urlscan.io logo urlscan.io
SecurityTrails logo

halmanaldubi.com Open in urlscan Pro
35.244.203.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://halmanaldubi.com/provident-funds/
Submission: On February 07 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 54 HTTP transactions. The main IP is 35.244.203.194, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is halmanaldubi.com.
TLS certificate: Issued by R3 on January 28th 2023. Valid for: 3 months.
This is the only time halmanaldubi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    35.244.203.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.203.244.35.bc.googleusercontent.com
halmanaldubi.com
1    95.216.10.178 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.178.10.216.95.clients.your-server.de
con1.sometimesfree.biz
5    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.userway.org
1    2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.167.73.94 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-73-94.us-west-2.compute.amazonaws.com
api.userway.org
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
32 halmanaldubi.com
halmanaldubi.com
253 KB
6 userway.org
cdn.userway.org — Cisco Umbrella Rank: 4582
api.userway.org — Cisco Umbrella Rank: 4539
44 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
91 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5986
562 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
71 KB
1 sometimesfree.biz
con1.sometimesfree.biz
7 KB
0 traffictrade.life Failed
traffictrade.life Failed
54 11
Domain Requested by
32 halmanaldubi.com halmanaldubi.com
5 cdn.userway.org halmanaldubi.com
cdn.userway.org
3 connect.facebook.net halmanaldubi.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de halmanaldubi.com
2 www.google.com halmanaldubi.com
1 www.facebook.com halmanaldubi.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 api.userway.org cdn.userway.org
1 www.googletagmanager.com halmanaldubi.com
1 con1.sometimesfree.biz halmanaldubi.com
0 traffictrade.life Failed halmanaldubi.com
54 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
plus.google.com
www.everests.co.il
Subject Issuer Validity Valid
www.hag.co.il
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
sometimesfree.biz
R3		 2023-01-14 -
2023-04-14		 3 months crt.sh
1667503734.rsc.cdn77.org
R3		 2023-01-02 -
2023-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
api.userway.org
Amazon		 2022-10-02 -
2023-10-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-16 -
2023-02-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://halmanaldubi.com/provident-funds/
Frame ID: 9F3C37B9AEFD06908F87804477AF4CA2
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Provident Funds - Halman Aldubi

Page URL History Show full URLs

  1. https://halmanaldubi.com/provident-funds/ Page URL
  2. https://halmanaldubi.com/provident-funds/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

54
Requests

39 %
HTTPS

75 %
IPv6

11
Domains

13
Subdomains

13
IPs

5
Countries

488 kB
Transfer

1265 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://halmanaldubi.com/provident-funds/ Page URL
  2. https://halmanaldubi.com/provident-funds/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
halmanaldubi.com/provident-funds/ 		42 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
31bf9fa510faa916d7ba23269fed1cf7aaf11eeb360233dee54221f791e78723

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
clear
cache-control
no-cache, private, no-transform, no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 14:39:44 GMT
expires
Thu, 01 Jan 1970 00:01:48 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
server
rhino-core-shield
vary
Accept-Encoding
via
1.1 google
LuDFzI5oN9U5JStGIWWXPFxXuxlIxitc
halmanaldubi.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/ 		257 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/7060ac19f50208cbb6b45328ef94140a612ee92387e015594234077b4d1e64f1/LuDFzI5oN9U5JStGIWWXPFxXuxlIxitc
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
ef97c33bb9e410f408251139f72b2538781861e7fb6dc4caecc1b5ebc34df595

