Submitted URL: https://www.hawahabetary.com/
Effective URL: https://www.hawahabetary.com/ar
Submission: On March 30 via manual from EG — Scanned from DE

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 46 HTTP transactions. The main IP is 104.236.64.75, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.hawahabetary.com.
TLS certificate: Issued by R3 on February 7th 2022. Valid for: 3 months.
This is the only time www.hawahabetary.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
14 hawahabetary.com
www.hawahabetary.com
565 KB
11 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
195 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
5 KB
3 myradiostream.com
s44.myradiostream.com
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
154 KB
2 googleapis.com
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 514
476 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
359 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 136
83 KB
2 gstatic.com
www.gstatic.com
16 KB
1 facebook.com
web.facebook.com — Cisco Umbrella Rank: 212
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8069
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
648 B
46 13
Domain Requested by
14 www.hawahabetary.com 1 redirects www.hawahabetary.com
8 pagead2.googlesyndication.com www.hawahabetary.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 s44.myradiostream.com www.hawahabetary.com
3 www.googletagmanager.com www.hawahabetary.com
www.googletagmanager.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net www.hawahabetary.com
connect.facebook.net
2 www.gstatic.com www.hawahabetary.com
1 www.google.com tpc.googlesyndication.com
1 web.facebook.com connect.facebook.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
46 15

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
play.google.com
apps.apple.com
designfy.net
Subject Issuer Validity Valid
hawahabetary.com
R3
2022-02-07 -
2022-05-08
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
s44.myradiostream.com
R3
2022-02-05 -
2022-05-06
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-01-06 -
2022-04-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.de
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.hawahabetary.com/ar
Frame ID: DB429D9C980F49D7D8550D2A1394AA1A
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/zrt_lookup.html
Frame ID: 331F810434C5B455BD4C96856D107B49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9040946781053764&output=html&h=250&slotname=1234567890&adk=4031311902&adf=1438075936&pi=t.ma~as.1234567890&w=970&lmt=1648647382&psa=0&format=970x250&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648647381783&bpp=3&bdt=268&idt=212&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=3730597807726&frm=20&pv=2&ga_vid=330738453.1648647382&ga_sid=1648647382&ga_hid=1831220186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44760494%2C31061828%2C31063246%2C31062931&oid=2&pvsid=3097079669336261&pem=586&tmod=501149735&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4bBc2GIsf2&p=https%3A//www.hawahabetary.com&dtd=223
Frame ID: 9F985174E7C6ABE9660AB01F93B73F67
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9040946781053764&output=html&adk=1812271804&adf=3025194257&lmt=1648647382&plat=1%3A16777216%2C2%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648647382138&bpp=1&bdt=622&idt=1&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&nras=1&correlator=3730597807726&frm=20&pv=1&ga_vid=330738453.1648647382&ga_sid=1648647382&ga_hid=1831220186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44760494%2C31061828%2C31063246%2C31062931&oid=2&pvsid=3097079669336261&pem=586&tmod=501149735&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=10
Frame ID: C091315BCC37911BB1765EBD650EC43E
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v2.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df213b4223897a4c%26domain%3Dwww.hawahabetary.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hawahabetary.com%252Ffb95368f3a56c4%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fwww.facebook.com%2FYoum7&locale=ar_AR&numposts=2&sdk=joey&version=v2.3&width=550
Frame ID: 34BB31CB5B7C65EBCD5011A86FB829B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8402B3266E97CDC7059E50EDF5EB7B6D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 709EC3B6B873C6220F0BB08112AFB85B
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

الرئيسيه | هواها بيطرى

Page URL History Show full URLs

  1. https://www.hawahabetary.com/ HTTP 302
    https://www.hawahabetary.com/ar Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

