urlscan.io logo urlscan.io
SecurityTrails logo

haberbank.xyz Open in urlscan Pro
185.135.222.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.haberbank.xyz/
Effective URL: https://haberbank.xyz/
Submission: On August 18 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 5 countries across 25 domains to perform 387 HTTP transactions. The main IP is 185.135.222.24, located in Turkey and belongs to RADORE, TR. The main domain is haberbank.xyz.
TLS certificate: Issued by R3 on August 18th 2021. Valid for: 3 months.
This is the only time haberbank.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 117 185.135.222.24 42926 (RADORE)
13 142.250.186.34 15169 (GOOGLE)
4 54.38.29.221 16276 (OVH)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.13.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
11 16 142.250.181.226 15169 (GOOGLE)
3 7 2.18.234.21 16625 (AKAMAI-AS)
3 5 37.252.173.27 29990 (ASN-APPNEX)
57 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
12 142.250.185.194 15169 (GOOGLE)
1 2 18.158.209.84 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
12 2.18.235.40 16625 (AKAMAI-AS)
2 3 34.98.64.218 15169 (GOOGLE)
2 184.31.88.106 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 62.144.160.15 12312 (ECOTEL)
2 3 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 2 18.156.0.31 16509 (AMAZON-02)
2 185.86.139.115 201081 (SMARTADSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 216.58.212.162 15169 (GOOGLE)
387 36
117    185.135.222.24 (Turkey)

ASN42926 (RADORE, TR)
PTR: server20.cmsunucu.com
www.haberbank.xyz
haberbank.xyz
13    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
4    54.38.29.221 (France)

ASN16276 (OVH, FR)
PTR: ip221.ip-54-38-29.eu
revenueflex.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.at
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
42    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
41    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
16    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
5    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
57    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
7    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
2    18.158.209.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-209-84.eu-central-1.compute.amazonaws.com
t.myvisualiq.net
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    62.144.160.15 (Germany)

ASN12312 (ECOTEL, DE)
ssl.hurra.com
3    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
ade.googlesyndication.com
Domain Requested by
116 haberbank.xyz haberbank.xyz
57 s0.2mdn.net haberbank.xyz
s0.2mdn.net
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
42 pagead2.googlesyndication.com c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
haberbank.xyz
www.googletagservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
41 tpc.googlesyndication.com c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
haberbank.xyz
tpc.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
s0.2mdn.net
16 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
14 googleads.g.doubleclick.net c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
haberbank.xyz
13 securepubads.g.doubleclick.net haberbank.xyz
securepubads.g.doubleclick.net
12 googleads4.g.doubleclick.net haberbank.xyz
googleads.g.doubleclick.net
11 px.moatads.com c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
haberbank.xyz
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 www.google.com 2 redirects c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
haberbank.xyz
tpc.googlesyndication.com
8 www.googletagservices.com haberbank.xyz
securepubads.g.doubleclick.net
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 fonts.gstatic.com fonts.googleapis.com
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
5 fonts.googleapis.com haberbank.xyz
s0.2mdn.net
securepubads.g.doubleclick.net
4 ade.googlesyndication.com
4 revenueflex.com haberbank.xyz
revenueflex.com
3 sync.search.spotxchange.com 2 redirects googleads.g.doubleclick.net
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 ssl.hurra.com 1 redirects c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 t.myvisualiq.net 1 redirects c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.taboola.com haberbank.xyz
cdn.taboola.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 ads.yahoo.com googleads.g.doubleclick.net
1 z.moatads.com googleads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.at securepubads.g.doubleclick.net
1 www.googletagmanager.com haberbank.xyz
1 www.haberbank.xyz 1 redirects
387 35

This site contains links to these domains. Also see Links.

Domain
www.liderhaber.org
Subject Issuer Validity Valid
haberbank.xyz
R3		 2021-08-18 -
2021-11-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
revenueflex.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.at
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.myvisualiq.net
Go Daddy Secure Certificate Authority - G2		 2020-12-12 -
2022-01-13		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.hurra.com
Thawte RSA CA 2018		 2020-07-09 -
2022-09-09		 2 years crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-16 -
2021-10-06		 2 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh

This page contains 31 frames:

Primary Page: https://haberbank.xyz/
Frame ID: C9B85155EA9E80A12D0C49C931A32EB5
Requests: 146 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D5736A508B9560EC96FB72421638C5F
Requests: 1 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A9654E3FB46D999A994E6A2BAAA24059
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Frame ID: 90E18CAB799103079567D21C62401F3E
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 80AC1D162C996EA2E26EEAABC3D0986C
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E12A83BAC4D0AF2121383439E1720166
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9657108/1627996608943/index.html
Frame ID: 3CFBD5317B0B7ECE376FCCDBC0EAD079
Requests: 7 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AF838FEB06CC99FC3E6E4D184E9710B8
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Frame ID: 043BBDD3CE94F8C32D136AF6A503ED4E
Requests: 5 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D90E32F2D576BB6EC3451C678AEB2B98
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Frame ID: 31350532189233B747AA259B60A24A39
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
Frame ID: E23BE6CF13A74E2C22B216E50633DAA6
Requests: 9 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3DC1AD58D0E18367E459B9B4CE3CDFEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE6F097EE29253E1DDDBF002702106A6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
Frame ID: 5BDBD6C60CEC2194FC13C78F4C4C1071
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Frame ID: 5CF0A9E177AB7333A0E4CCD0D6CA25B6
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 348E37753A99ED7AB89ABB37C9E32BC3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Frame ID: 9203A5F81FC6FED73589C0D64DB59891
Requests: 20 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A7AEA2F5261B3D306C14FDCA97C78FA
Requests: 16 HTTP requests in this frame

Frame: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0601968774EED8B517E64F850E4E34BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F855549410F18E3D19AAC39A900E5829
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
Frame ID: D4A519EB27AA83B7E2DDD197B1D6E3C7
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKThqgEQ0r7gARjOqrqxATAB&v=APEucNWhLZjqhhO4FKLuA7t-ZBepMx2Z2ySLZdc8fQoXG8if8ogPfQ4KwAo6MynzYrWnn-qKqwfQCRDxTM4f6hl8CPSwxx7uun-No3v6N-iaiFQ8iL1xSD8U9bcwGNdDEN_u5nMpEA9YnOt2lqddNdJVpatylqKKyzXjT_5Dn2_vdEL-5vC1-1Y
Frame ID: 19D5A9250015EEE3CE016F25650B930D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4iHGNTkzdOvwnh_5_wL96tpIxGR3eSnK1Uwpd-DCbDIOmR6Pzxm4JmknB7V00lJkvUu3_IKMrmyyhlQ8ba6IgK3sG698NncMyPtnKiY2_g-5T4aTe6HyYyoCsrSWU05PaDQ4yyor-X13QfslLLk73AHAFNw&dbm_d=AKAmf-D5oGnw1HYUDrFdeau_Xm4tb68Gr7YFrJe-HlS1p9KeODNuymH56JeIR1XuIAOUGvatTWCw_wo875yY8E7GjhJ7fm_KqQcr3mdDJRi55ijGBaIoN6fBLKdzIBXg7xNmYGxjnp8JM_UinZu90ApfhBzY0ldB_nL8dQcXyAdmeHeKnXg5R9_gZdxW2oJp5lgYzf-ynpSgyBHekwz0U2iU69bsLM49pBHL4Ah74T-oUGDg1GEWweUFnuwoO7SJuahn9GdfOB8e0y5neuwPMhhOWTQCreEKoWG61yoe8Luoy1jfJLQoUke2rqIgCsbrVVlbE6Ja3ZtX0DDQxVqLGL59BghNvNzpXBv4fXinUPqDVvoDwz89E8HdZSb5D8A7POCB1yhn0P25D3wZAw2twGW6JuF-tba6BUCAD01AvIMMpMoCieyAikbb1nJJAzyH9uZSXbdSoUf8hBOpNJy_QnIXMpxfsZmsOkCJ-ifyDlY1C9UTs1KeWdWiRvskZKnIfM_Md0k8Pg-xtB0r39Fo3cq8pmYNIOwykiszgTISi0b7WI0tqRyYFuCNtTVIdcvLEwvAEX25e89yiokBI97Ukdaja3N4Csy8H-secNklFDQ1vK736ds87wUPy8sUDe1AuK3X5oPVvEgsEFlAv3KwEaP6tr05v8qmdjmGlq97FUC5HN92Krw9WQBlnJcxIurMq-_g5K4Jn6-gIHa-6OL6qOOrNntU8t_FfeW3Lj1pwuDAySJP7s4HkFCdLaVES36rV3WaO0V_PuATPVJqvY8fr4Qyi_K1xDzq1-j_BPuuCszCwp-d7zq4T6W2MxQPEoRKnrICpxj76bK8f2P4CGYNz3PyKxoA6kne_4pgqNUzK5ZOqYqYNlVFWarZVuZCE1atboNYsCY37dYUPPOeShCxq6CwtecUi6yqe38pvGJPJylumPY08hhebsvgzSKqEh2Ns9iWN3EvzRYbFo_yglsuUO-j53iH9rDdysI8E3JcqpthlGylRGBTA23uujw6tWuY0dIWuic2fxNQ7cHH6XsPBWBESsd5srF8OemFVyLka3ZXWhcp_1CtSRetEgGkwSaO60L7hNjtg8_k9m7ds5x56r4TGrIjbaxLdCNasaU9WqCNmWxulYO_Wn0RSc96WTDwqF5ur-LGve5DTQWr7rbbzbjXd6HmZklYnHzZat3EjUwlBOMdO7ekyQeiU8mecgNFjN0tEOEyk0NA-GvUV-IciQwvS3Bekn9rrNeMmKJgdYSMiJ_jl4Yo-Q4Hi7vi81LlzQ23KvTYWOGbpwDVCAfJHW-5zb3_CeEhOv-TC6YL627co6mUkPtlQZifKspWxL59XSeGpYM3qha4E5I3UosPLyfgJb1yk4HK3WRdvfJTUz0s2gFXwzr1kkyGBu8a2SyO847gf2S6AahyLP4gjwzD0gnaXFOqi-M-ocHB0mzdMDaXqinKiOx5IrBV_cR3zt-uNCLNCjVz3zCgPhlAa6T_EMgWNmukmOElChoZqTabEmBn1j0rSHjnOaXNRepVR3qh7cyDKfWQq8LpkuJF1uYq6TFV9sdmccvCD5yqeaTYOOsycKsKKquIQUJq6Ol183EAvMmZldvUxi7DjjDB-wkSDWvV3t5tf2_IbDWOGlsZ8VDOVnvw_vb2uAugBKqTM1HTHcQUh0S0EfWM2t0wQvv9-7vmR4zEEOemQl_-f7QjnVGdGJWjQU5bH1waLrkJOf7NjMnPX8ug6gF6xAy9f0G1MA0USASrSq4pp4Drk6n6dOjD2cViNKwiXGFia9WiAzb4mkq2wO27vK1YXaOtzLInYwypFokLzvuquJoPq4QnFJ67KnIaV_K0M062nTbvED_Goayo6Fl5U1eOyS36Wn6zeqFbvaNZTwJV0FYdNac8DeGzKWVVVPW8L4MuvcAX0Mazz7Cvj97jMO150lPpHYKU2_SgGTTAkGY2bTYDjhnAtDaWKEZT0cqq0r6oxQUWiDj7AEybvrCZEtiAOCDJ_jZZwYNJWRyLxA7Tbc7B8BMLBKLi5uVPydHM0iQy4yDEEkItSxT8rC3RW7E6uQmUC-OmP17Ef5OxChOam3T5APSsR9H8k6S-bqocJAWrTvcy0AyiwsIFaGM6U1qmMsYPUpWRjLJg2sopdY1q7DNTItX173IbOCbTE80-hc_InqJvOXq0xuhXyszehlDafyuZzw_sYkSkWMw01rfoO9OpUGXS27QKT_FMktSuqf12v9n-gGJWrHZC-p63ApX2uHdrmCZN1iAAzEobFDNxuIkYrYu74J1f5zv-_93zIbpFvPU6lRmG2tnQfah1ajj0k3bNQNl9Hx7y71FDWrIdSU_oDs-uOdr5OLMjeq4Y1cq44UUObiSqvhCXuQkKDFY9lNuZvim8vNhdx9hHDo4X9HsP-UdgTseAYPwSjVRIc0Lz20s9pQKQgghgA6UZ81kJSb7xk2wCkdwYybQbjksOCOtfP6dqaY1TtHS4xGqHjfyPk6CjHsw3B_kwdTz-KcGIxPl7Pd6S5lYhYE4I8oGLRX-d1_6mXxvWPJ0oD48YqdCEw4TcytgwRXpACqRJejVmicJRy3P7Vh3RWO7kVelJQr4nBlmw7mJme9HfjgyHGz7GNxGOW3pQiB3S9IShi4-og9-7GT9kufqTaT2P1sc2Ldz3E_VjtNwa7fkXBvGwdsCxlIpzlr7sJunngvqFklHfkS17_ia7JQ_BXl7LnnXgdFtZbg-AGYFERpiKJ9qS2cxvbPBXx6nv419T8hJE6O2ozWGCcoJiE5t4wKM3OTC68SiSG-hM-9AQko7br_f0db0Dc7U1e8K_qznCHF1qtiY7Ef4DEKIojGEBfbXienb9BZNU7t_rjtzZBdwTWAU_-qmvKTWxcOKd_UQS7k7zfJRWRU9TS2DHwIpg0YFd2sfHxUdfsOTvg8cyK4ypafDGOS0x9D6E-kfoJC-2xLS7qgcfIVRLgASPYr9MnS0cvQ1Sz-LOXeFNQHzEzTPFoCKrYJBVseDcCKENAAIDw6h3QQGN3_EVDgRyFLZXFtl5V9X-bWH_zhsUl_WjiLlJ3pjNbSpGmYl6_wJiEF29-LVOQ2ue9mCatEHEj8B_WBGEi5JiQT2xtzPI6o4Zxcm1GSB1U6ncAXrn-nT1wqQ5STJWXGYGXdKduSixxkHNILZmBoV09ECByu9P3596jVeA78YeqRE9ur3rc6J8sbTot5j5bKkbEgcuVBYbiUDU0dtVlZOF7w&cid=CAASFeRoRA5HvvQ4gVUqa5SmL8bvjGNRSQ&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Frame ID: 09C8E792C0AE83439295BE49F0D9970D
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Frame ID: D062E92F0F173D8806C27707C69DF104
Requests: 26 HTTP requests in this frame