Request headers

Referer
https://halmanaldubi.com/provident-funds/
x-zebra-IdHb4IGx
N2M1ODM1MjdkZTViODhlMzljNThkZjhiYjJiZWQ5ZTM2MjI3YmJjNTskKGhhc2gpO194Y2FsYyhhcmd1bWVudHMuY2FsbGUpOzA7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTswOyQoaGFzaCk7X3hjYWxjKGFyZ3VtZW50cy5jYWxsZSk7ZGlzYWJsZWQ7JChoYXNoKTtfeGNhbGMoYXJndW1lbnRzLmNhbGxlKTs3RkJMYmpnUjNrak5HOWY1MUZZdEVNSW1kQVN6czFsdmloQVhXaXN2WStOWkUyTXVUb29meGNJTkFNK1BpZ0o0Sno5V0dLamlVOTBTQk5lSktyZG9ST2lYUy9RSGZjWm04Z29YUE1ZWU4vbktoN3hER2U3SGoyNURZbFNXaWFUK3dadFBsSGwwWXBQQnVtYzFQaWpTMHpPMGZNL0t1ZUExQzZ5UGpENWdSTHhJYmdXSlZsbHBlWHh0QjFHc2pBNUhBQTRnVWQrSDdJNVNwVStzMWdYazlaR0h2SzMyY0d0U0pYNk5nc2JSYUtRPQ--
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Feb 2023 14:39:44 GMT
via
1.1 google
server
rhino-core-shield
alt-svc
clear
content-type
application/octet-stream
/
halmanaldubi.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/ 		11 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/8d47-ffc3-0f63-4b3c-c5c9-5699-6d5b-3a1f/d/
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
d02b35f3bf91b15160bbeb7952fc2f752e15fde022ab2d226b1d0c27d30e8e87

Request headers

Referer
https://halmanaldubi.com/provident-funds/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 07 Feb 2023 14:39:44 GMT
content-encoding
gzip
via
1.1 google
server
rhino-core-shield
alt-svc
clear
vary
Accept-Encoding
content-type
text/plain
Primary Request /
halmanaldubi.com/provident-funds/ 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/provident-funds/
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
68ded62d1cd86aab8a8f3c6dd2bac27b412543e1ab40dac257d4124e1c3a3c58