15
Subdomains

16
IPs

4
Countries

1021 kB
Transfer

2557 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hawahabetary.com/ HTTP 302
    https://www.hawahabetary.com/ar Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ar
www.hawahabetary.com/
Redirect Chain
  • https://www.hawahabetary.com/
  • https://www.hawahabetary.com/ar
23 KB
6 KB
Document
General
Full URL
https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b56a98e7e675a6fc960a69cd48f452e9c048e18b4831a13d22f7cb2ecc215e8b

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
5146
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Mar 2022 13:36:21 GMT
Keep-Alive
timeout=5, max=99
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Length
370
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Mar 2022 13:36:21 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.hawahabetary.com/ar
Server
Apache/2.4.18 (Ubuntu)
Vary
Accept-Language
style-rtl.css
www.hawahabetary.com/assets/css/
211 KB
40 KB
Stylesheet
General
Full URL
https://www.hawahabetary.com/assets/css/style-rtl.css
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
7e4a123da51cc88a52ed4c334f5955c632bf0f054a58d21e514e33969cbc0b48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 May 2020 21:01:25 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"34d3e-5a62ed0cbaee6-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
40548
6jqDnqEF2RmMDQYduOPn0oXUpFAEbxK8v4vJEzTP.jpeg
www.hawahabetary.com/storage/files/
89 KB
89 KB
Image
General
Full URL
https://www.hawahabetary.com/storage/files/6jqDnqEF2RmMDQYduOPn0oXUpFAEbxK8v4vJEzTP.jpeg
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
43a715e80439fdd3e33e2d1208739f0569f8dadacc348576b0be9a83fe90ec01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Last-Modified
Sat, 22 May 2021 08:37:46 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"164a6-5c2e7174183ca"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
91302
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6898bf66929f5ea477497db2adcd59717d93e1666a86b2905e727513c189c50a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53814
x-xss-protection
0
server
cafe
etag
16652448792507160585
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 13:36:21 GMT
all.min.js
www.hawahabetary.com/assets/js/
315 KB
90 KB
Script
General
Full URL
https://www.hawahabetary.com/assets/js/all.min.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d0c5be4f5ead48169d1bc0e84827918c71a8606107c1c7b5bcea05730d7ee0f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"4ecb1-5a601ce828513-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
internal.min.js
www.hawahabetary.com/assets/js/
774 B
719 B
Script
General
Full URL
https://www.hawahabetary.com/assets/js/internal.min.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
427ad556df7e628ff73b10807d58b36c3f82cb20de88087a66c85171828853c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"306-5a601ce828513-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
369
firebase-app.js
www.gstatic.com/firebasejs/7.14.4/
19 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.14.4/firebase-app.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c2710c7a54209d1abe0e7add1625244057ff310dccff971c180b9bb0dd9b0ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 11:04:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
95503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6581
x-xss-protection
0
last-modified
Thu, 14 May 2020 22:55:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="firebase-js"
expires
Wed, 29 Mar 2023 11:04:38 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/7.14.4/
26 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/7.14.4/firebase-analytics.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a3b0490580a2c4f50ec5ac8cbc28c986ecca9e0f27ec845764d011d5d078f5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 08:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8637
x-xss-protection
0
last-modified
Thu, 14 May 2020 22:55:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Sat, 25 Mar 2023 08:01:29 GMT
gtm.js
www.googletagmanager.com/
82 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NQW5PSB
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb29d988a42fd9de55e7c9dd0807d6978f09d132543788031ab6cfae443e1290
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:21 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32776
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 13:36:21 GMT
listen.mp3
s44.myradiostream.com/9204/
99 KB
0
Media
General
Full URL
https://s44.myradiostream.com/9204/listen.mp3
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.121.178.222 , France, ASN16276 (OVH, FR),
Reverse DNS
ns363319.ip-91-121-178.eu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash

Request headers

Referer
https://www.hawahabetary.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

icy-genre
Other
Date
Wed, 30 Mar 2022 13:36:21 GMT
icy-name
Hawaha Betary
icy-notice2
SHOUTcast DNAS/posix(linux x64) v2.5.5.733<BR>
icy-url
http://s44.mayradiostream.com:9204
icy-sr
44100
Connection
Keep-Alive
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
X-Clacks-Overhead
GNU Terry Pratchett
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
icy-br
96
icy-pub
1
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate,max-age=0
Transfer-Encoding
chunked
Accept-Ranges
none
content-type
audio/mpeg
Keep-Alive
timeout=5, max=100
js
www.googletagmanager.com/gtag/
175 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F9FTBYH5EL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQW5PSB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcb96430fdf378c4391cb6f186561714d8b7f5befe2993a70193144ebe3f4b9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:21 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65804
x-xss-protection
0
expires
Wed, 30 Mar 2022 13:36:21 GMT
truncated
/
382 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
GESSTwoLight.otf
www.hawahabetary.com/assets/fonts/GESSTwoLight-Light/
23 KB
23 KB
Font
General
Full URL
https://www.hawahabetary.com/assets/fonts/GESSTwoLight-Light/GESSTwoLight.otf
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/assets/css/style-rtl.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
d1929ae2cff98eb139e74baf17fe5b0cc07746911e2731fbc862843d44e787b3

Request headers

Referer
https://www.hawahabetary.com/assets/css/style-rtl.css
Origin
https://www.hawahabetary.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Last-Modified
Thu, 21 May 2020 21:01:25 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"5bc0-5a62ed0cbbe86"
Content-Type
application/font-sfnt
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
23488
fa-solid-900.woff2
www.hawahabetary.com/assets/vendors/fontawesome-free-5.12.1-web/webfonts/
74 KB
75 KB
Font
General
Full URL
https://www.hawahabetary.com/assets/vendors/fontawesome-free-5.12.1-web/webfonts/fa-solid-900.woff2
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/assets/css/style-rtl.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Request headers

Referer
https://www.hawahabetary.com/assets/css/style-rtl.css
Origin
https://www.hawahabetary.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"12958-5a601ce864dd5"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
76120
fa-brands-400.woff2
www.hawahabetary.com/assets/vendors/fontawesome-free-5.12.1-web/webfonts/
75 KB
75 KB
Font
General
Full URL
https://www.hawahabetary.com/assets/vendors/fontawesome-free-5.12.1-web/webfonts/fa-brands-400.woff2
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/assets/css/style-rtl.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf

Request headers

Referer
https://www.hawahabetary.com/assets/css/style-rtl.css
Origin
https://www.hawahabetary.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:21 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"12b04-5a601ce860f55"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
76548
truncated
/
180 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
354 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/
296 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57c5e87832728734eabcdac247a426f82dc1535ad5377e5cab16d09c0c72b252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109245
x-xss-protection
0
server
cafe
etag
12178774807514611477
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 13:36:21 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/ Frame 331F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220328/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
64926
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 29 Mar 2022 19:34:15 GMT
etag
4044455266028820542
expires
Tue, 12 Apr 2022 19:34:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/ar_AR/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f304b5b44f974b92a8a35fd44f266e5141b7f9b65fc0f717e3a53fda4212b4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Vw7n1XRBinAJylheMsEzrA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 30 Mar 2022 13:43:00 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
tMdMSxyO9IUrj57p0cRJy/Rk9mk8EZMxzDS5vXf3FGklvbskksCWNM/HJWQX+UswLB7nzGkNMzASHzCnZ1H+EA==
x-fb-trip-id
686109401
x-fb-content-md5
281dcca82c52d774f5488d87e4a1e148
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 30 Mar 2022 13:36:21 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"17c4abb6b55c5dea913e4c80acb4f494"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/g/
0
342 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-F9FTBYH5EL&gtm=2oe3n1&_p=1831220186&sr=1600x1200&ul=en-us&cid=330738453.1648647382&_s=1&dl=https%3A%2F%2Fwww.hawahabetary.com%2Far&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D9%87%20%7C%20%D9%87%D9%88%D8%A7%D9%87%D8%A7%20%D8%A8%D9%8A%D8%B7%D8%B1%D9%89&sid=1648647381&sct=1&seg=0&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F9FTBYH5EL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 13:36:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawahabetary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/ar_AR/
284 KB
81 KB
Script
General
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=55e69c82562776c6c9f3bdb89fbc186a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba12077e363602c0835319371884c50567e628d2680310b1b859f9416e53a666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.hawahabetary.com/
Origin
https://www.hawahabetary.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YxK5PTZ2fA3ugxTR+Fbvbw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 30 Mar 2023 11:54:04 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82933
x-fb-rlafr
0
x-fb-debug
3ZZPaMoXzUuyjxBwGwv5pLkPEoO7lTmSvgLEWPyOxnp/JB9EgkmTOKHQFekGgQE9dq6EDjPQjqUNQs08qy+CRA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a6218a38824bb48d2993373bef160f31
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 13:36:21 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"afb0f81ec9a3e82b7a641e0f08bebcbc"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cookie.js
partner.googleadservices.com/gampad/
220 B
648 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.hawahabetary.com&callback=_gfp_s_&client=ca-pub-9040946781053764
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a4bf5de72867bb2c93dea5218ef6705c652b02372c03994d8786cc633bf163eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hawahabetary.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawahabetary.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F98
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9040946781053764&output=html&h=250&slotname=1234567890&adk=4031311902&adf=1438075936&pi=t.ma~as.1234567890&w=970&lmt=1648647382&psa=0&format=970x250&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648647381783&bpp=3&bdt=268&idt=212&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=3730597807726&frm=20&pv=2&ga_vid=330738453.1648647382&ga_sid=1648647382&ga_hid=1831220186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44760494%2C31061828%2C31063246%2C31062931&oid=2&pvsid=3097079669336261&pem=586&tmod=501149735&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4bBc2GIsf2&p=https%3A//www.hawahabetary.com&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:36:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&tn=DIV&cls=audio-wrap&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 13:36:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&tn=NAV&cls=navbar%20navbar-expand-lg%20navbar-dark&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 13:36:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C091
0
20 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9040946781053764&output=html&adk=1812271804&adf=3025194257&lmt=1648647382&plat=1%3A16777216%2C2%3A16777216%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648647382138&bpp=1&bdt=622&idt=1&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x250&nras=1&correlator=3730597807726&frm=20&pv=1&ga_vid=330738453.1648647382&ga_sid=1648647382&ga_hid=1831220186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44760494%2C31061828%2C31063246%2C31062931&oid=2&pvsid=3097079669336261&pem=586&tmod=501149735&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:36:22 GMT
expires
Wed, 30 Mar 2022 13:36:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
comments.php
web.facebook.com/v2.3/plugins/ Frame 34BB
0
0
Document
General
Full URL
https://web.facebook.com/v2.3/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df213b4223897a4c%26domain%3Dwww.hawahabetary.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.hawahabetary.com%252Ffb95368f3a56c4%26relation%3Dparent.parent&container_width=710&height=100&href=https%3A%2F%2Fwww.facebook.com%2FYoum7&locale=ar_AR&numposts=2&sdk=joey&version=v2.3&width=550
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js?hash=55e69c82562776c6c9f3bdb89fbc186a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 13:36:22 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options
nosniff
x-fb-debug
oMyXwHdjIpMX0PzGixlZh3SvcLJ2Kcb/ChzB0Fbk579lKlOXUliDLY0veBteybnYkT6t2tPCPsHsjfeol2MDTQ==
x-frame-options
DENY
x-xss-protection
0
logo.png
www.hawahabetary.com/assets/images/
14 KB
14 KB
Image
General
Full URL
https://www.hawahabetary.com/assets/images/logo.png
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/assets/css/style-rtl.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4a790bb5f46e102f03acdff40c2c5c4e21d01d610ba6bba1d2e11ca72a73614f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/assets/css/style-rtl.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:22 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"368d-5a601ce8265d3"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
13965
listen.mp3
s44.myradiostream.com/9204/
99 KB
0
Media
General
Full URL
https://s44.myradiostream.com/9204/listen.mp3
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.121.178.222 , France, ASN16276 (OVH, FR),
Reverse DNS
ns363319.ip-91-121-178.eu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash

Request headers

Referer
https://www.hawahabetary.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

icy-genre
Other
Date
Wed, 30 Mar 2022 13:36:22 GMT
icy-name
Hawaha Betary
icy-notice2
SHOUTcast DNAS/posix(linux x64) v2.5.5.733<BR>
icy-url
http://s44.mayradiostream.com:9204
icy-sr
44100
Connection
Keep-Alive
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
X-Clacks-Overhead
GNU Terry Pratchett
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
icy-br
96
icy-pub
1
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate,max-age=0
Transfer-Encoding
chunked
Accept-Ranges
none
content-type
audio/mpeg
Keep-Alive
timeout=5, max=100
listen.mp3
s44.myradiostream.com/9204/
99 KB
0
Media
General
Full URL
https://s44.myradiostream.com/9204/listen.mp3
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.121.178.222 , France, ASN16276 (OVH, FR),
Reverse DNS
ns363319.ip-91-121-178.eu
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 /
Resource Hash

Request headers

Referer
https://www.hawahabetary.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

icy-genre
Other
Date
Wed, 30 Mar 2022 13:36:22 GMT
icy-name
Hawaha Betary
icy-notice2
SHOUTcast DNAS/posix(linux x64) v2.5.5.733<BR>
icy-url
http://s44.mayradiostream.com:9204
icy-sr
44100
Connection
Keep-Alive
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
X-Clacks-Overhead
GNU Terry Pratchett
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
icy-br
96
icy-pub
1
Access-Control-Allow-Origin
*
Cache-Control
no-cache,no-store,must-revalidate,max-age=0
Transfer-Encoding
chunked
Accept-Ranges
none
content-type
audio/mpeg
Keep-Alive
timeout=5, max=100
MdQ1dEdaBodbbuit8g2gbByKvW7N55bgx6D7G0UH_1366_629.webp
www.hawahabetary.com/storage//files/
35 KB
35 KB
Image
General
Full URL
https://www.hawahabetary.com/storage//files/MdQ1dEdaBodbbuit8g2gbByKvW7N55bgx6D7G0UH_1366_629.webp
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6a8e7c10433e8e4d02316ee3a215965c087d28ad0e75207c2895532d0b8030ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:22 GMT
Last-Modified
Wed, 20 May 2020 08:09:42 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"8b90-5a60feb1a0fbb"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
35728
logo.webp
www.hawahabetary.com/assets/images/
5 KB
5 KB
Image
General
Full URL
https://www.hawahabetary.com/assets/images/logo.webp
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
202bc3eabb2d3c2c152bf81893e92999220de4c0666391eaff2a2bc62f81b0f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:22 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"1362-5a601ce8265d3"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4962
separator.webp
www.hawahabetary.com/assets/images/
43 KB
44 KB
Image
General
Full URL
https://www.hawahabetary.com/assets/images/separator.webp
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ba63546a0e2ca28f9546381e64c7bc173c3a0c2ad8f3a3e31ca40ce6c6cfa6fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:22 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"adbc-5a601ce8265d3"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
44476
mobiles.webp
www.hawahabetary.com/assets/images/
67 KB
67 KB
Image
General
Full URL
https://www.hawahabetary.com/assets/images/mobiles.webp
Requested by
Host: www.hawahabetary.com
URL: https://www.hawahabetary.com/ar
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.236.64.75 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
132bfd173cd0fdd9a4392ad49267b9d9e87867de0ccda6f4d4d7a27c15e0b101