Frame: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Frame ID: CA9FFB413DC0A4A3FAFB60BC282CF4B6
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B79CECE6D24AF1B2DF4BEE87C5F54E38
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 94261B15677E33F9B44BD2D1F8946389
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Frame ID: 7329E0C4E35E6834AEA093637FC9F301
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7875B020F5A74424BD0B4648B0ABB9DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47C5C574642C04C7FA156E7D38580250
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.haberbank.xyz/ HTTP 301
    https://haberbank.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i

Page Statistics

387
Requests

100 %
HTTPS

53 %
IPv6

25
Domains

35
Subdomains

36
IPs

5
Countries

8388 kB
Transfer

13209 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.haberbank.xyz/ HTTP 301
    https://haberbank.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKxYxMlUPO-crpwAGij8n0&google_cver=1
Request Chain 137
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRzQ1f7n5SV3pvfiDedaywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECaBSBDN4GaNgij_KOlbKUg&google_cver=1
Request Chain 139
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Request Chain 159
  • https://t.myvisualiq.net/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i HTTP 302
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i
Request Chain 161
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Request Chain 183
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRzQ1f7n5SV3pvfiDedaywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELS0J7hGgEfv8is-rAYrExM&google_cver=1
Request Chain 185
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPw4blkVHpHQKRpJjp9-0go&google_cver=1
Request Chain 207
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGVmYTEtNjdiOC0yYzQ0LWY1MmEtNGZmMWU0YjgzZDQ5
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDajPGl8_-2f8KnVGJGkDEc&google_cver=1
Request Chain 248
  • https://ssl.hurra.com/pvs.gif?cid=416&tid=38532&cb=3564507500 HTTP 302
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=416&tid=38532&cb=3564507500
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEO3jDiC6SU7OB7S8XYsRMCk&google_cver=1
Request Chain 255
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=847ca76c-0005-11ec-83c5-1348667f0306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODQ3Y2E3MmMtMDAwNS0xMWVjLTgzYzUtMTM0ODY2N2YwMzA2
Request Chain 257
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 298
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JUTdJTlpwRTJ1R0trbWtUcHg3VHlRQW1YTVlkemhnY35B
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHhYrQsGgBkJE1b6nMllLgo&google_cver=1

387 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
haberbank.xyz/
Redirect Chain
  • https://www.haberbank.xyz/
  • https://haberbank.xyz/
180 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PHP/7.3.20 PleskLin
Resource Hash
5ef584dc7d4cb518ed990242fc5d6a465aef233a5ea1897dc26b528c2af71060

Request headers

Host
haberbank.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
36980
Connection
keep-alive
X-Powered-By
PHP/7.3.20 PleskLin
Vary
Accept-Encoding
Cache-Control
public, max-age=60
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
230
Connection
keep-alive
Location
https://haberbank.xyz/
X-Powered-By
PleskLin
style.css
haberbank.xyz/s/ 		91 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://haberbank.xyz/s/style.css?2007041.css
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
28381aa1eb7ccb3e4cb95da002ae1e7b7c2c8ffa45c5e8a4b1887598531d3856

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Apr 2021 08:58:49 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17203
function.js
haberbank.xyz/s/ 		168 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://haberbank.xyz/s/function.js?2007041.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
270d4005cc04c172a55defbc6ecb1cde62c49cd260b5ea4afee332ed2b241dab

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Apr 2021 08:58:54 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
60304
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
ed70aab24114c7c74bb70eb16251f6046e3a15326acb36aaf9408cc43feaf0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"962 / 601 of 1000 / last-modified: 1629276603"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25175
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:19 GMT
prebid.js
revenueflex.com/d/ons/ 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://revenueflex.com/d/ons/prebid.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS
ip221.ip-54-38-29.eu
Software
nginx/1.16.1 /
Resource Hash
74ce4a1f4d75997ff40047546727f9d0732cb9741c1a937bd1a7edc7a0df9f53

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Aug 2021 08:00:14 GMT
Server
nginx/1.16.1
ETag
"611cbe0e-1391c"
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=600
Connection
keep-alive
Content-Length
80156
Expires
Wed, 18 Aug 2021 09:30:19 GMT
48fa6b2543c4efa71f18e4600b6d8b47bc58b1db.js
revenueflex.com/d/4/8/f/ 		93 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://revenueflex.com/d/4/8/f/48fa6b2543c4efa71f18e4600b6d8b47bc58b1db.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS
ip221.ip-54-38-29.eu
Software
nginx/1.16.1 /
Resource Hash
53d4056482798f3b7b7f9cc5cc08fc821140552572aa61637c166ef6e1675b09

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Content-Encoding
gzip
X-Mobile-Device
0
Server
nginx/1.16.1
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=60
Connection
keep-alive
Expires
Wed, 18 Aug 2021 09:21:19 GMT
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b49a6cde51c0b24f61b97efadaa1285123665fd099cf14109dbf6fd77fb6152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"962 / 211 of 1000 / last-modified: 1629276741"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25203
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:22 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-195117963-1
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1d9dca7faf30603348f082f1e6c2ea66aa650a79a3284f27231f1d5931f9302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:19 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41071
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 18 Aug 2021 09:20:19 GMT
logo.png
haberbank.xyz/s/i/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/logo.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
84fdae9a3684b8fa40ef949d2304862f29c44b1fc53d922bb70e22aaec0d1d10

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"607e97a3-e06"
Last-Modified
Tue, 20 Apr 2021 08:58:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3590
696515.jpg
haberbank.xyz/d/news_t/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696515.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
edde44925437dcc7eb3d75062a28fbe433a4818f640d2df8369211df1e3de6f2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611c88f2-1d8b"
Last-Modified
Wed, 18 Aug 2021 04:13:38 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7563
696514.jpg
haberbank.xyz/d/news_t/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696514.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
344412afaba0cfa4c326b640c6e3488ff70fbe93e566913a8660150769083c67

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611c88f0-209d"
Last-Modified
Wed, 18 Aug 2021 04:13:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8349
696495.jpg
haberbank.xyz/d/news_t/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696495.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
2fcec7cc42085ed7c21736b39ea8c944977d51a00b5497d7175af17e737edeb6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611c86a7-fc5"
Last-Modified
Wed, 18 Aug 2021 04:03:51 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4037
696489.jpg
haberbank.xyz/d/news_t/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696489.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c3f269f959af86fa0ffc3c9245daddd856e5c6f1cd66b0a509d7b239f5f1739b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611c7876-157b"
Last-Modified
Wed, 18 Aug 2021 03:03:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5499
696484.jpg
haberbank.xyz/d/news_t/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696484.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8e9cfd680e674dad9df993f4b71a3377c0d8cd66395402df9420b989519c86c8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611c35a9-1b11"
Last-Modified
Tue, 17 Aug 2021 22:18:17 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6929
696652.jpg
haberbank.xyz/d/news/ 		342 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696652.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0234aed01b43cb2933f36edee04fb8061bb783456502eddf1ed53798a2fd1807

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611ccf3e-55677"
Last-Modified
Wed, 18 Aug 2021 09:13:34 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
349815
1x1.gif
haberbank.xyz/s/i/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/1x1.gif
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
43
696636.jpg
haberbank.xyz/d/news/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696636.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8be4a0637aba9097b24abf18e5a7d074faf7f790e935465d2fd780f664976211

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"611cc4b6-2d0e"
Last-Modified
Wed, 18 Aug 2021 08:28:38 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11534
696612.jpg
haberbank.xyz/d/news/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696612.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
fe7dba94746836646c306ce9c39176db00b9da3cdae1bf7dc041c145057d0b33

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cbc95-3582"
Last-Modified
Wed, 18 Aug 2021 07:53:57 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13698
696602.jpg
haberbank.xyz/d/news/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696602.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
4858efe3d67a3bcec8af530bfd8091e60fe014107482853995551c6241e0737a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cb6ae-3788"
Last-Modified
Wed, 18 Aug 2021 07:28:46 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14216
696583.jpg
haberbank.xyz/d/news/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696583.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0182f3e6cbd441d6179668ca244ede8455f87948e2c9adb9b22a3f0231d8ead3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cae82-2c2d"
Last-Modified
Wed, 18 Aug 2021 06:53:54 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11309
696576.jpg
haberbank.xyz/d/news/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696576.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
557a2481814cba9005cd2ff80f43570b2329c1ec0c961c202d63a6e6d99ea292

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611ca8aa-25c6"
Last-Modified
Wed, 18 Aug 2021 06:28:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9670
696545.jpg
haberbank.xyz/d/news/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696545.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c5418201407117e7ef6c4207e1bb625e1559c296d97ff524126bea7c51add0c1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c9121-2c10"
Last-Modified
Wed, 18 Aug 2021 04:48:33 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11280
696532.jpg
haberbank.xyz/d/news/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696532.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
908045b777d9906109fd2170f2009e2df5b9ac03d8db3a11095d0bc49fe1fa17

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c9004-44c0"
Last-Modified
Wed, 18 Aug 2021 04:43:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17600
696513.jpg
haberbank.xyz/d/news/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696513.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
a45d3feee0dee4f40bbeeb9afb6e321a1df6bea8f6a1a3caed6de69721bf21b9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c88ee-3a0b"
Last-Modified
Wed, 18 Aug 2021 04:13:34 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14859
696476.jpg
haberbank.xyz/d/news/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696476.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
502195048a6a8005571119c98ebe3282278e74cca1de6512563c8997d0ea1408

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c2542-643c"
Last-Modified
Tue, 17 Aug 2021 21:08:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25660
696461.jpg
haberbank.xyz/d/news/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696461.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
1fcebac5ec46b66c08435c08389c4d97136d16caeb3ad24cf8aae52cb131eeb5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c13ac-2b7d"
Last-Modified
Tue, 17 Aug 2021 19:53:16 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11133
696626.jpg
haberbank.xyz/d/news_t/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696626.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
788e7fe4e0b96a66ef6b67ec93a8c15ee57b874551c27fbf1df2061782bfba4f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cc13e-1ab0"
Last-Modified
Wed, 18 Aug 2021 08:13:50 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6832
696547.jpg
haberbank.xyz/d/news_t/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696547.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
38e71574b72981e9e327b18c8e9d4fe3ac4ea68d9458b04491eaf31eb946ea23

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c9388-1b18"
Last-Modified
Wed, 18 Aug 2021 04:58:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6936
696537.jpg
haberbank.xyz/d/news_t/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696537.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
63fa1f97c9bc448552b4d5d3c90061d2dd58e43deca946e70cb75f3be15977a7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c901e-222f"
Last-Modified
Wed, 18 Aug 2021 04:44:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8751
696481.jpg
haberbank.xyz/d/news_t/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696481.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b4f8894d94b318f6b45d307011393175ed8165812e67753cdfd6347650474533

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c3352-1774"
Last-Modified
Tue, 17 Aug 2021 22:08:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6004
696472.jpg
haberbank.xyz/d/news_t/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696472.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
cd2c04dfa65eb5457195f7c6cfe519db5e74b33c3365dbd439052a136b13a6a8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c2092-2130"
Last-Modified
Tue, 17 Aug 2021 20:48:18 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8496
32250_b.jpg
haberbank.xyz/d/gallery/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32250_b.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c941a2b97730aab3c99c2a772635a5e93e8e1efdeda0b9302b8ea1cfd7e711b5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e801c2-cdd1"
Last-Modified
Fri, 09 Jul 2021 07:58:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52689
32250_s.jpg
haberbank.xyz/d/gallery/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32250_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8d1dcf0f360d149d81a2e95d8f839fa87615fbaf0d9f7af418721d84cf418246