Request headers

Referer
https://halmanaldubi.com/provident-funds/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
clear
content-encoding
gzip
content-length
8086
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 14:39:45 GMT
link
<https://halmanaldubi.com/wp-json/>; rel="https://api.w.org/", <https://halmanaldubi.com/wp-json/wp/v2/pages/236>; rel="alternate"; type="application/json", <https://halmanaldubi.com/?p=236>; rel=shortlink
server
rhino-core-shield
vary
Accept-Encoding,User-Agent
via
1.1 google
style.css
halmanaldubi.com/wp-content/themes/hag/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/style.css
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
76319b4651560f6c14b3b9d82b6c05126e49baa899fd57e3e00dd987e19010a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 21 Feb 2022 07:56:56 GMT
server
rhino-core-shield
etag
W/"621345c8-ade8"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
style.min.css
halmanaldubi.com/wp-includes/css/dist/block-library/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 01 Feb 2022 12:09:41 GMT
server
rhino-core-shield
etag
W/"61f92305-1357b"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
owl.carousel.css
halmanaldubi.com/wp-content/themes/hag/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/css/owl.carousel.css?ver=5.9
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:05 GMT
server
rhino-core-shield
etag
W/"5cff8aa5-1206"
vary
Accept-Encoding
content-type
text/css
alt-svc
clear
jquery.min.js
halmanaldubi.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 24 Jan 2022 14:57:54 GMT
server
rhino-core-shield
etag
W/"61eebe72-15db1"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
jquery-migrate.min.js
halmanaldubi.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 24 Jan 2022 14:57:54 GMT
server
rhino-core-shield
etag
W/"61eebe72-2bd8"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
backtotop.png
halmanaldubi.com/wp-content/themes/hag/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/backtotop.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
c73cde48e743d23c1a54fe27461963d2391c139ef4fb4b8bef92482dc920af18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-1307"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
4871
header-logo.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/header-logo.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
bd9451936c1c5846fbe7cc24841e26fe0062de5df037de3c85d3893a8bdb45a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:02:08 GMT
server
rhino-core-shield
etag
"5762a350-1bc8"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
7112
c.js
con1.sometimesfree.biz/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://con1.sometimesfree.biz/c.js
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.10.178 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.178.10.216.95.clients.your-server.de
Software
nginx /
Resource Hash
4657eb9fb940ff8303a6ef3632c0d0b4214e27035e7c4cb7d9a9e1876582d3b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 14:39:46 GMT
Strict-Transport-Security
max-age=15768000
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 14:39:46 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
scripts.js
traffictrade.life/ 		0
0
financial-products-content-img.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/financial-products-content-img.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
337ddd1da079996a46d2bdfdce8fdc6ae9ffbd5b88a5097fcbd26dc6d79066c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Sun, 24 Apr 2016 13:27:54 GMT
server
rhino-core-shield
etag
"571cc9da-89e5"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
35301
clalit.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/clalit.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
0ebfbd14a2bbd10191f7bce85ff3f2d1796776a885b1f432785e3812346426dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:00:49 GMT
server
rhino-core-shield
etag
"5762a301-dd8"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
3544
%D7%9E%D7%A9%D7%A8%D7%93-%D7%94%D7%91%D7%A8%D7%99%D7%90%D7%95%D7%AA.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/%D7%9E%D7%A9%D7%A8%D7%93-%D7%94%D7%91%D7%A8%D7%99%D7%90%D7%95%D7%AA.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
d2ab590e90133870b0f61652a63c4a52cf778096af7b32fd9b9a803a6c03bdbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
server
rhino-core-shield
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://halmanaldubi.com/wp-json/>; rel="https://api.w.org/"
content-length
5882
alt-svc
clear
expires
Wed, 11 Jan 1984 05:00:00 GMT
mercantile.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/mercantile.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
f8c9f6ecf1c36d485f7bdbf2e77b696fe7e1fea85c30037008065a783649816b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:01:37 GMT
server
rhino-core-shield
etag
"5762a331-bbc"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
3004
bezq.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/bezq.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
a2b7620defd2389866a1b1ddb3ffb22a2aa19497b030ed1e4dee61562873311f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:00:10 GMT
server
rhino-core-shield
etag
"5762a2da-b13"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
2835
KANAT.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/KANAT.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
5af52364340bc323ad59bbb4daaf918c87fc33f94285044192ec29db836904fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:01:06 GMT
server
rhino-core-shield
etag
"5762a312-ddd"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
3549
perrigo.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/perrigo.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9fe590c54c25234deb1bc8037e3991cce62b997b92bd1286abd0ef85ebd9ea94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Thu, 16 Jun 2016 13:00:25 GMT
server
rhino-core-shield
etag
"5762a2e9-eff"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
3839
everest.png
halmanaldubi.com/wp-content/themes/hag/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/everest.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
1bf0b50764522295485cef9c5f72c008c5f87b9232dabed3dd38a7852e83e239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-5a9"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1449
widget.js
cdn.userway.org/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widget.js
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
054d5ede11056be70cecfffe57c03c348425ad4a11f6e4703ff4d362cca6214e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 aab20e139d19ec02808b956cd239fe40.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
CDG50-C2
age
458
x-cache
HIT
x-77-cache
HIT
x-age
1916
x-77-nzt
AcO1qhEO+Gr/fAcAAA
x-accel-expires
@1675782470
last-modified
Mon, 06 Feb 2023 11:57:26 GMT
server
CDN77-Turbo
etag
W/"6032c0529045d0f2669eeeae12aa81f0"
x-77-nzt-ray
4c15622409558a99b262e2636666f718
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
9cfmiXqo-P1EfXP1r7ix2BYlJO2N15IwbpYEZ-1kq-wPahSPqqOb5w==
style.css
halmanaldubi.com/wp-content/plugins/userway-accessibility-widget/assets/ 		245 B
244 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/plugins/userway-accessibility-widget/assets/style.css?ver=5.9
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
2054a8d43c3ea09136a56bb8ddaa50869c57b49ae11242b9052160d7f15220bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:05 GMT
server
rhino-core-shield
x-accel-version
0.01
etag
"f5-58b0a415396c9-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
alt-svc
clear
content-length
136
navigation.js
halmanaldubi.com/wp-content/themes/hag/js/ 		2 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/js/navigation.js?ver=20151215
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
W/"5cff8aa6-900"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
skip-link-focus-fix.js
halmanaldubi.com/wp-content/themes/hag/js/ 		880 B
560 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
x-accel-version
0.01
etag
"370-58b0a415bad19-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
alt-svc
clear
content-length
472
theme-functions.js
halmanaldubi.com/wp-content/themes/hag/js/ 		811 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/js/theme-functions.js?ver=20151215
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
82a1a0e892b9db83613c704e656da4665443511694d5bb9236d62f0ab9fb514b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
x-accel-version
0.01
etag
"32b-58b0a415bb101-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
alt-svc
clear
content-length
398
SmoothScroll.min.js
halmanaldubi.com/wp-content/plugins/mousewheel-smooth-scroll/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/plugins/mousewheel-smooth-scroll/js/SmoothScroll.min.js?ver=1.4.9.1
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
7854724d60c5506935f322e918940e94dd53104aebdf5f419d8b14234651938a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:06:43 GMT
server
rhino-core-shield
etag
W/"5cff8b43-1d18"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
wpmss.min.js
halmanaldubi.com/wp-content/plugins/mousewheel-smooth-scroll/js/ 		216 B
281 B 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/plugins/mousewheel-smooth-scroll/js/wpmss.min.js?ver=1560251081
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
e1143777e7ba15470e9b04183d432867c8bee70a277a879d003e575099a097f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:06:43 GMT
server
rhino-core-shield
x-accel-version
0.01
etag
"d8-58b0a4ac636b7-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
alt-svc
clear
content-length
172
owl.carousel.min.js
halmanaldubi.com/wp-content/themes/hag/js/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-content/themes/hag/js/owl.carousel.min.js
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
W/"5cff8aa6-9dd1"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
wp-emoji-release.min.js
halmanaldubi.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://halmanaldubi.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 24 Jan 2022 14:57:54 GMT
server
rhino-core-shield
etag
W/"61eebe72-4705"
vary
Accept-Encoding
content-type
application/javascript
alt-svc
clear
financial-products.jpg
halmanaldubi.com/wp-content/uploads/2016/04/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/uploads/2016/04/financial-products.jpg
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
2d8b8ff02d73a545f5843af6a2b8084c5e5e71ceb378d836b93c2857c1103dc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/provident-funds/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Sun, 24 Apr 2016 13:27:55 GMT
server
rhino-core-shield
etag
"571cc9db-ebb3"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
clear
content-length
60339
arrow.png
halmanaldubi.com/wp-content/themes/hag/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/arrow.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/wp-content/themes/hag/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
3ead239e9ff85cabe5149606e2a1042f3b5358852e9ddf9a4da145e79577f986