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 13:36:22 GMT
Last-Modified
Tue, 19 May 2020 15:19:33 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"10b36-5a601ce8265d3"
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
68406
installations
firebaseinstallations.googleapis.com/v1/projects/howah-betary/ Frame
0
0
Preflight
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/howah-betary/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://www.hawahabetary.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.hawahabetary.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 30 Mar 2022 13:36:22 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/howah-betary/
578 B
476 B
Fetch
General
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/howah-betary/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/7.14.4/firebase-analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4014:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b94c6c97cf469b1b50edb94bf80fad08a67f81da185fb61d6cb92a31eb066c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://www.hawahabetary.com/
x-goog-api-key
AIzaSyCz46csvhVA8M-t2O9b45YlD42cKbLZ4A0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
content-type
application/json

Response headers

date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.hawahabetary.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
vary
Origin, X-Origin, Referer
content-length
453
x-xss-protection
0
js
www.googletagmanager.com/gtag/
154 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1N6Q64M7FH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQW5PSB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ee946b4f021fa0e083e853b1830007114f0665465b1e1485ea79653e6d7c344c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58259
x-xss-protection
0
expires
Wed, 30 Mar 2022 13:36:22 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1N6Q64M7FH&gtm=2oe3n1&_p=1831220186&sr=1600x1200&ul=en-us&_fid=fpZk6Zev7iep5caEsdhKCE&cid=330738453.1648647382&_s=1&dl=https%3A%2F%2Fwww.hawahabetary.com%2Far&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D9%87%20%7C%20%D9%87%D9%88%D8%A7%D9%87%D8%A7%20%D8%A8%D9%8A%D8%B7%D8%B1%D9%89&sid=1648647382&sct=1&seg=0&en=page_view&_fv=2&_ss=2&_c=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1N6Q64M7FH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 13:36:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawahabetary.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220328&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b01b54506652c6ab2836c504352aa4c637433197d44f0818836a555eeadf15a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9040946781053764&plah=www.hawahabetary.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 30 Mar 2022 13:36:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8402
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:34:14 GMT
expires
Thu, 30 Mar 2023 13:34:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 709E
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d13448f42c8be28b6a56d790ba7134cb2e269f6687384db7917f5519b371abab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0gLM8MyN6DNOwY1+blUJ2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-0gLM8MyN6DNOwY1+blUJ2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:36:22 GMT
expires
Wed, 30 Mar 2022 13:36:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
pagead2.googlesyndication.com/bg/ Frame 8402