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e801c2-72ca"
Last-Modified
Fri, 09 Jul 2021 07:58:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29386
32249_s.jpg
haberbank.xyz/d/gallery/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32249_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
acf50b45d9a0cc2d9887ab83a1b5112ff3f219f1056b31da052ecc66e10429b1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e8014e-4e5e"
Last-Modified
Fri, 09 Jul 2021 07:57:02 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20062
32248_s.jpg
haberbank.xyz/d/gallery/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32248_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
d7497beffcd1fbb22b76bf35e3ce6885ad906f93233c5bdda1f58ff423716819

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e6bd01-2347"
Last-Modified
Thu, 08 Jul 2021 08:53:21 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9031
32247_s.jpg
haberbank.xyz/d/gallery/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32247_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
daad39b756e2099575c560ca68f1134cdbbecfeb02db8c6654c3f5ec2b1f6d0f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e4c5e9-3cd1"
Last-Modified
Tue, 06 Jul 2021 21:06:49 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15569
32246_s.jpg
haberbank.xyz/d/gallery/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32246_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
892f356f79a98c66de818355ac375634e39ce10a39440f71392edee91296ac19

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e2c9fd-5724"
Last-Modified
Mon, 05 Jul 2021 08:59:41 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22308
32245_s.jpg
haberbank.xyz/d/gallery/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32245_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
f98f2b089201cd9d93aaad02ee002c49f0ee0cd7f268e32e867d97329961946a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60dc7ec9-5874"
Last-Modified
Wed, 30 Jun 2021 14:25:13 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22644
32244_s.jpg
haberbank.xyz/d/gallery/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/gallery/32244_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0b1f3acbb1221be4eadc501d2e428e7c4f1dcf467bac7115b00e956ed4e5bc4e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60db009a-53d2"
Last-Modified
Tue, 29 Jun 2021 11:14:34 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21458
696645.jpg
haberbank.xyz/d/news/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696645.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
26a6b3951637f081d057f796c17b11865fe4a64512a9029e0b8a983ab027f595

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cce80-3747"
Last-Modified
Wed, 18 Aug 2021 09:10:24 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14151
696630.jpg
haberbank.xyz/d/news/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696630.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
f3d8ebc2323f8193f8fdd9ec690b9883f435062e5116ac1544042535d54345ca

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cc25c-376f"
Last-Modified
Wed, 18 Aug 2021 08:18:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14191
loader.js
cdn.taboola.com/libtrc/liderhaber/ 		206 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/liderhaber/loader.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ac618ec136931453b97f7e1b619940be18d3d1cf57d87dbe1f75164c82eb2ce

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w2i1Z0yzBwU7iqWg5VCaBWNRYBQuOjSG
content-encoding
gzip
etag
"a41a1d82ea186c8bb60c0f9cc9975fba"
age
87
x-cache
HIT
content-length
25773
x-amz-id-2
r8OygYBgEIT7kPkSF+RBnZ12N6OnXUdgr4yqK9HajaaUw2vMmy626CQ3GHDbfIgI6vE/0xmiiP8=
x-served-by
cache-fra19135-FRA
last-modified
Tue, 17 Aug 2021 15:14:02 GMT
server
AmazonS3
x-timer
S1629278420.841955,VS0,VE1
date
Wed, 18 Aug 2021 09:20:19 GMT
vary
Accept-Encoding
x-amz-request-id
3KD3CEJ7B2C1J51J
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
33
x-cache-hits
1
60825.jpg
haberbank.xyz/d/video/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60825.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e6f6705d8bd6b774eee5dd8ee22de7c4748237b87f5e8c4e0c424f36d61a0381

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5e9f8825-5fc0"
Last-Modified
Tue, 21 Apr 2020 23:56:21 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24512
60824.jpg
haberbank.xyz/d/video/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60824.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0d5b13be7174b98a286badaa41fdf234f4c8a2a904cd9d6077011345d00c3238

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24d25-3d9d"
Last-Modified
Mon, 18 Nov 2019 07:49:57 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15773
60823.jpg
haberbank.xyz/d/video/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60823.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
6dc04926bfead3648a1a6bec7ca2f2bd70b26811c5f51ae969631979cf5a696b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24d18-4860"
Last-Modified
Mon, 18 Nov 2019 07:49:44 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18528
60822.jpg
haberbank.xyz/d/video/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60822.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c859583ac41173f2bdbd19ca7c4a274f787cffa0e6f61c5eec4924369c4a7add

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24cc9-37ed"
Last-Modified
Mon, 18 Nov 2019 07:48:25 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14317
60821.jpg
haberbank.xyz/d/video/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60821.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c8ac7de792c2dbe2cde57197b58e3f2ab26b0b6a4a74cb0f84716b5d64e138cb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24cb9-254e"
Last-Modified
Mon, 18 Nov 2019 07:48:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9550
60820.jpg
haberbank.xyz/d/video/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60820.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
4ea0126a8f3df5e4be70a1d8e90df56a0537db00fc5d1c973623519751aa0ccd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24ca2-2836"
Last-Modified
Mon, 18 Nov 2019 07:47:46 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10294
60819.jpg
haberbank.xyz/d/video/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60819.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
a9a26200327e8aaf6c9b3e7f7bed753319ea1ca39997db3decf954ccaf3f0782

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24c78-1faa"
Last-Modified
Mon, 18 Nov 2019 07:47:04 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8106
60818.jpg
haberbank.xyz/d/video/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/video/60818.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
77b858685f05f8190915abd7dee94e4c5ca8f3852036e7980a5d40abcc43efbf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"5dd24c50-3471"
Last-Modified
Mon, 18 Nov 2019 07:46:24 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13425
696647.jpg
haberbank.xyz/d/news/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696647.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
bef94bb1a6a7bbb14f946f6396505f4d10309ee5a8379d166ea76aeacdb8d27d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cce84-4cc0"
Last-Modified
Wed, 18 Aug 2021 09:10:28 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19648
696650.jpg
haberbank.xyz/d/news/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696650.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
faccd1367d9ca6bc500db876e82002c7aaf7a6ac38053ef9be2f2931bbdcecc4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611ccf3a-4bb8"
Last-Modified
Wed, 18 Aug 2021 09:13:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19384
696450.jpg
haberbank.xyz/d/news/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696450.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
a7c4b1199dad4f4f0b399b610b6cd52a2e9a8625f2ec99226f95577568a70335

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c0924-2ada"
Last-Modified
Tue, 17 Aug 2021 19:08:20 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10970
696635.jpg
haberbank.xyz/d/news/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696635.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8ad34b9c0e62e29634c681f9b6ebb54a343d09cfb0380b24b75d11eb144296f9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cc4b4-2dd8"
Last-Modified
Wed, 18 Aug 2021 08:28:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11736
696474.jpg
haberbank.xyz/d/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696474.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
488fb522659be2e5f5b819c9466c49fbdd7fd692b20b3192f01ceb3c8725cb8a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611c22e5-2213"
Last-Modified
Tue, 17 Aug 2021 20:58:13 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8723
696649.jpg
haberbank.xyz/d/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696649.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
5fe19808ad099f13fa61d92bc601912de677a900ca535c344029b8dfe4999b0e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611ccf36-222e"
Last-Modified
Wed, 18 Aug 2021 09:13:26 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8750
695620.jpg
haberbank.xyz/d/news/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/695620.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e20edb943fa99e584614bf7b3d5a347e1a7aa3cf458200dcde4015d6c5c556f1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"6118d153-299a"
Last-Modified
Sun, 15 Aug 2021 08:33:23 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10650
696196.jpg
haberbank.xyz/d/news_t/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696196.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
50eb52744efe58839f7d41fad9899d7bad03952c3d800c2c280b7cd85d246a41

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611b61a0-1f6d"
Last-Modified
Tue, 17 Aug 2021 07:13:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8045
681501.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/681501.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
a5d47adbe1b93304f67cb69e3d6bdf09fc741e48ddb00431b76ed0f5e0ad4551

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e306e0-e06"
Last-Modified
Mon, 05 Jul 2021 13:19:28 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3590
681273.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/681273.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b9e84f704bac793faf4090489993f63c936647e5f7722ff3439ac2f2d185b7c3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60e292ad-f09"
Last-Modified
Mon, 05 Jul 2021 05:03:41 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3849
679674.jpg
haberbank.xyz/d/news_ts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/679674.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b61fe764edbc50a36c4d2326be0a0423c11bb73c0de87aea518a032f76946f7a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60dc4037-a78"
Last-Modified
Wed, 30 Jun 2021 09:58:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2680
676408.jpg
haberbank.xyz/d/news_ts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/676408.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e4d051b39cc57452b3f9f3653092202fdf16bf2a01c3dfe52bc7283bed9ed3eb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60d018cd-cc6"
Last-Modified
Mon, 21 Jun 2021 04:42:53 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3270
676409.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/676409.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8e6fe64899bb06f60961c891c7557e38e641de06681fd1d959bdaf6493a46fc6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60d018ce-ec6"
Last-Modified
Mon, 21 Jun 2021 04:42:54 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3782
696599.jpg
haberbank.xyz/d/news_t/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696599.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
9c6e94d56fa93456f2c94126a6128b34922c790cc3e72a03755f885b03c4d668

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"611cb6a9-1e66"
Last-Modified
Wed, 18 Aug 2021 07:28:41 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7782
674022.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/674022.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
51cd71b1385796d2ef453fa38f31fe3c1257aa72abd667b613de34136bd2649e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60c70f97-101c"
Last-Modified
Mon, 14 Jun 2021 08:13:11 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4124
669993.jpg
haberbank.xyz/d/news_ts/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/669993.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
2c4569a123585f4f0660d581df2d1639216b118941dbc8f68043be6e7bbc2aaf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60b76198-d20"
Last-Modified
Wed, 02 Jun 2021 10:46:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3360
668789.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/668789.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
d2ba79d78694b0917243f69390adc049b2dac032398cc9925a00df3bd88689e9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"60b3a113-e4b"
Last-Modified
Sun, 30 May 2021 14:28:35 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3659
659998.jpg
haberbank.xyz/d/news_ts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/659998.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8ed8a96418e11927180feb2f43a52470670f246117ebf4dad19cacb17c252ae9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
ETag
"6091555c-a0b"
Last-Modified
Tue, 04 May 2021 14:08:28 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2571
639865.jpg
haberbank.xyz/d/news_ts/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/639865.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
7615baa1d0a2426f7ec41fd2764df17ebbb3d8e21c82ebfb88b8969d330c5415

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"604dd07f-9f7"
Last-Modified
Sun, 14 Mar 2021 08:59:43 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2551
667360.jpg
haberbank.xyz/d/news_ts/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/667360.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0a0c8d7f05e3b8d5afb8654c9497a2a7a3141e02a7c2155797b028ee1a1953fc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"60accf2b-d55"
Last-Modified
Tue, 25 May 2021 10:19:23 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3413
667354.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/667354.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
45892495b67e265af0bfeac3b1536730b441a96319d90682ad8e397dcaa5f198

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"60accf59-eee"
Last-Modified
Tue, 25 May 2021 10:20:09 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3822
667342.jpg
haberbank.xyz/d/news_ts/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/667342.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b6b5b6f0674b63603da099ce4dfe9ed5d4f3cfb1b05cb294e9ad7cae084c3375

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"60accf6b-ef8"
Last-Modified
Tue, 25 May 2021 10:20:27 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3832
660669.jpg
haberbank.xyz/d/news_ts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/660669.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
6a3716b4dd56680e89dc3b5a1a045f17166d65fe29db277aecaeff983232912c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"6093ba8b-cb5"
Last-Modified
Thu, 06 May 2021 09:44:43 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3253
660632.jpg
haberbank.xyz/d/news_ts/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/660632.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
1c3ca6d969feff8dda54f4cd1f32c2321171f1d7c24d34c31ea2b359ad370fe2

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"6093babc-d27"
Last-Modified
Thu, 06 May 2021 09:45:32 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3367
660635.jpg
haberbank.xyz/d/news_ts/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_ts/660635.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
80a45863e4c39b2491174aedcbd73d8f2cdfa82298e329567cbb1432388eb799

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"6093baa9-ae5"
Last-Modified
Thu, 06 May 2021 09:45:13 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2789
696564.jpg
haberbank.xyz/d/news_t/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696564.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
300a46532c1bcc4d81d2c2f61a5f66e79674d76a0f43faaab30b52a64f0d9b6c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611ca50f-19e8"
Last-Modified
Wed, 18 Aug 2021 06:13:35 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6632
696493.jpg
haberbank.xyz/d/news_t/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696493.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
abbbb63e5616fa3a2bf9113e259b0fe9793f70fcdd33114a1c47885ae8ccc881

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611c8566-1e39"
Last-Modified
Wed, 18 Aug 2021 03:58:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7737
696479.jpg
haberbank.xyz/d/news_t/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696479.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0c566704e10564b6992cf1ac0e15fea9f5992e3fb6ff07bbfbf3280751df7ffc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611c2fdb-278f"
Last-Modified
Tue, 17 Aug 2021 21:53:31 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10127
696507.jpg
haberbank.xyz/d/news_t/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news_t/696507.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8f1056221f1fac6327f586da0c20138f2d6b12ed6dc2c66fabe03b7a7da32248