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/wp-content/themes/hag/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-4af"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1199
fb-small.png
halmanaldubi.com/wp-content/themes/hag/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/fb-small.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/wp-content/themes/hag/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
cb6f0437fc880142d555776f89bb20d5efe24bf68a3489f6a227eb35c8146bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/wp-content/themes/hag/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-5b4"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1460
in-small.png
halmanaldubi.com/wp-content/themes/hag/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/in-small.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/wp-content/themes/hag/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
b6b9593bac121838843fa0e4497568162f9e15a3088edced5b08102fccfb80db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/wp-content/themes/hag/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-5bf"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
1471
gplus-small.png
halmanaldubi.com/wp-content/themes/hag/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halmanaldubi.com/wp-content/themes/hag/images/gplus-small.png
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/wp-content/themes/hag/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.203.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.203.244.35.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
3d09545e890547a7e1920645b9c64bfedf121451779b42f740808014c581d949

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/wp-content/themes/hag/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 google
last-modified
Tue, 11 Jun 2019 11:04:06 GMT
server
rhino-core-shield
etag
"5cff8aa6-8b5"
content-type
image/png
accept-ranges
bytes
alt-svc
clear
content-length
2229
gtm.js
www.googletagmanager.com/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ4HMS
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b167a048ff8b18709c94fb1525ac78711a1c033b9e18a7aa64764d004b2f323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71898
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Feb 2023 14:39:46 GMT
widget_app_base_1675684465200.js
cdn.userway.org/widgetapp/2023-02-06/ 		129 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-02-06/widget_app_base_1675684465200.js
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a669f84af91ff29779c6b9112ab8e2aadbf205be3b99dce70c4768ac93d6e778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Feb 2023 14:39:46 GMT
via
1.1 69f40ac73ba4c1681383645ee8ba8ab0.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
CDG50-C2
age
62
x-cache
HIT
x-77-cache
HIT
x-age
95917
x-77-nzt
AcO1qhEXarz/rXYBAA
x-accel-expires
@1701604869
last-modified
Mon, 06 Feb 2023 11:57:23 GMT
server
CDN77-Turbo
etag
W/"3f4f911da1aa27c9c9503e35c876f77d"
x-77-nzt-ray
4c15622409558a99b262e263662c4726
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
am_xqXkrfsJfIOiHqTzymhSaaZcZesktA47chHXTnipJw2Yd8rkmCQ==
oXqZWFJDj3
api.userway.org/api/tunings/ 		792 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/oXqZWFJDj3
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-02-06/widget_app_base_1675684465200.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.73.94 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-73-94.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d59bc96b30e1437bdb8dbc92e89fc928453ec046bd93ea5d44f4b24e181d4c26

