
94316
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Oct 2020 23:44:21 GMT
Etag
"5030b87ffec4b1f5361fb415296bd958+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40F7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
14068
tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
platform.twitter.com/widgets/ Frame 90E5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.ar.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ar.whotwi.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
94400
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Oct 2020 23:44:21 GMT
Etag
"2b33715fab53b1e4043f899d26636a80+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:57 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40F7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12677
collect
stats.g.doubleclick.net/j/ 		4 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-25118199-1&cid=1460013368.1602805461&jid=578683321&gjid=344279997&_gid=1759080841.1602805461&_u=aChAAEIgAAAAAC~&z=615555686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 15 Oct 2020 23:44:21 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://ar.whotwi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-25118199-1&cid=1460013368.1602805461&jid=578683321&_u=aChAAEIgAAAAAC~&z=898637691
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-25118199-1&cid=1460013368.1602805461&jid=578683321&_u=aChAAEIgAAAAAC~&z=898637691
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jot.html
platform.twitter.com/ Frame 3492
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: ar.whotwi.com
URL: https://ar.whotwi.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://ar.whotwi.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
94457
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 15 Oct 2020 23:44:21 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40F7)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Thu, 15 Oct 2020 23:44:21 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Thu, 15 Oct 2020 23:44:21 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
1d6d86639febe298d98e8970716a2115
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
116
x-transaction
001b2f0c007c2fe3
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020101201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f04466c1aa36e702fe0ff77411eeebfa1b59cbee8ea60c90c5b4c606ea64eb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Oct 2020 23:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6359
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 15 Oct 2020 23:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1601061966610483"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6293
x-xss-protection
0
expires
Thu, 15 Oct 2020 23:44:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 9F17 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/217/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ar.whotwi.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ar.whotwi.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4867
date
Thu, 15 Oct 2020 21:46:53 GMT
expires
Fri, 15 Oct 2021 21:46:53 GMT
last-modified
Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7048
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020101201&jk=2121352011725579&bg=!i4iliKjNAAWqWepuqlhCyypw3MDJZQIAAABRUgAAAAwKAUurFR0xOGmTnvYXOQ30hZf3dqDo4LQcM_3oueP7vcGDH2s1fygz5NbMJM5NtyYWYODrZ_wZd35D3T4WVicFkhkXcnRaZ46ptHAfEo8_wCb-KT5rlk2EIg9MkTHXDDofSEkRaukPhU_uPCLxiWw8924FAZ9oy1T5yKciJg-T0-lxf1ys8IkS9dM8zhXFZPsYFVmlp_jktd4ujzz1wInNiD_t7WkpYxVljdUmWZjEfn4TtRzxfCNeN4KdXR61fk8WVmM7FsDM8teNu8rznk73WoAsDU0m93v5CLGQhNENCz1-VoAYNz2tfewUls8QqArATqd5v4y6J9i3eZVfwr7ZSPE_n3-9d-3SLFZja75Bl4fQiYsPIQvk_RXcILVOUYUXXw0csEeGG211-vFFiSUfoifFf8Vkgf3Rxn2vL51Jt6KCZmBaPXGehnMu1zlTmQGmRImZiRDXxJDUq0rN8-2o5VxdFSC9rY7u3SBFdEoFKJcHkXuQeMOftuaWaGhN_hVg3uJI5T-vFGfllBWq1TQV65KuTdg6XWNi9YvsbhbLg7KbKrn7oMsZ9K4JEBMUVtVLwpY8JOMeGHv9IGQSP36EjVYJziNT-Ov81Jj5XCFlAqA102llyG4bW8yS2uhBikj4Kf17qqhayPIvzvS7SwGgRSjKuUfobWj1Bw2cBTJ4ggrif7J45Q9BUpQ4l0sECrWlrIYI9jFQyaTdhTunZem049W_r8cfmfM7B5kqreTUh6ajLEDyDfK0z46jpDOKIYC934guthNBWJA67YGOqZoJICRnxyiWcE67oua1PhP0WX7RFDVDPws-52g1o3foZ5ei3vd-t-MzAb1UCdTfnWP1YHDlWPYzF_YsB8XmZfYFGpVO9z7NSSqF4KRSuYWlvDT89Ed4Yeaqm7v4e2oPIWDhhGk9AbvUzHmuX9Qt_qJWsz6QxrAXFggweBybO-zQxyBHAPJGmfe6A97JJ2xRW0ozpuqZj4V4wCVXW-HBjHl6_VSpvfBe61s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F0F 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp6kommIRv6vsTwmN-e9CmFUB9Z4PJmrl5eHagX3urj3GqKJdzBsZXAQU3w1HETFZRqrRCaZq5Jqr9N4ODISn2FzSYo_gdn_-dizVUjp0&sig=Cg0ArKJSzLjOx_nSj2IWEAE&adk=213411077&tt=-1&bs=1600%2C1200&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&p=417,498,667,798&postrxl=1&mcvt=1027&rs=0&ht=0&tfs=111&tls=1138&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=33&md=2&btr=0&cpmav=0&lm=2&rst=1602805460704&dlt&rpt=94&isd=0&msd=0&xdi=0&bmi=1&ps=1600%2C1144&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-6-11-11-0-0-0&tvt=1133&is=300%2C250&iframe_loc=https%3A%2F%2Far.whotwi.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201014