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611c87f0-1ccb"
Last-Modified
Wed, 18 Aug 2021 04:09:20 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7371
1_s.jpg
haberbank.xyz/d/author/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/author/1_s.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
a2069353a95b487b5b79ee5a50e2e952b870a3fec717c67672ded9143775bd8b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"5745a7e6-57c"
Last-Modified
Wed, 25 May 2016 13:25:58 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1404
css
fonts.googleapis.com/ 		2 KB
656 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700&subset=latin-ext
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49bf74092519230222c54861f904556e19e3f4cb715fc3c60ad7e378822ac967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 09:17:27 GMT
server
ESF
date
Wed, 18 Aug 2021 09:20:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 09:20:19 GMT
1582
revenueflex.com/rest/siteconfig/ 		47 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://revenueflex.com/rest/siteconfig/1582?pg=https%3A%2F%2Fhaberbank.xyz%2F&cache_buster=0.5085036264647509
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS
ip221.ip-54-38-29.eu
Software
nginx/1.16.1 /
Resource Hash
6cea7d67aa87b4bb4916b9b1ea7233b32332dbebcf8f6b78258829ad4e48dfa7

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
X-Mobile-Device
0
Server
nginx/1.16.1
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Expires
Wed, 18 Aug 2021 09:20:49 GMT
Cache-Control
max-age=30
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Length
47
X-Proxy-Cache
HIT
body-bck.png
haberbank.xyz/s/i/ 		137 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/body-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
755b29e8fc45b54c36fa66190170b00fbe94e959e6c621efcab5a6c4e1bf02d1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
137
base-topbar-bck.png
haberbank.xyz/s/i/ 		669 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/base-topbar-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
fb4b27b4a022b4f7bf448aec63c2f73a4adf058665212da521b42807f107bf9e

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
669
quick-launch-item-bck.gif
haberbank.xyz/s/i/ 		46 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/quick-launch-item-bck.gif
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b7d11fe80889199b11f169951706d7fe39a06c58185089802b9ecb4807d228c5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
46
currency-icons.gif
haberbank.xyz/s/i/ 		99 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/currency-icons.gif
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
fbdc4900f2754a5effa8f0ddbc9c072d549c32a5f3bf2e711f5002b626032b94

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
99
weather-icons.png
haberbank.xyz/s/i/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/weather-icons.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
d551596511264d694ac679eff2e31059f02eec98c614566f797ae16ec44d9617

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"56ed841c-2646"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9798
base-outer-bck.png
haberbank.xyz/s/i/ 		111 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/base-outer-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
938c833f076e9a9069a9ba9220f014a3d768fb804fa2f657da9e1967e4f0b8b4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
111
pubads_impl_2021081201.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
sffe /
Resource Hash
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Aug 2021 08:42:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117424
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		32 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=haberbank.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
c207220318ecf7a91088232fb8f298d37ee1c65c14a612995795cea38aaf174c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:19 GMT
base-top-bck.png
haberbank.xyz/s/i/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/base-top-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
78c0f77679f8b3318f2b466f00c9bdd3013e6034275c9e789b7f0db03d10de2c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
ETag
"56ed841c-1c7f"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7295
top-nav-item-bck.png
haberbank.xyz/s/i/ 		190 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/top-nav-item-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e60e74b4e59cc043b87281ebe6a3ce183dd0db40598168b94617b49e3689ce47

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
190
cm-icons.woff
haberbank.xyz/s/i/font/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://haberbank.xyz/s/i/font/cm-icons.woff?97620171
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
0ab20cbf2d53b45fe3896d83db8aa635bfc20478c1299655f92f03643f8b4bb6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://haberbank.xyz
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Origin
https://haberbank.xyz
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:19 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
ETag
"56ed841c-5af0"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23280
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://haberbank.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 00:57:00 GMT
x-content-type-options
nosniff
age
116599
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 00:57:00 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700&subset=latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://haberbank.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 18:46:40 GMT
x-content-type-options
nosniff
age
484419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11996
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Aug 2022 18:46:40 GMT
1582
revenueflex.com/rest/pagehit/ 		1 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://revenueflex.com/rest/pagehit/1582?pg=https%3A%2F%2Fhaberbank.xyz%2F&cache_buster=724751
Requested by
Host: revenueflex.com
URL: https://revenueflex.com/d/4/8/f/48fa6b2543c4efa71f18e4600b6d8b47bc58b1db.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.38.29.221 , France, ASN16276 (OVH, FR),
Reverse DNS
ip221.ip-54-38-29.eu
Software
nginx/1.16.1 /
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
Server
nginx/1.16.1
Allow
OPTIONS, GET, HEAD, POST
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,HEAD,OPTIONS, GET,POST,PUT,DELETE,HEAD,OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Requested-With,Accept,Authorization,Origin,Access-Control-Request-Method,Access-Control-Request-Headers, *
Content-Length
1
headline-bck.png
haberbank.xyz/s/i/ 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/headline-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
79f97f5c807f55fc2d99cb2dbfac95eb04bf5a88aac565fcbf398c7ccef2d6cf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:20 GMT
Last-Modified
Wed, 01 Jun 2016 12:32:44 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
848
headline-pager.png
haberbank.xyz/s/i/ 		194 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/headline-pager.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
f98b5c90b315feefeb8aeb9007b58472f95b6b43d974c905c00cc4c067166403

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Wed, 01 Jun 2016 12:32:44 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
194
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195117963-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6226
date
Wed, 18 Aug 2021 07:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Wed, 18 Aug 2021 09:36:34 GMT
impl.20210817-13-RELEASE.js
cdn.taboola.com/libtrc/ 		526 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210817-13-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/liderhaber/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7957504f907ffedfc0d7ec27f93664a47d4d36b36ece1386e74492f753d24025

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
TUSbl2l40svWfFlJVwXYPuHPAYztwB_9
content-encoding
br
etag
"01b707a86593ca856ebf2a0f0e6660df"
age
8837
x-cache
HIT
content-length
119131
x-amz-id-2
SJFl3emlXaODWt+FNX9JGwX4194FWDOq8QH092XapRhZ7G1it8VYVpihCOnA9OwTQVpjvnfZKns=
x-served-by
cache-fra19135-FRA
last-modified
Tue, 17 Aug 2021 14:51:27 GMT
server
AmazonS3-br
x-timer
S1629278420.224410,VS0,VE0
date
Wed, 18 Aug 2021 09:20:20 GMT
vary
Accept-Encoding
x-amz-request-id
QFVX0N7VDPX5JD4E
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
93
x-cache-hits
31937
index-gallery-bck.png
haberbank.xyz/s/i/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/index-gallery-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8790f3f6771766c7cbdf53328393a037b9bad3661cff0bf69e79a9655a84206b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-98b0"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39088
index-gallery-page-list.png
haberbank.xyz/s/i/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/index-gallery-page-list.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c87f0c02bc8c633f765ea833d8260d34a1a39dcc9570f75079dc24fb41353443

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-463"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1123
cat-news-bck.png
haberbank.xyz/s/i/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/cat-news-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
bba77803b29277143ede66598b65cc1bc4d927097df98120148e20a84f262301

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-15327"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86823
side-caption-bck.png
haberbank.xyz/s/i/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/side-caption-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
d1156fc4379a2d391453aecabbf2ab8677618109593b92df41156c2b23307fb7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-1119"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4377
side-content-bck.png
haberbank.xyz/s/i/ 		89 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/side-content-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
81023878bc116ebf7cc254f1dca8628175a52789ff8e70dfaf7acebdc10b4a0c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
89
headline-side-2-item.png
haberbank.xyz/s/i/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/headline-side-2-item.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
ef6ab0092642cc91c3ba854b8012a9a85fbc3eda06b8093d7ba8da36f59b5c6d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-917"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2327
side-bottom-bck.png
haberbank.xyz/s/i/ 		98 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/side-bottom-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
c61a359ed865f2c5fb69be465754f10a55594e28454840f1fb02f37a407929c9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
98
mostly-item-bck.png
haberbank.xyz/s/i/ 		117 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/mostly-item-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
498d2c1fccd2727f6c8373dddb63c3be2faeb16a7877739685328135be596255

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
117
line-04.gif
haberbank.xyz/s/i/ 		44 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/line-04.gif
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
d4c2aa11a021cbea64968abb5df81afbb3ccf21ea2286e90ea4b1345cdc837d9

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/gif
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
44
author-side-bck.png
haberbank.xyz/s/i/ 		164 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/author-side-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
b8eef04aeb78f8eb66d8421b890f10fc6f971a0f89052cea6a33c49a5a6946b3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Vary
Accept-Encoding
Content-Type
image/png
X-Accel-Version
0.01
Cache-Control
public, max-age=290304000
Connection
keep-alive
Content-Length
164
base-bottom-bck.png
haberbank.xyz/s/i/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/base-bottom-bck.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
f5e4daaf8087c0d891b8853040b9f531f2857748130d27014fc47327df281a06