Request headers

Referer
https://halmanaldubi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 07 Feb 2023 14:39:47 GMT
etag
W/"318-J69jqKFa/9pK8KX09bVHWfzvXcM"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usr9885ded4af7c4ed
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
access-control-allow-headers
*
content-length
792
x-service-version
uw-pr
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ4HMS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 12:54:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6296
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 07 Feb 2023 14:54:50 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/996492274/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/996492274/?random=1675780786873&cv=11&fst=1675780786873&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&ref=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&tiba=Provident%20Funds%20-%20Halman%20Aldubi&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ4HMS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592ecb1f75864874480e72bde44d1820e1a1c95e5705e702464b4cb202dd115b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
877
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Feb 2023 14:39:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
iFjlg5SzGoP2KtZ97DOdaJGFjpu9pxCmvMWSGQKv6smgOafO9BJgDHsJu//RBQ27SCy3aD0uTkAv8o018BpLkw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=996442171&t=pageview&_s=1&dl=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&ul=en-us&de=UTF-8&dt=Provident%20Funds%20-%20Halman%20Aldubi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=232837341&gjid=895996935&cid=1985890276.1675780787&tid=UA-22343594-1&_gid=1354478059.1675780787&_r=1&_slc=1&gtm=45He3210n71WZ4HMS&z=935404835
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://halmanaldubi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halmanaldubi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
525517791115621
connect.facebook.net/signals/config/ 		150 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/525517791115621?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fb2b253346a0bda3d92fc6f4a81a835bcdfe58a2e27e3851b44e49a46eeea7e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Feb 2023 14:39:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
KE4yePJ8BrSaBewTMfV2AQUeoQ2pB10zVe8j5oJrQBKon3MG09SeNWyXa1D8X6w2b6U3lVEXkPpUsdy2RZZ14A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-22343594-1&cid=1985890276.1675780787&jid=232837341&gjid=895996935&_gid=1354478059.1675780787&_u=YGBACEAABAAAACAAI~&z=2114900364
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://halmanaldubi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Feb 2023 14:39:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://halmanaldubi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/996492274/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/996492274/?random=1675780786873&cv=11&fst=1675778400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&ref=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&tiba=Provident%20Funds%20-%20Halman%20Aldubi&fmt=3&is_vtc=1&random=34934089&rmt_tld=0&ipr=y
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/996492274/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/996492274/?random=1675780786873&cv=11&fst=1675778400000&bg=ffffff&guid=ON&async=1&gtm=45He3210&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&ref=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&tiba=Provident%20Funds%20-%20Halman%20Aldubi&fmt=3&is_vtc=1&random=34934089&rmt_tld=1&ipr=y
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22343594-1&cid=1985890276.1675780787&jid=232837341&_u=YGBACEAABAAAACAAI~&z=662054104
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-22343594-1&cid=1985890276.1675780787&jid=232837341&_u=YGBACEAABAAAACAAI~&z=662054104
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 14:39:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.95
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 07 Feb 2023 14:39:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
nPeC9sa69Lvlzyi+O1zk4qzXrLj1QTOD1XAlwOqbzzqvXhWiUGZ3rkUqrwRf8f8zHFXe5mhRLtZMSS6avXs8rA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=525517791115621&ev=PageView&dl=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&rl=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&if=false&ts=1675780787186&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1675780787184.907681051&it=1675780786982&coo=false&rqm=GET
Requested by
Host: halmanaldubi.com
URL: https://halmanaldubi.com/provident-funds/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 07 Feb 2023 14:39:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=996442171&t=timing&_s=2&dl=https%3A%2F%2Fhalmanaldubi.com%2Fprovident-funds%2F&ul=en-us&de=UTF-8&dt=Provident%20Funds%20-%20Halman%20Aldubi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2340&pdt=3&dns=0&rrt=0&srt=1073&tcp=0&dit=1727&clt=1727&_gst=1961&_gbt=2039&_u=YGBACEABBAAAACAAI~&jid=&gjid=&cid=1985890276.1675780787&tid=UA-22343594-1&_gid=1354478059.1675780787&gtm=45He3210n71WZ4HMS&z=356234967
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 02:42:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43039
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
en-US.json
cdn.userway.org/widgetapp/2023-02-06/locales/ 		433 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2023-02-06/locales/en-US.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-02-06/widget_app_base_1675684465200.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Feb 2023 14:39:47 GMT
via
1.1 8406a060d9a8128ff1642e549dbb75bc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
CDG50-C2
age
58
x-cache
HIT
x-77-cache
HIT
x-age
95857
x-77-nzt
AcO1qhEu2k7/cXYBAA
x-accel-expires
@1701604930
last-modified
Mon, 06 Feb 2023 11:57:23 GMT
server
CDN77-Turbo
etag
W/"0c4b53012957584c54e80867ff489590"
x-77-nzt-ray
4c156224324edebbb362e2639b6e7228
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-id
KGWqxrBKBlPhqLJErojXbDBlUaiuUVyBsRZSc41wsSi61nwPs5NQsg==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Feb 2023 14:39:48 GMT
via
1.1 1e1b63f715ae11e79ed87d9679a26800.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
WAW51-P2
age
62
x-cache
HIT
x-77-cache
HIT
x-age
2171486
x-77-nzt
AcO1qhF/TFb/XiIhAA
x-accel-expires
@1699529302
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"2ec2767a3bb93656fb9b75c893d7be75"
x-77-nzt-ray
4c15622409558a99b462e26385c44608
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
x-amz-cf-id
lg-7PZQyPyeJu5Kc_0DD2-Es7zycGTUMkzHURALm-OEIrJDQuB4GVw==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://halmanaldubi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 07 Feb 2023 14:39:48 GMT
via
1.1 b8d1cf586cbe91345c9d2bf68b70ae14.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
WAW51-P2
age
62
x-cache
HIT
x-77-cache
HIT
x-age
2171486
x-77-nzt
AcO1qhEWsHj/XiIhAA
x-accel-expires
@1699529302
last-modified
Fri, 13 Jan 2023 11:00:14 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
4c15622409558a99b462e263be3f4c08
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
RIYQdzipBwMNtQn0j5WWplh6BDHQETtIv3wzAq5v_iXOcMFmaXY7VA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
traffictrade.life
URL
https://traffictrade.life/scripts.js