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ar.whotwi.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Oct 2020 23:44:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| NREUM object| newrelic function| __nr_require object| googletag function| fbAsyncInit object| twttr object| FB object| __twttrll object| __twttr object| ggeac object| google_js_reporting_queue object| gapi object| ___jsl object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Hatena object| page_data function| $ function| jQuery object| whotwi function| open_profile_modal string| url object| ga_debug string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.whotwi.com/ Name: _gat
Value: 1
.whotwi.com/ Name: _gid
Value: GA1.2.1759080841.1602805461
.whotwi.com/ Name: _ga
Value: GA1.2.1460013368.1602805461
.whotwi.com/ Name: __gads
Value: ID=8f10f335b5553857-22127915fdb80072:T=1602805460:S=ALNI_MaS0bd0FleaCbZISl_Hcd3Leup8yg
.whotwi.com/ Name: csrf_cookie_name
Value: 93a3bd29620a2b189dca402318365f89
.whotwi.com/ Name: __cfduid
Value: da70ed8518e1041aade3ef6762aed42de1602805459

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

963f072bfb54dea173f795584cd29d70.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
ar.whotwi.com
b.hatena.ne.jp
b.st-hatena.com
connect.facebook.net
js.gsspcln.jp
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
platform.twitter.com
securepubads.g.doubleclick.net
social-dog.net
static.whotwi.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.244.42.72
172.217.18.98
2001:4de0:ac19::1:b:1a
202.47.25.78
2606:2800:234:59:254c:406:2366:268c
2606:4700:3031::681b:a10f
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:814::2004
2a00:1450:4001:814::200e
2a00:1450:4001:819::2004
2a00:1450:4001:819::200a
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:820::2001
2a00:1450:4001:824::2002
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
99.86.243.101
99.86.243.76
99.86.243.91
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1713ed765c655dda29b750a2aa0a5528c1ae352a1cf99cd5df3274889327a9b7
191e44b7867c9a51bf9c2f14a2c00a4d919ad686c7dd999ed658a93d74764a23
1b7b649d1068038d118ebaa91b7e6c04d47d237fea1bbbc0343ec23ce9efd93a
20d9780645e96c5273c4e1b6f46b94518dd9de586dbaf178f841c8151931e26a
222dc10adfe6a68bf11df2dc66253235d453b9b971432800426b26b24e016567
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24a86d5b5fcb0adc176517ec76f2e4c8891a16502d8305aa04939bf0f35d9ce9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
3324cfb21d40ee2038b00d7d859383b9f3e8ee53e23e4fbfac06fa7fbdccc853
46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4b34934b6fa28e88f3089771ffcac3dbe9c39dc873ad904f4cbf7dae16257e89
4f0d8fe61008540f69f8ecc34a59971c2f8d0840d19691aa7374aded93f12c27
52f7679a6157f3fbbe5ec30d613e5ddd98121049d1bc60b890a8b32da7be8865
5754a78fea82bb52d068d3c64de5ab9ae7ed70de719090407bb2ade232a5b7ee
5d171790b85ee1201a0fd7ff59673fde0c709a8ca859e76536f7fd0fc1f5b78f
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
758564edb90e7304792f6d37364e79ed384934e13143efd6635d3b0e0ba4e626
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c42a0975ff4ae6d3572e61c5b37679a6c8b5a3381a39afae58cd4fe1fde3649
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02661d01daafd1dd63e2181a92bf3117e747a3ccb10d755d311aa01a02bb875
baabc0df5d263f582e49876c014dfc05ee82cfa7e32e4bd7f6e16144d2394688
c414f5b95826eb6de86b1cee0e3e9fc678839796997ab46e029d11b3be01dd34
cac86ed07ad9909bc06f77b4bedeab15bf8e12d3aca9685c96cf4a3271993dc8
d2da3bdfb97c04360c684feeaac2a007c4a391f0b7623a0294f5c8eb3a91afc4
d82222bd15b15d482909702e54a4c204371a138a55a5b2a92bf1285aa85d6bd3
d89aa7e406b977fe29591cd0fba254386c873ad08b50a8d40a663c2b353e59c7
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6deab93ae202482c73676e54f020aa81eb2be2ce75ec8a62bf2394d0176f93a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04466c1aa36e702fe0ff77411eeebfa1b59cbee8ea60c90c5b4c606ea64eb57