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-1535"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5429
cat-news-pager.png
haberbank.xyz/s/i/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/s/i/cat-news-pager.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/s/style.css?2007041.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e7949f7a06fa87f787e6c78a3e70879176e4937262deae49fff4d57a72ab96e3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/s/style.css?2007041.css
Connection
keep-alive
Referer
https://haberbank.xyz/s/style.css?2007041.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"56ed841c-463"
Last-Modified
Sat, 19 Mar 2016 16:53:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1123
integrator.js
adservice.google.at/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.at/adsid/integrator.js?domain=haberbank.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=haberbank.xyz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421325&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=129&adys=50&adks=729430596&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=655x-1&msz=160x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a0a1cddd93d58b74419056506c445bc99decb3874d50c7193f9a952d599fcba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7506
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D57 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421352&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=1311&adys=50&adks=1366858423&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=784x-1&msz=160x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
00ba58400fe4fb6a47e77ddf7117da1155435979ab49bff6fde398f8b8ed5791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7470
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421358&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=54&adks=2060048634&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=970x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
694fe7ebf24a35b5723242b213a3236d7079ec44e68e6b88e4358343ddd87059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10612
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=670x90&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421367&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=562&adys=321&adks=1731393643&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=670x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
29f05e8bf9a1687fa02e4c279f688b6c62ac272c08e1c8bd4db9f0649ac6c68b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7880
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x90&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421373&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=503&adks=3734033171&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90&msz=980x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
d7981306cb2f4a96bc2d386120fc451ea9e00c592eb9d159106f9eab81322e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7868
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421376&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=849&adks=895373562&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90&msz=728x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7a18a8eade404b816f73ce1eaacbb7c9b6caa1982de1c9467ba540fd7cb15560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7490
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421378&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=990&adys=951&adks=2857365685&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x264&msz=300x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=4&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9db4f6a9acb774b771102d222fe371f1055a80d1e04788c53cc5b4818a339f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7299
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2034611275176350&correlator=3476017205823017&output=ldjh&impl=fif&eid=31061422%2C31062231%2C31061424%2C20211866%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210818&iu_parts=65969644%2Cgeneric&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1629278421&dt=1629278421384&dlt=1629278419401&idt=1549&frm=20&biw=1600&bih=1200&oid=3&adxs=310&adys=1767&adks=1325837032&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fhaberbank.xyz%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=970x-1&ga_vid=1157603661.1629278421&ga_sid=1629278421&ga_hid=338831026&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
73aaf945c213727963e320dcbac08cd98fd0f421ca20175c19abb196f6147fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11419
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://haberbank.xyz
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=338831026&t=pageview&_s=1&dl=https%3A%2F%2Fhaberbank.xyz%2F&ul=en-us&de=UTF-8&dt=Haber%20Bank&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=104555673&gjid=1230380693&cid=1157603661.1629278421&tid=UA-195117963-1&_gid=167598074.1629278422&_r=1&gtm=2ou8g0&z=1011129197
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://haberbank.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A965 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113446242536"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27733
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:21 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 90E1 		624 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 09:20:21 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkN0tT2PX7uzRf2rqd4JSND1PotTmdnCTdnis6VvLvfSm8uR2EXc-E3vSpV; expires=Mon, 12-Sep-2022 09:20:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 09:20:21 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A965 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0OHnVUcXEhLoSrdHY85rb7ET9BS9nCy9-oLE4fAIZy0wJtinPO_HK4kwhZpHgRgWGB3Mvjormp50srBscqU454n7kZRb27cCtNX6uLU9SRCrpZw6a5GI2X95Knr4vA7fnSLX1_wNZqLcY2B9HOibZocJfwQ&dbm_d=AKAmf-BMY0Fn12bkzFdzTAsSiW-hoW4gIpJyACbbOt-_Z5hgixTuSEH7asMPcoJubu1Z1t_gFm15nf1to7qWP3dr591-muqto6lR2Q0WYAfizu9_ue6J1NLhXo56JN8TwjkS08mZjgtp3XPj-tWWbJSldRZqOQUo5wy_fp7D1iYrdfYY0J7vlN71ge75bkuGCv2r70W9qdKJ_UM_xXXQfICCJ811baQVJcRixybMLYFjr-5CHeEtI2-T6MuB9FwHocxAZVMI1S5ML9NOoK2nbvZZUxVF0hvEaQAYmXLEtBALy5U9ynoHDkhgTeKywQ_NDdrsrxcoM3qSFv848kzF39WbelIXSJdoeu3Xf09n9nTtF1C5OKnMRhZl5mqC2o_iLCwUAfVXbh7-G1P5iwp8XKyB9F2QKzW-L0YLH5BmNGWUTPcXOMl2HdL-AIBg0dzTCFl3Ofxz1t4P_vbZLZeQRmXDNrmZ-scTa-L6sB38VVd82VBw0rDK2rK47oOcqmuA1nlIeKQOVRGLXr0w1m9Ga-wJeJzVk7Yd10z30oUT2V9DCnRpwe8khIvpc91HRGHWDwfi1GlTc09RQlrVqLAbVa6FzuwyqBrzg2iTf_uApM6Nxqr-XHTkxQ9f0KBwkD5mKuYTTCYXTzjaTPXOXMfX12LhiKUHUcGcIZfksIug2RrOzKJrX83VjWjJsBjmvrSVtUyKJ09TKK79PqKMTQfWZ7eWGbUhkk3XPnxuPoUPntZGLhhH3s5cLmGKzcy-TKYeMik3Q8EYsdyOUpEJT8V781itPSIxY842WguP3zEZeqNbFtAsBCOuLo6GbwNUueIJ3KAL2qbaenWa5USlMyCYpiR3USJfNAMpcRS1S3EKqyLfrrH8YyOoc3FOWg-E1gTvpJ33-duMvqLnWhgdPe_V2v3VnhQrHDbREykjk9-0niNdulHq5G7EZyTZ0iL4cVFy0vEt4bo1PbFO12uQK091niCg1rJxXR4JylagVDeqqRG0BiqXdBXQxKKQ0hkkoKx_vic8wsjqcam7zbEHlndYp7E4IvmZ2V0B9_W5W7ivi87iM9G3Xy74pin7yfEjOeXeVEiye-9hRle22mdnUZVDnM8hT4fOGE0guaFZuyJD7XLyMo4AfKElK2LuuZgMZe55dW6ZAqyhUyYSy8uyBH2hvYT7CVhZ_YnKoNfMXvp8Ma9GBFnncK2Z2eOe3R7VHprliJGIzI57r0z1tefGEXP0hglXYKMt66j-SioJdyFw-mb6rNbTuMQf8K74QyZpiMt-QrCrumYVdrOtMnTd-AUVoM8O88Ewb5GVQobG1tzP6F0-BFNfQcFgW2V9YU8fmi7TQ4eDhzglDqAT5SX7ThQb3XIRjfVXbykab-0CvVo4OBhp3hdi9VOT2l4KfpiAmeXraknCPXsm3e9FF1xsRkAwu3769PgEmYA9uZNJvPz5W1aDMXQFHzlXfCqZ_6iVyvEEnMGSMOITfYIZql5AMX_yIDAWqjK1tXNX9DIfdCbXMGFu1lviu7jcduCIyVWqvXFJW3WZsPNJ2OeoZA4C3MzHMjw04ZiP0k1LGbpVmlrFOwZYWaR8u_g5LlY3N7m9MbTUP7aoQOPTcMNNl4iz_81xzbDFI-ok-50wItjG7ja0YaoqXxgBi6EnFhn4-OaLvt7UgMki4aDd_PR0c07P3oH1cPBS8etPIb_ZIHOnsAHLCMQBpLqQalUm-OE-4TaISaJuWhVLb7_0zzjJPPiroc55VChofWSjxur8fUys9L9b5NShhjUezF46ZAlMU_ppMKEdgLmZQJ9WVeaNyU-at4lCAvCIQ-TWloX2Na60wyYybw0I1cjLgw12qnfsxtisHDncBIUkMo40cNa_KmQY1qYscx5_ejgd5Y3kcExsq3NLO4vFAOOYDP_3uvULUTatDtlsV0R7z0PhAshcG4eDfAeddVBhA0X2TZgFoPVVEtPIZS5KDOX0E3v2354oop4m5f29OrG-sDglc9rMrnzvz8UAzQkaEO2gw8DurHFyDRCc915maQLnKTof06ohnJw3ljpWkGmUIwPnaMnbBnazDdcIQIyE50PgVhMWz5KmaUXxviKFULTxgqSlRG4xB4DGnBYqE7xb2V6PfH3hOCryE79_fsxiZToDenTd9DKHrT1NNqnUezuH6KXaxDp-JMLL2D0y8MJbFrKJmAKmwDqIhv_HHBNaqn7PewEKti6VJcyEzugtrWvwNmA_wEPnaXD58SGr3szSM5wrIXmyrtUb7AexCGTPpRQYuym3UrzYClbEMIz6wjmKPlGnoE4VFd9b8vvUkIMkKbkiUTVAqEND83O1RdvmLL8EAN16CAUeLwtszYr5W3rEZL2zf0v3c71wIN6SkCwZ6tGWR5dnsmOLM2Rz1Ppan1V5NPUp-ai5jLuUZ2L4CrUSKdCMOzPqxbQScpq8inTT5qDE1bpHxRvguODmZ07ae-wF11qz-GLrKlHy4Bmf8Yps4pYP2CGRr7oJKRNCB9SUnxocwVErq2HrHqtspWCl0mwREkw04FAUP8Ie7JbLK7-HfGAzONVdwfYwleMe7fLBOlOtywtDNsGZu6XqhFw2KFm20WL_EXexzTsvyEDg-DgXQdkppQZwRrDDCw_VOLCqJiB7aJz9RcMoIqwjvgW-Z4EHcnWHIcfqTHLiNc_FnA8eRXXJdypkOgcqH3clAWbQmI0cC14EXBoqfKaTdGvglO30tc1QIMCjPNMUrVIcfb-8nzMO27FiL2np6Qobvz7B5gMRZVbfMaZFfdQKppsK0fneQWk2wQhwD5O0LqzIsMzpqqCOpjU2nRb1oZ8Hs6pNhOidN6F0MkTxHlsoQ9wcVLqr8nG6xk0WtuQ8u7xrNt9ytCdlMg0K7uHdhdR5NxVj4TmmnmRMPUlqCjGdcmyokhVLDotpl0U3tzA0Gdz8Pg450cGczk-4r2NCjYfMJSnh7gqKnkRgELdQQxa0yovywbWTbl2egkz2tlDoGhhhSlMAYrqhiZQlWGivAEd8UzLt4WZC3PePJel-9Sab7uzKehNsRxDZ-mgX4XtSK9KeVtQcBFlfiz_DqsKpIcPBUN42OUBW-qNmOV8Jjxrkzm5VEAwak56rI9UR8c22L3m6ZRhBmIc1UtHHtjlrEtNIo6ix_WFL2l517UdrlJs2O8BxFAzRTSikse6oJi_RDAc-eczAyz-mVqGkssvq_Ct-IerkwLat_LTCAbPbGrLSn3gF_D3STCQmrAfKyJY2KHXxpHOCJkDkeG0&cid=CAASFeRo-OSOz-Xu4ZWUnN8LpdwEackIHA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddc71720012b5d4aecc5cf638289581c4f9eacba6b7da3d02e7b17afb1b4fa64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29156
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A965 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CphV-KCzLggrfdK45jEmLhIxPjp8Y_5S3SzaHVZunyU1u3LPfHzQHsuDqKw4VXf9gLMOkRYrdS_1g24IgzQ-RruV40GfJlvRS8iEn_oH2V-etX95U
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame A965 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A965 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:21 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:21 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame A965 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:16:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:16:19 GMT
l
www.google.com/ads/measurement/ Frame A965 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJUXKdBRD7GHwieHvvCYeytssapIKcZZ672WwjqoTKEvP4WT4gN3YIi2Uk9yx7bmv2Imq6r66sf5greUwvyY0rYXVKww
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
696648.jpg
haberbank.xyz/d/news/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696648.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
e7b4f6cf12af5dd36ab67c78c404bc932cae5be2cec556e158fcaf5dec7c3f2c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
_ga=GA1.2.1157603661.1629278421; _gid=GA1.2.167598074.1629278422; _gat_gtag_UA_195117963_1=1; __gads=ID=a8fceaad1198de2b-220bd877a5c80066:T=1629278421:S=ALNI_MYvPFO2VNQ6eC-1UnqymewV-zRt5w
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611cce85-1c28c"
Last-Modified
Wed, 18 Aug 2021 09:10:29 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115340
696633.jpg
haberbank.xyz/d/news/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696633.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
58880dd235c594c751d5ea7a9587d676c26aba5a4a0bcb6e18f8784925b29af3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
_ga=GA1.2.1157603661.1629278421; _gid=GA1.2.167598074.1629278422; _gat_gtag_UA_195117963_1=1; __gads=ID=a8fceaad1198de2b-220bd877a5c80066:T=1629278421:S=ALNI_MYvPFO2VNQ6eC-1UnqymewV-zRt5w
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611cc264-3a064"
Last-Modified
Wed, 18 Aug 2021 08:18:44 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
237668
696629.jpg
haberbank.xyz/d/news/ 		425 KB
426 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696629.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8410f8cda1e0fc828c679502c25bf44417b684def89cbb6ff8e479a264a02393

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
_ga=GA1.2.1157603661.1629278421; _gid=GA1.2.167598074.1629278422; _gat_gtag_UA_195117963_1=1; __gads=ID=a8fceaad1198de2b-220bd877a5c80066:T=1629278421:S=ALNI_MYvPFO2VNQ6eC-1UnqymewV-zRt5w
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611cc143-6a5ec"
Last-Modified
Wed, 18 Aug 2021 08:13:55 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
435692
696569.jpg
haberbank.xyz/d/news/ 		235 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696569.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
445de3be870fb1a6d8bad08c7ac93113a7981bd6137addc684f136c1b908ee99