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/XiW-l_2i5aVoH8u79KLQHFanU8pv7NVYiw1EHy6cTgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
12506
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13735
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 10:07:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 709E
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220328&jk=3097079669336261&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 8402
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?h3MrrA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:36:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220328&jk=3097079669336261&bg=!k5ClkNTNAAbzJazn0yU7ACkAdvg8WiDoGozoXFKwHxdcG30AxshPEHgjcUniDNBofJHxrYJNioPuhwIAAABMUgAAAANoAQcKAGD8gDo_CPNeWhT-n25DoNASJoBe3JXU2IsXE5qQj9NGaSoVIo-kcVGOKJ9DBs8FR-t0CPe8-SecC_d210p8xpfsNx8ZOZKVT3cHKM5EEG-642GlAzvZRzpCb2rIPsunJdCZAtzZdR8SonzvrC3zNoLAith7jqSoxnxAkgBGprd34v_fnVYdGKK6v5mpdpbKwF4PBw8by1B2tKOWfRr7LN2NYF7CfQqNiy5NNXobPlAT0OfOofc7BDgqigUtM9BDkWxaksEjfRnrpPhMqBSQXYGmqVDyNMUuhSEzXDoPVjlTSy81FJlPP67AmGTqqYPcaBr63xLCn8oO1958WgPwp8rGWQtU3BFNCOkdT8tGcgRrw7kO2-MMb3CIz7gGSlBw3BWfZs4mc5sac87A4n5XNX4Y3w5bREM1TAKnVdpaanznvUyEMKtdBTj-7fMwZRmc4wKl0WAQaYa-tAIA1Z3TGzSeuA-6lwIDccBGaKgE4LuslHGwOG15PUoUVq9RfT1z-_YDOWllWetyQ2hoGfblQuPMW_uHgzRLtZ8bqdObKlJ8OLRlbykfxCx-dnqkr7o9av8x6cWAvhqopxeywtJnpxeAk9EWJlnnTS5x0BlBOFVWhFYGakjuHZltzm2eQ0-2fWGNUo4so55aPUXE_iXEv3s7qcmtzvoa9RYE1wfYH7xP2WbVIS8JpMfAWOPhySTn6TTqdALio1YQlSab6osDlG1WpZdf8KmJeI5KMMTRT8SYxEsW46326mZl7VGPCUqLXZTFSBkGW1iIDYKGRqQ0GRPPfiAOBqhwhzPpxtrgPSIGiSabj_vcySM5uMGNLFb3UdGSdDbs5OvO-9bvYWlGdvQD8BSpt42RddqCFa38-Fzcscv56t4K6TjXSU6KgNgfyVRAXAiFEQaO6z3pf13cgcp59D7X7omw6iyKRwomFDdeub-NjylNhcKGE4CKL8ap1RfoPjK9npdIg7Qhl2IRF7pKynPeHn_N5__13etCgk6YF-aMIRFC8WB-NNITeMc3yPUzbsd4lSK2Cek9g9FzS8jkp9ddpnFaM2SHEqf4qqAixV9eclOby0GuQ3GPLUvE7YBasUBHqRssjqqu__pigNc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hawahabetary.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer object| google_tag_manager object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data object| gaGlobal object| FB function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| $ function| jQuery object| bootstrap function| LazyLoad function| Swiper object| firebase function| gtag boolean| isChrome object| google_image_requests function| onYouTubeIframeAPIReady object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
www.hawahabetary.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjBRaW94Y2paU3hWM09zdHNmaG15QWc9PSIsInZhbHVlIjoiazQzSjZnaThicCtibkxIMnVzdlk5U1ZLMW1DYlpsbVlERVpqVlFEVFZqaG9Jazhzd1RNNHFyT045WnhjWkJ4MyIsIm1hYyI6IjY4N2IwZmIzOGFiODYyYzk4ZjQwZjAxNzQ0N2M0ZTUyZDI5YjgwMmM1NzFlM2VjOTVhMGQyODVlNzU5OTAwOTYifQ%3D%3D
www.hawahabetary.com/ Name: hoaha_bytry_session
Value: eyJpdiI6IkJGQ2Y1ZVl2a1wvWHdjeHV0eldHV3JBPT0iLCJ2YWx1ZSI6Ilc5M2M5UWlXd21xUXptblV5ZWdQTG85VDRwSnorelZESitlendmcUtHMXdCelVCTHpyRmpPblplVTJQaFFpU3EiLCJtYWMiOiIzNGNhYWQ5MTVhMjcxYTYzYTNmM2UyOWRmN2FmNTI1NmY0YzZkYjk2ZmRjOWViZjg5MTFhNDY4MmU2YjNmYzk5In0%3D
.hawahabetary.com/ Name: _ga_F9FTBYH5EL
Value: GS1.1.1648647381.1.0.1648647381.0
.hawahabetary.com/ Name: _ga
Value: GA1.1.330738453.1648647382
.hawahabetary.com/ Name: __gads
Value: ID=9214c45818f00f2f-22cb0c1b68cd00e2:T=1648647382:RT=1648647382:S=ALNI_MabgsP5EGsgJkuRGU5iOrcN-qlhNA
.doubleclick.net/ Name: IDE
Value: AHWqTUlOacMNxiCYiAnl_HLp5gn-2DEMW6RNgJhxZmSn30vlpXjSk6J29wF5AMZc
.hawahabetary.com/ Name: _ga_1N6Q64M7FH
Value: GS1.1.1648647382.1.0.1648647382.0