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| _userway_config object| UserWayWidgetApp function| SmoothScroll object| dataLayer object| twemoji object| wp function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| supportedLanguages object| mapToSupportedLanguages object| supportedLocales string| DEFAULT_FALLBACK_LANGUAGE function| supports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| UserWay

8 Cookies

Domain/Path Name / Value
halmanaldubi.com/ Name: GCLB
Value: CKruvOSP0Ye7eA
.halmanaldubi.com/ Name: rbzid
Value: 7FBLbjgR3kjNG9f51FYtEMImdASzs1lvihAXWisvY+NZE2MuToofxcINAM+PigJ4Jz9WGKjiU90SBNeJKrdoROiXS/QHfcZm8goXPMYYN/nKh7xDGe7Hj25DYlSWiaT+wZtPlHl0YpPBumc1PijS0zO0fM/KueA1C6yPjD5gRLxIbgWJVllpeXxtB1GsjA5HYGzjixkuxsILgseKDzSwhzBLGUl4R1qROy6/2p98Ta8sQhW/vwnogcgVkgtolD7x
.halmanaldubi.com/ Name: rbzsessionid
Value: 0559396c11a523ed8a86b2499a517358
.halmanaldubi.com/ Name: _ga
Value: GA1.2.1985890276.1675780787
.halmanaldubi.com/ Name: _gid
Value: GA1.2.1354478059.1675780787
.halmanaldubi.com/ Name: _gat_UA-22343594-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.halmanaldubi.com/ Name: _fbp
Value: fb.1.1675780787184.907681051