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
_ga=GA1.2.1157603661.1629278421; _gid=GA1.2.167598074.1629278422; _gat_gtag_UA_195117963_1=1; __gads=ID=a8fceaad1198de2b-220bd877a5c80066:T=1629278421:S=ALNI_MYvPFO2VNQ6eC-1UnqymewV-zRt5w
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:21 GMT
ETag
"611ca51b-3adcf"
Last-Modified
Wed, 18 Aug 2021 06:13:47 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
241103
rum
dsum-sec.casalemedia.com/ Frame 90E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKxYxMlUPO-crpwAGij8n0&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKxYxMlUPO-crpwAGij8n0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Aug 2021 09:20:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKxYxMlUPO-crpwAGij8n0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 90E1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRzQ1f7n5SV3pvfiDedaywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Aug 2021 09:20:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 90E1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECaBSBDN4GaNgij_KOlbKUg&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECaBSBDN4GaNgij_KOlbKUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6d7de7ea-1161-49a0-858c-a301ac23c9ae
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECaBSBDN4GaNgij_KOlbKUg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 90E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPb_ogIQ0ZTSAhjQ4PJoMAE&v=APEucNVw0FDNc7k0t9zk4fKrZT10eIo0cJhW0d8vyhIUCuiU42Oz7UGNqlvtzMfGFkYhCqgaqaS8ilBisLf_0LgLy5PtQDaDFbSWGEoSi_7wwSrew5remeU5OW0LjiStvhjb-nwjIdZdPU1taVfVDVcgaFDWUmR6VbJNaiOzWBHXxSWdeiDO4ak
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
85c5e35b-5889-42b6-a424-05b516b0333b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame A965 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Aug 2021 07:15:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame A965 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0OHnVUcXEhLoSrdHY85rb7ET9BS9nCy9-oLE4fAIZy0wJtinPO_HK4kwhZpHgRgWGB3Mvjormp50srBscqU454n7kZRb27cCtNX6uLU9SRCrpZw6a5GI2X95Knr4vA7fnSLX1_wNZqLcY2B9HOibZocJfwQ&dbm_d=AKAmf-BMY0Fn12bkzFdzTAsSiW-hoW4gIpJyACbbOt-_Z5hgixTuSEH7asMPcoJubu1Z1t_gFm15nf1to7qWP3dr591-muqto6lR2Q0WYAfizu9_ue6J1NLhXo56JN8TwjkS08mZjgtp3XPj-tWWbJSldRZqOQUo5wy_fp7D1iYrdfYY0J7vlN71ge75bkuGCv2r70W9qdKJ_UM_xXXQfICCJ811baQVJcRixybMLYFjr-5CHeEtI2-T6MuB9FwHocxAZVMI1S5ML9NOoK2nbvZZUxVF0hvEaQAYmXLEtBALy5U9ynoHDkhgTeKywQ_NDdrsrxcoM3qSFv848kzF39WbelIXSJdoeu3Xf09n9nTtF1C5OKnMRhZl5mqC2o_iLCwUAfVXbh7-G1P5iwp8XKyB9F2QKzW-L0YLH5BmNGWUTPcXOMl2HdL-AIBg0dzTCFl3Ofxz1t4P_vbZLZeQRmXDNrmZ-scTa-L6sB38VVd82VBw0rDK2rK47oOcqmuA1nlIeKQOVRGLXr0w1m9Ga-wJeJzVk7Yd10z30oUT2V9DCnRpwe8khIvpc91HRGHWDwfi1GlTc09RQlrVqLAbVa6FzuwyqBrzg2iTf_uApM6Nxqr-XHTkxQ9f0KBwkD5mKuYTTCYXTzjaTPXOXMfX12LhiKUHUcGcIZfksIug2RrOzKJrX83VjWjJsBjmvrSVtUyKJ09TKK79PqKMTQfWZ7eWGbUhkk3XPnxuPoUPntZGLhhH3s5cLmGKzcy-TKYeMik3Q8EYsdyOUpEJT8V781itPSIxY842WguP3zEZeqNbFtAsBCOuLo6GbwNUueIJ3KAL2qbaenWa5USlMyCYpiR3USJfNAMpcRS1S3EKqyLfrrH8YyOoc3FOWg-E1gTvpJ33-duMvqLnWhgdPe_V2v3VnhQrHDbREykjk9-0niNdulHq5G7EZyTZ0iL4cVFy0vEt4bo1PbFO12uQK091niCg1rJxXR4JylagVDeqqRG0BiqXdBXQxKKQ0hkkoKx_vic8wsjqcam7zbEHlndYp7E4IvmZ2V0B9_W5W7ivi87iM9G3Xy74pin7yfEjOeXeVEiye-9hRle22mdnUZVDnM8hT4fOGE0guaFZuyJD7XLyMo4AfKElK2LuuZgMZe55dW6ZAqyhUyYSy8uyBH2hvYT7CVhZ_YnKoNfMXvp8Ma9GBFnncK2Z2eOe3R7VHprliJGIzI57r0z1tefGEXP0hglXYKMt66j-SioJdyFw-mb6rNbTuMQf8K74QyZpiMt-QrCrumYVdrOtMnTd-AUVoM8O88Ewb5GVQobG1tzP6F0-BFNfQcFgW2V9YU8fmi7TQ4eDhzglDqAT5SX7ThQb3XIRjfVXbykab-0CvVo4OBhp3hdi9VOT2l4KfpiAmeXraknCPXsm3e9FF1xsRkAwu3769PgEmYA9uZNJvPz5W1aDMXQFHzlXfCqZ_6iVyvEEnMGSMOITfYIZql5AMX_yIDAWqjK1tXNX9DIfdCbXMGFu1lviu7jcduCIyVWqvXFJW3WZsPNJ2OeoZA4C3MzHMjw04ZiP0k1LGbpVmlrFOwZYWaR8u_g5LlY3N7m9MbTUP7aoQOPTcMNNl4iz_81xzbDFI-ok-50wItjG7ja0YaoqXxgBi6EnFhn4-OaLvt7UgMki4aDd_PR0c07P3oH1cPBS8etPIb_ZIHOnsAHLCMQBpLqQalUm-OE-4TaISaJuWhVLb7_0zzjJPPiroc55VChofWSjxur8fUys9L9b5NShhjUezF46ZAlMU_ppMKEdgLmZQJ9WVeaNyU-at4lCAvCIQ-TWloX2Na60wyYybw0I1cjLgw12qnfsxtisHDncBIUkMo40cNa_KmQY1qYscx5_ejgd5Y3kcExsq3NLO4vFAOOYDP_3uvULUTatDtlsV0R7z0PhAshcG4eDfAeddVBhA0X2TZgFoPVVEtPIZS5KDOX0E3v2354oop4m5f29OrG-sDglc9rMrnzvz8UAzQkaEO2gw8DurHFyDRCc915maQLnKTof06ohnJw3ljpWkGmUIwPnaMnbBnazDdcIQIyE50PgVhMWz5KmaUXxviKFULTxgqSlRG4xB4DGnBYqE7xb2V6PfH3hOCryE79_fsxiZToDenTd9DKHrT1NNqnUezuH6KXaxDp-JMLL2D0y8MJbFrKJmAKmwDqIhv_HHBNaqn7PewEKti6VJcyEzugtrWvwNmA_wEPnaXD58SGr3szSM5wrIXmyrtUb7AexCGTPpRQYuym3UrzYClbEMIz6wjmKPlGnoE4VFd9b8vvUkIMkKbkiUTVAqEND83O1RdvmLL8EAN16CAUeLwtszYr5W3rEZL2zf0v3c71wIN6SkCwZ6tGWR5dnsmOLM2Rz1Ppan1V5NPUp-ai5jLuUZ2L4CrUSKdCMOzPqxbQScpq8inTT5qDE1bpHxRvguODmZ07ae-wF11qz-GLrKlHy4Bmf8Yps4pYP2CGRr7oJKRNCB9SUnxocwVErq2HrHqtspWCl0mwREkw04FAUP8Ie7JbLK7-HfGAzONVdwfYwleMe7fLBOlOtywtDNsGZu6XqhFw2KFm20WL_EXexzTsvyEDg-DgXQdkppQZwRrDDCw_VOLCqJiB7aJz9RcMoIqwjvgW-Z4EHcnWHIcfqTHLiNc_FnA8eRXXJdypkOgcqH3clAWbQmI0cC14EXBoqfKaTdGvglO30tc1QIMCjPNMUrVIcfb-8nzMO27FiL2np6Qobvz7B5gMRZVbfMaZFfdQKppsK0fneQWk2wQhwD5O0LqzIsMzpqqCOpjU2nRb1oZ8Hs6pNhOidN6F0MkTxHlsoQ9wcVLqr8nG6xk0WtuQ8u7xrNt9ytCdlMg0K7uHdhdR5NxVj4TmmnmRMPUlqCjGdcmyokhVLDotpl0U3tzA0Gdz8Pg450cGczk-4r2NCjYfMJSnh7gqKnkRgELdQQxa0yovywbWTbl2egkz2tlDoGhhhSlMAYrqhiZQlWGivAEd8UzLt4WZC3PePJel-9Sab7uzKehNsRxDZ-mgX4XtSK9KeVtQcBFlfiz_DqsKpIcPBUN42OUBW-qNmOV8Jjxrkzm5VEAwak56rI9UR8c22L3m6ZRhBmIc1UtHHtjlrEtNIo6ix_WFL2l517UdrlJs2O8BxFAzRTSikse6oJi_RDAc-eczAyz-mVqGkssvq_Ct-IerkwLat_LTCAbPbGrLSn3gF_D3STCQmrAfKyJY2KHXxpHOCJkDkeG0&cid=CAASFeRo-OSOz-Xu4ZWUnN8LpdwEackIHA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame A965 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C0OHnVUcXEhLoSrdHY85rb7ET9BS9nCy9-oLE4fAIZy0wJtinPO_HK4kwhZpHgRgWGB3Mvjormp50srBscqU454n7kZRb27cCtNX6uLU9SRCrpZw6a5GI2X95Knr4vA7fnSLX1_wNZqLcY2B9HOibZocJfwQ&dbm_d=AKAmf-BMY0Fn12bkzFdzTAsSiW-hoW4gIpJyACbbOt-_Z5hgixTuSEH7asMPcoJubu1Z1t_gFm15nf1to7qWP3dr591-muqto6lR2Q0WYAfizu9_ue6J1NLhXo56JN8TwjkS08mZjgtp3XPj-tWWbJSldRZqOQUo5wy_fp7D1iYrdfYY0J7vlN71ge75bkuGCv2r70W9qdKJ_UM_xXXQfICCJ811baQVJcRixybMLYFjr-5CHeEtI2-T6MuB9FwHocxAZVMI1S5ML9NOoK2nbvZZUxVF0hvEaQAYmXLEtBALy5U9ynoHDkhgTeKywQ_NDdrsrxcoM3qSFv848kzF39WbelIXSJdoeu3Xf09n9nTtF1C5OKnMRhZl5mqC2o_iLCwUAfVXbh7-G1P5iwp8XKyB9F2QKzW-L0YLH5BmNGWUTPcXOMl2HdL-AIBg0dzTCFl3Ofxz1t4P_vbZLZeQRmXDNrmZ-scTa-L6sB38VVd82VBw0rDK2rK47oOcqmuA1nlIeKQOVRGLXr0w1m9Ga-wJeJzVk7Yd10z30oUT2V9DCnRpwe8khIvpc91HRGHWDwfi1GlTc09RQlrVqLAbVa6FzuwyqBrzg2iTf_uApM6Nxqr-XHTkxQ9f0KBwkD5mKuYTTCYXTzjaTPXOXMfX12LhiKUHUcGcIZfksIug2RrOzKJrX83VjWjJsBjmvrSVtUyKJ09TKK79PqKMTQfWZ7eWGbUhkk3XPnxuPoUPntZGLhhH3s5cLmGKzcy-TKYeMik3Q8EYsdyOUpEJT8V781itPSIxY842WguP3zEZeqNbFtAsBCOuLo6GbwNUueIJ3KAL2qbaenWa5USlMyCYpiR3USJfNAMpcRS1S3EKqyLfrrH8YyOoc3FOWg-E1gTvpJ33-duMvqLnWhgdPe_V2v3VnhQrHDbREykjk9-0niNdulHq5G7EZyTZ0iL4cVFy0vEt4bo1PbFO12uQK091niCg1rJxXR4JylagVDeqqRG0BiqXdBXQxKKQ0hkkoKx_vic8wsjqcam7zbEHlndYp7E4IvmZ2V0B9_W5W7ivi87iM9G3Xy74pin7yfEjOeXeVEiye-9hRle22mdnUZVDnM8hT4fOGE0guaFZuyJD7XLyMo4AfKElK2LuuZgMZe55dW6ZAqyhUyYSy8uyBH2hvYT7CVhZ_YnKoNfMXvp8Ma9GBFnncK2Z2eOe3R7VHprliJGIzI57r0z1tefGEXP0hglXYKMt66j-SioJdyFw-mb6rNbTuMQf8K74QyZpiMt-QrCrumYVdrOtMnTd-AUVoM8O88Ewb5GVQobG1tzP6F0-BFNfQcFgW2V9YU8fmi7TQ4eDhzglDqAT5SX7ThQb3XIRjfVXbykab-0CvVo4OBhp3hdi9VOT2l4KfpiAmeXraknCPXsm3e9FF1xsRkAwu3769PgEmYA9uZNJvPz5W1aDMXQFHzlXfCqZ_6iVyvEEnMGSMOITfYIZql5AMX_yIDAWqjK1tXNX9DIfdCbXMGFu1lviu7jcduCIyVWqvXFJW3WZsPNJ2OeoZA4C3MzHMjw04ZiP0k1LGbpVmlrFOwZYWaR8u_g5LlY3N7m9MbTUP7aoQOPTcMNNl4iz_81xzbDFI-ok-50wItjG7ja0YaoqXxgBi6EnFhn4-OaLvt7UgMki4aDd_PR0c07P3oH1cPBS8etPIb_ZIHOnsAHLCMQBpLqQalUm-OE-4TaISaJuWhVLb7_0zzjJPPiroc55VChofWSjxur8fUys9L9b5NShhjUezF46ZAlMU_ppMKEdgLmZQJ9WVeaNyU-at4lCAvCIQ-TWloX2Na60wyYybw0I1cjLgw12qnfsxtisHDncBIUkMo40cNa_KmQY1qYscx5_ejgd5Y3kcExsq3NLO4vFAOOYDP_3uvULUTatDtlsV0R7z0PhAshcG4eDfAeddVBhA0X2TZgFoPVVEtPIZS5KDOX0E3v2354oop4m5f29OrG-sDglc9rMrnzvz8UAzQkaEO2gw8DurHFyDRCc915maQLnKTof06ohnJw3ljpWkGmUIwPnaMnbBnazDdcIQIyE50PgVhMWz5KmaUXxviKFULTxgqSlRG4xB4DGnBYqE7xb2V6PfH3hOCryE79_fsxiZToDenTd9DKHrT1NNqnUezuH6KXaxDp-JMLL2D0y8MJbFrKJmAKmwDqIhv_HHBNaqn7PewEKti6VJcyEzugtrWvwNmA_wEPnaXD58SGr3szSM5wrIXmyrtUb7AexCGTPpRQYuym3UrzYClbEMIz6wjmKPlGnoE4VFd9b8vvUkIMkKbkiUTVAqEND83O1RdvmLL8EAN16CAUeLwtszYr5W3rEZL2zf0v3c71wIN6SkCwZ6tGWR5dnsmOLM2Rz1Ppan1V5NPUp-ai5jLuUZ2L4CrUSKdCMOzPqxbQScpq8inTT5qDE1bpHxRvguODmZ07ae-wF11qz-GLrKlHy4Bmf8Yps4pYP2CGRr7oJKRNCB9SUnxocwVErq2HrHqtspWCl0mwREkw04FAUP8Ie7JbLK7-HfGAzONVdwfYwleMe7fLBOlOtywtDNsGZu6XqhFw2KFm20WL_EXexzTsvyEDg-DgXQdkppQZwRrDDCw_VOLCqJiB7aJz9RcMoIqwjvgW-Z4EHcnWHIcfqTHLiNc_FnA8eRXXJdypkOgcqH3clAWbQmI0cC14EXBoqfKaTdGvglO30tc1QIMCjPNMUrVIcfb-8nzMO27FiL2np6Qobvz7B5gMRZVbfMaZFfdQKppsK0fneQWk2wQhwD5O0LqzIsMzpqqCOpjU2nRb1oZ8Hs6pNhOidN6F0MkTxHlsoQ9wcVLqr8nG6xk0WtuQ8u7xrNt9ytCdlMg0K7uHdhdR5NxVj4TmmnmRMPUlqCjGdcmyokhVLDotpl0U3tzA0Gdz8Pg450cGczk-4r2NCjYfMJSnh7gqKnkRgELdQQxa0yovywbWTbl2egkz2tlDoGhhhSlMAYrqhiZQlWGivAEd8UzLt4WZC3PePJel-9Sab7uzKehNsRxDZ-mgX4XtSK9KeVtQcBFlfiz_DqsKpIcPBUN42OUBW-qNmOV8Jjxrkzm5VEAwak56rI9UR8c22L3m6ZRhBmIc1UtHHtjlrEtNIo6ix_WFL2l517UdrlJs2O8BxFAzRTSikse6oJi_RDAc-eczAyz-mVqGkssvq_Ct-IerkwLat_LTCAbPbGrLSn3gF_D3STCQmrAfKyJY2KHXxpHOCJkDkeG0&cid=CAASFeRo-OSOz-Xu4ZWUnN8LpdwEackIHA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A965 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame A965 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b418391a5ff86378d2f4b82c2af0be31b9b53f007d4b815730bb34706ac1439