2 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9040946781053764&output=html&h=250&slotname=1234567890&adk=4031311902&adf=1438075936&pi=t.ma~as.1234567890&w=970&lmt=1648647382&psa=0&format=970x250&url=https%3A%2F%2Fwww.hawahabetary.com%2Far&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648647381783&bpp=3&bdt=268&idt=212&shv=r20220328&mjsv=m202203230101&ptt=9&saldr=aa&abxe=1&correlator=3730597807726&frm=20&pv=2&ga_vid=330738453.1648647382&ga_sid=1648647382&ga_hid=1831220186&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C44760494%2C31061828%2C31063246%2C31062931&oid=2&pvsid=3097079669336261&pem=586&tmod=501149735&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=4bBc2GIsf2&p=https%3A//www.hawahabetary.com&dtd=223
Message:
Failed to load resource: the server responded with a status of 400 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://web.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
firebaseinstallations.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s44.myradiostream.com
tpc.googlesyndication.com
web.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.hawahabetary.com
104.236.64.75
142.250.181.226
2a00:1450:4001:808::2002
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2001
2a00:1450:4014:80c::200a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
91.121.178.222
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
089630244600f33230010f5e04c67419ec642c5228540adb42e3fe92c631e6bf
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
132bfd173cd0fdd9a4392ad49267b9d9e87867de0ccda6f4d4d7a27c15e0b101
1b94c6c97cf469b1b50edb94bf80fad08a67f81da185fb61d6cb92a31eb066c4
202bc3eabb2d3c2c152bf81893e92999220de4c0666391eaff2a2bc62f81b0f4
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
427ad556df7e628ff73b10807d58b36c3f82cb20de88087a66c85171828853c4
43a715e80439fdd3e33e2d1208739f0569f8dadacc348576b0be9a83fe90ec01
4a790bb5f46e102f03acdff40c2c5c4e21d01d610ba6bba1d2e11ca72a73614f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c5e87832728734eabcdac247a426f82dc1535ad5377e5cab16d09c0c72b252
5e25be97fda2e5a5681fcbbbf4a2d01c56a753ca6fecd5588b0d441f2e9c4e05
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6898bf66929f5ea477497db2adcd59717d93e1666a86b2905e727513c189c50a
6a3b0490580a2c4f50ec5ac8cbc28c986ecca9e0f27ec845764d011d5d078f5d
6a8e7c10433e8e4d02316ee3a215965c087d28ad0e75207c2895532d0b8030ca
6b01b54506652c6ab2836c504352aa4c637433197d44f0818836a555eeadf15a
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7e4a123da51cc88a52ed4c334f5955c632bf0f054a58d21e514e33969cbc0b48
9c2710c7a54209d1abe0e7add1625244057ff310dccff971c180b9bb0dd9b0ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf5de72867bb2c93dea5218ef6705c652b02372c03994d8786cc633bf163eb
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
b56a98e7e675a6fc960a69cd48f452e9c048e18b4831a13d22f7cb2ecc215e8b
ba12077e363602c0835319371884c50567e628d2680310b1b859f9416e53a666
ba63546a0e2ca28f9546381e64c7bc173c3a0c2ad8f3a3e31ca40ce6c6cfa6fe
bcb96430fdf378c4391cb6f186561714d8b7f5befe2993a70193144ebe3f4b9b
cb29d988a42fd9de55e7c9dd0807d6978f09d132543788031ab6cfae443e1290
d0c5be4f5ead48169d1bc0e84827918c71a8606107c1c7b5bcea05730d7ee0f1
d13448f42c8be28b6a56d790ba7134cb2e269f6687384db7917f5519b371abab
d1929ae2cff98eb139e74baf17fe5b0cc07746911e2731fbc862843d44e787b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee946b4f021fa0e083e853b1830007114f0665465b1e1485ea79653e6d7c344c
f304b5b44f974b92a8a35fd44f266e5141b7f9b65fc0f717e3a53fda4212b4e1