2 Console Messages

Source Level URL
Text
network error URL: https://traffictrade.life/scripts.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://halmanaldubi.com/wp-content/uploads/2016/04/%D7%9E%D7%A9%D7%A8%D7%93-%D7%94%D7%91%D7%A8%D7%99%D7%90%D7%95%D7%AA.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userway.org
cdn.userway.org
con1.sometimesfree.biz
connect.facebook.net
googleads.g.doubleclick.net
halmanaldubi.com
stats.g.doubleclick.net
traffictrade.life
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
traffictrade.life
2a00:1450:4001:813::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c07::9c
2a00:1450:400d:808::2002
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2004
2a02:6ea0:c700::19
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.167.73.94
35.244.203.194
95.216.10.178
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
054d5ede11056be70cecfffe57c03c348425ad4a11f6e4703ff4d362cca6214e
0ebfbd14a2bbd10191f7bce85ff3f2d1796776a885b1f432785e3812346426dd
1b167a048ff8b18709c94fb1525ac78711a1c033b9e18a7aa64764d004b2f323
1bf0b50764522295485cef9c5f72c008c5f87b9232dabed3dd38a7852e83e239
1fb2b253346a0bda3d92fc6f4a81a835bcdfe58a2e27e3851b44e49a46eeea7e
2054a8d43c3ea09136a56bb8ddaa50869c57b49ae11242b9052160d7f15220bf
2d8b8ff02d73a545f5843af6a2b8084c5e5e71ceb378d836b93c2857c1103dc9
31bf9fa510faa916d7ba23269fed1cf7aaf11eeb360233dee54221f791e78723
337ddd1da079996a46d2bdfdce8fdc6ae9ffbd5b88a5097fcbd26dc6d79066c2
3d09545e890547a7e1920645b9c64bfedf121451779b42f740808014c581d949
3ead239e9ff85cabe5149606e2a1042f3b5358852e9ddf9a4da145e79577f986
4657eb9fb940ff8303a6ef3632c0d0b4214e27035e7c4cb7d9a9e1876582d3b1
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
592ecb1f75864874480e72bde44d1820e1a1c95e5705e702464b4cb202dd115b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5af52364340bc323ad59bbb4daaf918c87fc33f94285044192ec29db836904fc
68ded62d1cd86aab8a8f3c6dd2bac27b412543e1ab40dac257d4124e1c3a3c58
695918800576ee63a085fc0121165a8725777162e76eec8740e67355358f6e89
76319b4651560f6c14b3b9d82b6c05126e49baa899fd57e3e00dd987e19010a5
7854724d60c5506935f322e918940e94dd53104aebdf5f419d8b14234651938a
7b6fef0a63424245b31b293b1a3bfd074c9da482e28fb9e920e1cf306e54e8a2
82a1a0e892b9db83613c704e656da4665443511694d5bb9236d62f0ab9fb514b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
9fe590c54c25234deb1bc8037e3991cce62b997b92bd1286abd0ef85ebd9ea94
a2b7620defd2389866a1b1ddb3ffb22a2aa19497b030ed1e4dee61562873311f
a545fe148926bea910674f88ba47fd4aca984902ebccad3a4942142360524347
a669f84af91ff29779c6b9112ab8e2aadbf205be3b99dce70c4768ac93d6e778
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b6b9593bac121838843fa0e4497568162f9e15a3088edced5b08102fccfb80db
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd9451936c1c5846fbe7cc24841e26fe0062de5df037de3c85d3893a8bdb45a3
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c73cde48e743d23c1a54fe27461963d2391c139ef4fb4b8bef92482dc920af18
c9104efada1e3f4b091183121a645b8298608c10a5b16bc3b1cbcb409b4f2777
cb6f0437fc880142d555776f89bb20d5efe24bf68a3489f6a227eb35c8146bf8
d02b35f3bf91b15160bbeb7952fc2f752e15fde022ab2d226b1d0c27d30e8e87
d2ab590e90133870b0f61652a63c4a52cf778096af7b32fd9b9a803a6c03bdbb
d59bc96b30e1437bdb8dbc92e89fc928453ec046bd93ea5d44f4b24e181d4c26
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1143777e7ba15470e9b04183d432867c8bee70a277a879d003e575099a097f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef97c33bb9e410f408251139f72b2538781861e7fb6dc4caecc1b5ebc34df595
f8c9f6ecf1c36d485f7bdbf2e77b696fe7e1fea85c30037008065a783649816b