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame 80AC 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 80AC 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 80AC 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 80AC 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 80AC 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
truncated
/ Frame 80AC 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccb3affdf9c9f2e5925f0b94f8275d7d8222c118722591b68b585e90fd53f815

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1822520563030856549
tpc.googlesyndication.com/simgad/ Frame 80AC 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1822520563030856549
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0996d05ac0d5fa2c44fb8d0461a2f488ab13a0c26b45ebf5888531d8112b14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:33:23 GMT
x-content-type-options
nosniff
age
17218
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149922
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 11:34:48 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 04:33:23 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80AC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
server
cafe
age
41245
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 18 Aug 2021 21:52:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80AC 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 18:40:15 GMT
x-content-type-options
nosniff
server
cafe
age
52806
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 18 Aug 2021 18:40:15 GMT
l
www.google.com/ads/measurement/ Frame 80AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_txwrfnt15Palh2i-WCPmgo2wnU2U89qU9tMstPrj_FQptj5ytdhNgSQu9I20IVXC5b-ZQLuUejjo-LneYg7JBGHJxg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 80AC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CNn8-1dAcYd-TJ8mY3gP1kqCQCvHn27hk7a2vgoIOoIeA7JACEAEgrILWI2CpsL6AzAGgAZvZivADyAEDqQKD7wEGEamzPuACAKgDAcgDCKoEyAFP0BUKoceZJnC2PNDUanuK4QAAGhjcwRa8lz25pInaLeLY4-r3NySjnMS-oEapQ0_M39lnymk-TzqCJ0i3D-_VX_tenfNBSPLau9HWjPnHDpmGEFClERUKmCifek0NmUEjEqrsCglU9VDZWJOQoQeUnnsKfb-0fEfJBePaicA4rxTZeVyjNVpdqfBBshCZ1Fj_nHCKR5k_DRK1g293kz1q5I7T-T4Vstaqzsu97bwgrD0PtFCpZ6SRg5GQXGyoHnxY3nqgjNHkucAE8sL648oD4AQBkgUECAQYAZIFBAgFGASgBgOAB9vG5hSoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQscgL0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi00NDM1OTAxODcxOTY5MTY1gAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTcxMDQ1NDM4MDE1MDA5NjgY9PgW&sigh=ZkO6WzPUCAM
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E12A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9657108/1627996608943/ Frame 3CFB 		96 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9657108/1627996608943/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13438bf0ff2c4e7097d49d12ca3353a8be696b69384dc9e06aaa1dbd5f887d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9657108/1627996608943/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
22818
date
Tue, 17 Aug 2021 12:06:32 GMT
expires
Wed, 18 Aug 2021 12:06:32 GMT
last-modified
Tue, 03 Aug 2021 13:16:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
76430
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A965 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8slT1stNnkxZxlgJ6l0TH89NVSOneLU9e4HSwqE4oeDvwtO571TzLiQfv9AfQ_iITr-TQeKYE9Ru58Wiii5CPsd-ySg8qKPPJcsqBhR5eqB-HNPel5ItMyH0h8yShcI_PJ3sPubSuonKApYSEt0TROunin-XhksAORJeR6TUcwvuOZAA565iCH06Kes3Ddb-FvisxdBPQ567guDrTxR2HUOR5wd2ct4b2_heBqbmKi8NhRglNHeU33ASxiHTJGS3EvntppcjytrjNh6DRCZIRjra2n7V2Af9AWYNScLjv_USZU9WD8se5b46LZ2NCVZncFtKRwhhk-fcFTO_DGy3UEOZML8WsaevpdeXlAt750UPP1QIz2-Xxpoz6L8klKqDGePXLYiSM1_hqvZDqdyy3Pyd45Prc3WFPJJfUxz0G-PUKxFv9z7lDenaHmqP3aFpT8reK4WT36UocE_UZdxXf3DhL5z-hFdx9QeB1TvuYlq9PJK9WhK-D8Vo2pgXzaoSCZwai6ShEfm3fP6lJYUv-C5pzhy-CkUNOfqE5Z3j1Xw7YK9IOQCLZGlAMmbkmySYK_r_mTSKFBQhUqtElOCi3PnPP_odW9UGgaYyyKMGcLQH5YFYjtRYsWcW2sI6AA6dgKTZkEvHAbaJLLt6tGJNkz3aWcFoqwJD4pzM5NR_ZNqz6iuKYzstl8wkNGKxB173YYnzVRcS43ZaV_WL_mDUW1m_TKHd4TkLLUprqxheTgN-69Ti03OS01CoW-uqY1lpQXdtb0VufuXwbo9ZvVjtMagSYGvGBd-ZmgXX3Et1O4YnjDiIV74wZZD4qlLFm3zNinfDiqmueC0-XftHmTThWxo2m5UUmqbzA3irBwl1T7FRsRuUQ5XbfT1kU2yAcAP7dErMu7MizNZn3_Rtf-N1ZlymCoPqUMQn-GlvonQLMr1QuzJQB4ffnw0MZfFaxb3Ii18lUFdyucF-O7XesZpKw3Xkw02BhifuTOqbUsZTK9tlEAaIlwUORXHWN6kxfI_v-iuXO37gy0ZLLKy8b9dT-c78YCUpPrXjrWKUI0jmucVFgX8Jq6sGKth36IXUbnWNEPUA3Wc0V6IgMnEJ4FzwqEPR4mW4oHjCPu4_h6uwRNRu0LVD04yFFeQBtY2qIjbKw-jTacSCCXcxuUdq2GrcCOwOd96QCAXcOq__Uf4QJSX6O_w4tk-arqgU&sai=AMfl-YSSC9lBxOBRrtsJDaGvfKHT1r19mu7beqCjy-K43f9AyPAzuDQCzP6Y5hCPMa7V85kc1MRXTaxi1_SIZiakIP0knIFjvuhE10XPiODKvHDebaNTDf2ek8trEwtkuj0X7XwtSiubeZZ-wmv659aZ_wjnCrEqdduMEkN8D0Y&sig=Cg0ArKJSzJXWVx4iw3UbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=217&cbvp=1&cstd=206&cisv=r20210812.73662&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impression_pixel
t.myvisualiq.net/ul_cb/ Frame A965
Redirect Chain
  • https://t.myvisualiq.net/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i
  • https://t.myvisualiq.net/ul_cb/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.209.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-209-84.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Wed, 18 Aug 2021 09:20:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://t.myvisualiq.net/ul_cb/impression_pixel?r=3382179953&et=i&ago=212&ao=537&aca=23560015&si=5660331&ci=155592270&pi=266613804&ad=461455339&advt=9657108&chnl=-7&vndr=115&sz=8928&u=&viq_did=&pt=i
Date
Wed, 18 Aug 2021 09:20:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AF83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 80AC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
1822520563030856549
tpc.googlesyndication.com/simgad/ Frame 80AC 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1822520563030856549
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0996d05ac0d5fa2c44fb8d0461a2f488ab13a0c26b45ebf5888531d8112b14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:33:23 GMT
x-content-type-options
nosniff
age
17219
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149922
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 11:34:48 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 04:33:23 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80AC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
server
cafe
age
41246
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 18 Aug 2021 21:52:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 80AC 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 18:40:15 GMT
x-content-type-options
nosniff
server
cafe
age
52807
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 18 Aug 2021 18:40:15 GMT
css
fonts.googleapis.com/ Frame 3CFB 		5 KB
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans:regular,700
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9657108/1627996608943/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b270599ccaea2dd51759fabba80d2470cb37403b8e6ceab6819b535867b31cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 08:38:36 GMT
server
ESF
date
Wed, 18 Aug 2021 09:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 09:20:22 GMT
DcmEnabler_01_246.js
s0.2mdn.net/879366/ Frame 3CFB 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9657108/1627996608943/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9657108/1627996608943/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 18:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10121
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 18:55:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 043B 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcAykve2ZoIm-FwG6zc54uHZpDdlJkeO6yz2pUwP8UnAO9Xe3RKgWDL6Ujh54; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 09:20:22 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame AF83 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-NPXRfVYHTbCkEowQ3ye4ZIiVdm452bJcJ2OtHXjxIrV9VtATJ9xcWDRWDK4aSLNywIU4StGMNEy4mSIe3Wiz1deTzcNxH9u5X5nIFSo83lvZ5CCCOYFDLpKaoKjcNtyRpiu34XIM6gkjUGBbYccO6dv7Aw&dbm_d=AKAmf-D7EhMLanXQMPpM0ybWV-k-gjX4ib0n1N_W8QnVz2ifE4nJ7Ss-MyqbA6cl0Ht25FdOCrNzqHT4MgdNWZ6b-tqHpEAdEuu5orW6RQS6YLY430CehT4czZdbj3yQYP9LqhboG75-05O5-3ruP9XfxmjfOTRVAm51E6hYAUn1axO3TgQrUL38nQSVFrwOg1rz93C14aACbkr6Jos8eiw7mIfqpXbSYwQH-68TUOHxkqItwa-v-ouXhqKQYLbx1jqUSM0MoN1Px9iI6RBlCpbq9VCaoJW1tpd9LMqxtMreDbOOlOGz0g60e89clwKpyL8jguBVd-vMYNrjWLf4FvnjqrcFLdzET0ngJVNIZKqjW2hiDSUV2LxoYrFtoZAd9BRfEj76FmAvI2J3fG5Eo5fgReSJv7iVXtYECqKEA4aqVBBzKV9Z_DF9f1pgznb4ZGnE4TBWEzdS4_xGajhe9HjE_uadLHPT_kWcCA05qHgcG5mt55M8bpzMkZZR2YNhOS3xmkBGQo-ezvjmdgFQwX5BS6eYh8593TNi9853t22XS1GWkcMdUGAoV2NXS9lkYt4IldRx-JQ_1FKBS7RGSnoUchKcpPh-zsNiDMrxNWUfYKqiZRHOHUvJmYZbTzyKe7szktCJmt6HNcNZfwVu_84CsUypAZOfSTU8nisysnQqCZDdTdvP_11h4IZa-QiARPi4rXKhlPU-3NjLwqoLPJNCsBVDynptGs2CwgVUD5zAyKIWZYwkdhMH6TGp-LKaMYiwAUnGmPuom04xe7AwUjj39v6bJq19Rd395hTVNMSAzWTsEB4ql8-apqiu4YCI5XKdLajbA6g-qZBYIQ52W_wJH8-NWriyXubt2R9yOSKEJhqr5K8h8gFmORaEFkMH2KZkVQvy9vc52uM3A2D6Eank-PnceIXaeFqadgQS9GNnPSV7TVZo4h4Fl3d5gnsC1KSo9pCO6dp_IgbA8Ed5rijBErWjK0SQ7hfgjgcNEihDqV_oTp11p2ngZWtfoTeaeipTbO-PXWHx2F029d5Mef_L_U4yGftJxWGHeILBfLNzIWgs3SZbHmM_bHqgXVCYS_69kcRmhcprlxOtWNuSPiQPxB_GzpLZ05IPt8R9rEu7D3eIoGQKWfmLgEFhjRt_VkVxGgJz30m14cxB3roNqAfrEsBPitfeVz80hqbZ5Jpe39m0JESv4LCIj21rH3fEq7JYLpxmeVSDtimvubcXBJ9K0BghQdRbREnIQF8XZ70SRiNf4I8cv7HzzGLNxqugik6a8cOTIAU_vqOXRyqG66IsFqz7gZReocOQgjaEtdfZDvSpuLDdZXtw7R21WVU_5XqWJ8Qqv3j8sq47rjowIRa7i-ZIRVkO0NuW2lSZt_X6SAxBnyVPpRdBm8s39sWDqhGg3zd1zKx2EFO89jTpPKJCTCv-xF5g612TXYf5EmWSWcbZ8kJmXtthsR8Ex0xlvtEkAx6T39OXbaf0xFfrOvcqXbVxY3B01lGTaBX1If-1wwgJcFSZl4oiY0Mve8Z4uMO1ze5PtVaMp3lA_D-Wu_XkZqII0vCHeI6pLfKMeQCld17EIYHIUwfKK4aNQuw37ICF-dKtxCcq59K_MXXrwrhffpEpB7Xil-Ucv5-OIsRZUCUV3HkIwdigP-0JRpYxY5e7juIH0AixxDZffExXtdkQRFomy2Hw9TAA70GK546Du8AO7oX-hPY34EMr-9hkjOS2suCAp5H2-0QzKV3lYGfuDq4Tndz3fmkzbszQCmfLbjRZ9qFL-kRwgMh_ps-luP8oQRUhrlO2M9-tP6mxsD1cH3zKZ9dnvefmtPWlQ-yjaL5kVP6xTiS7SYSEFZWe9wnps4A_NvhRFbnyGJ85h4IpIUCpQJYlWcE3yUBVl9l9ckoa5OlIvsLpG4oiXeQzUCXsFTCJbBnJJfKO3o-HNItcfbV_uTajG_bMXddx1s89HbrVYZa4Rr5IBAU227SCqOQ_OOpgWNKW_qXgbrhhDgmT-kkHrNNf0oCV_Am8SwUIiM9nPMtIQRH86979SkjSXjmsOi5kISedxqFebqH3YiUWvnbubSsPOIA0BvYR9lCg5rtGJuc83u994YKg82ct4pRA9UPwHvhZ2r6tEebmdMN4vEwAkA9CrWCQSgjEocYUiO3u9t6PNZnL-x7cttsTxzwIv-Z2kzzdh0oA9XcPmobzbNJRMRwYkaq8_OF9wUdX2PJgPU0bPJikV3TCG9kDM0gmVW5uHokzHMMkcEmWLGYhfx2UgxU6ebWa-UMUodyJGQgi6iB8BPui6Otk8P0Q82Wh5qzJqINphqHb9iyJvFviP3dZdDU1FVC919yWhOvMQnpF53OOmRrD47RIay7q5u0LhSf6tv7E3TDE_oa1gL58U0ynxEzvl2jTE-IImx-f5CTa0I3jD7gXQNSTtJUM3HEgIjM3YOEJ73edvCj7czbxiza0GyLdAaPRpYn3dir1lPdj9BNzdpJhglPomkn0oypoGhjuix5Rwta4LNrBuLX1U-XTwoQ_T7LWBC9QyzruRsr8AHw7ysUBI92Lxy19t8vtkr6kBWCFQbO3lbWGTsREAT57mmOyTG4-hHkIiwt1ZhQdL0BIDbXnv83o1kCoTnVUdw45jKNkNqObpawZ6JiliB6LaPd3uyVuWAni_xu585HB6rCowKWvdF5EKbcoGTS1C-p9yUtoXOF4CQt9hUbXYYo0nh4qZYTsU3q9bS5s0yV6K9pFll1o3odruA2fYQibxFRehf5RijE0gnjv2JWyYiUegXoClCOQAys-A0h1TkoWQ5CzYhijwL3BAKUKFlUuNKnpO3_igs6P0T6IBXg4Dkr3a35jVe2uSGWgPBSxv_6552Yq3U_sAyYSbDPzUI6gRm0Si2fh8hPojf6K0g-Mg7ptt1z4C6_YdlYBPFocdRzMi5yMsqSUcUrf6TrVrqEkhYZmCYB_nzuDYyCe1H39tr6cgA150MztCxPWI9kNsDWSlAfEOJxZXS007EQnhwevrm3XsnCMkChnNUiunWkXzay1ngWTlIet4u5V4JNj7ceYeqw4OXQtUv7El2Gt0jOjE070GgKaUZueAfMFeqUVCqpHhA8flPD-GahAsh3L8yxDqRjvsB0LaGXkyfQNyZwLllbnXfK12y5qGPFDYKumDFnM4w8vw8E_dRf2FMgjVSPF0xoxPTpFspHWD_M15J4RCwQCyp7C9YJZ5iFvbU1VLG6zY85un1RdgTovWsLukLy1b2zSeDyB_Lp6X2gVHxdHiyT2LWIgcyOeMt4wKFDRGZE6f2Awu8ISiJ6rvlr7vG19ILnqdts&cid=CAASFeRocp_7Pp2A84D6o9-VeL-i7j367Q&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d65f976a4fde96787f46ef02dc65daf2c3c4ffa175e30227c5bff38c8ab31da6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29573
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AF83 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DF0SL7G_vlAI73gZbrJVTmb6-ypY2ZQF2OaPzz1uvrvykX5ZMnH2lDRcS3SQP1eEw5GS8fHZ3pM2kp8sQmm5WWfCYloQ8eCk9MTu_WT2JWlwqkFYk
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame AF83 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:13:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF83 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame AF83 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:02:13 GMT
l
www.google.com/ads/measurement/ Frame AF83 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzfh0ruKyJlI_yAdz4zMc7HsMp2XxokBDwYY6htOF_aK8SNTqX2z7JVlgSvYkoMfIZetiXajxjdvQoouSg5YF7smh0jA
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame E12A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D90E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v14/ Frame 3CFB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v14/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 23:29:29 GMT
x-content-type-options
nosniff
age
35453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16056
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 21:27:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 23:29:29 GMT
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v14/ Frame 3CFB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v14/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 23:29:46 GMT
x-content-type-options
nosniff
age
35436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16180
x-xss-protection
0
last-modified
Tue, 13 Jul 2021 21:25:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 23:29:46 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame AF83 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 19:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 19:02:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame AF83 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-NPXRfVYHTbCkEowQ3ye4ZIiVdm452bJcJ2OtHXjxIrV9VtATJ9xcWDRWDK4aSLNywIU4StGMNEy4mSIe3Wiz1deTzcNxH9u5X5nIFSo83lvZ5CCCOYFDLpKaoKjcNtyRpiu34XIM6gkjUGBbYccO6dv7Aw&dbm_d=AKAmf-D7EhMLanXQMPpM0ybWV-k-gjX4ib0n1N_W8QnVz2ifE4nJ7Ss-MyqbA6cl0Ht25FdOCrNzqHT4MgdNWZ6b-tqHpEAdEuu5orW6RQS6YLY430CehT4czZdbj3yQYP9LqhboG75-05O5-3ruP9XfxmjfOTRVAm51E6hYAUn1axO3TgQrUL38nQSVFrwOg1rz93C14aACbkr6Jos8eiw7mIfqpXbSYwQH-68TUOHxkqItwa-v-ouXhqKQYLbx1jqUSM0MoN1Px9iI6RBlCpbq9VCaoJW1tpd9LMqxtMreDbOOlOGz0g60e89clwKpyL8jguBVd-vMYNrjWLf4FvnjqrcFLdzET0ngJVNIZKqjW2hiDSUV2LxoYrFtoZAd9BRfEj76FmAvI2J3fG5Eo5fgReSJv7iVXtYECqKEA4aqVBBzKV9Z_DF9f1pgznb4ZGnE4TBWEzdS4_xGajhe9HjE_uadLHPT_kWcCA05qHgcG5mt55M8bpzMkZZR2YNhOS3xmkBGQo-ezvjmdgFQwX5BS6eYh8593TNi9853t22XS1GWkcMdUGAoV2NXS9lkYt4IldRx-JQ_1FKBS7RGSnoUchKcpPh-zsNiDMrxNWUfYKqiZRHOHUvJmYZbTzyKe7szktCJmt6HNcNZfwVu_84CsUypAZOfSTU8nisysnQqCZDdTdvP_11h4IZa-QiARPi4rXKhlPU-3NjLwqoLPJNCsBVDynptGs2CwgVUD5zAyKIWZYwkdhMH6TGp-LKaMYiwAUnGmPuom04xe7AwUjj39v6bJq19Rd395hTVNMSAzWTsEB4ql8-apqiu4YCI5XKdLajbA6g-qZBYIQ52W_wJH8-NWriyXubt2R9yOSKEJhqr5K8h8gFmORaEFkMH2KZkVQvy9vc52uM3A2D6Eank-PnceIXaeFqadgQS9GNnPSV7TVZo4h4Fl3d5gnsC1KSo9pCO6dp_IgbA8Ed5rijBErWjK0SQ7hfgjgcNEihDqV_oTp11p2ngZWtfoTeaeipTbO-PXWHx2F029d5Mef_L_U4yGftJxWGHeILBfLNzIWgs3SZbHmM_bHqgXVCYS_69kcRmhcprlxOtWNuSPiQPxB_GzpLZ05IPt8R9rEu7D3eIoGQKWfmLgEFhjRt_VkVxGgJz30m14cxB3roNqAfrEsBPitfeVz80hqbZ5Jpe39m0JESv4LCIj21rH3fEq7JYLpxmeVSDtimvubcXBJ9K0BghQdRbREnIQF8XZ70SRiNf4I8cv7HzzGLNxqugik6a8cOTIAU_vqOXRyqG66IsFqz7gZReocOQgjaEtdfZDvSpuLDdZXtw7R21WVU_5XqWJ8Qqv3j8sq47rjowIRa7i-ZIRVkO0NuW2lSZt_X6SAxBnyVPpRdBm8s39sWDqhGg3zd1zKx2EFO89jTpPKJCTCv-xF5g612TXYf5EmWSWcbZ8kJmXtthsR8Ex0xlvtEkAx6T39OXbaf0xFfrOvcqXbVxY3B01lGTaBX1If-1wwgJcFSZl4oiY0Mve8Z4uMO1ze5PtVaMp3lA_D-Wu_XkZqII0vCHeI6pLfKMeQCld17EIYHIUwfKK4aNQuw37ICF-dKtxCcq59K_MXXrwrhffpEpB7Xil-Ucv5-OIsRZUCUV3HkIwdigP-0JRpYxY5e7juIH0AixxDZffExXtdkQRFomy2Hw9TAA70GK546Du8AO7oX-hPY34EMr-9hkjOS2suCAp5H2-0QzKV3lYGfuDq4Tndz3fmkzbszQCmfLbjRZ9qFL-kRwgMh_ps-luP8oQRUhrlO2M9-tP6mxsD1cH3zKZ9dnvefmtPWlQ-yjaL5kVP6xTiS7SYSEFZWe9wnps4A_NvhRFbnyGJ85h4IpIUCpQJYlWcE3yUBVl9l9ckoa5OlIvsLpG4oiXeQzUCXsFTCJbBnJJfKO3o-HNItcfbV_uTajG_bMXddx1s89HbrVYZa4Rr5IBAU227SCqOQ_OOpgWNKW_qXgbrhhDgmT-kkHrNNf0oCV_Am8SwUIiM9nPMtIQRH86979SkjSXjmsOi5kISedxqFebqH3YiUWvnbubSsPOIA0BvYR9lCg5rtGJuc83u994YKg82ct4pRA9UPwHvhZ2r6tEebmdMN4vEwAkA9CrWCQSgjEocYUiO3u9t6PNZnL-x7cttsTxzwIv-Z2kzzdh0oA9XcPmobzbNJRMRwYkaq8_OF9wUdX2PJgPU0bPJikV3TCG9kDM0gmVW5uHokzHMMkcEmWLGYhfx2UgxU6ebWa-UMUodyJGQgi6iB8BPui6Otk8P0Q82Wh5qzJqINphqHb9iyJvFviP3dZdDU1FVC919yWhOvMQnpF53OOmRrD47RIay7q5u0LhSf6tv7E3TDE_oa1gL58U0ynxEzvl2jTE-IImx-f5CTa0I3jD7gXQNSTtJUM3HEgIjM3YOEJ73edvCj7czbxiza0GyLdAaPRpYn3dir1lPdj9BNzdpJhglPomkn0oypoGhjuix5Rwta4LNrBuLX1U-XTwoQ_T7LWBC9QyzruRsr8AHw7ysUBI92Lxy19t8vtkr6kBWCFQbO3lbWGTsREAT57mmOyTG4-hHkIiwt1ZhQdL0BIDbXnv83o1kCoTnVUdw45jKNkNqObpawZ6JiliB6LaPd3uyVuWAni_xu585HB6rCowKWvdF5EKbcoGTS1C-p9yUtoXOF4CQt9hUbXYYo0nh4qZYTsU3q9bS5s0yV6K9pFll1o3odruA2fYQibxFRehf5RijE0gnjv2JWyYiUegXoClCOQAys-A0h1TkoWQ5CzYhijwL3BAKUKFlUuNKnpO3_igs6P0T6IBXg4Dkr3a35jVe2uSGWgPBSxv_6552Yq3U_sAyYSbDPzUI6gRm0Si2fh8hPojf6K0g-Mg7ptt1z4C6_YdlYBPFocdRzMi5yMsqSUcUrf6TrVrqEkhYZmCYB_nzuDYyCe1H39tr6cgA150MztCxPWI9kNsDWSlAfEOJxZXS007EQnhwevrm3XsnCMkChnNUiunWkXzay1ngWTlIet4u5V4JNj7ceYeqw4OXQtUv7El2Gt0jOjE070GgKaUZueAfMFeqUVCqpHhA8flPD-GahAsh3L8yxDqRjvsB0LaGXkyfQNyZwLllbnXfK12y5qGPFDYKumDFnM4w8vw8E_dRf2FMgjVSPF0xoxPTpFspHWD_M15J4RCwQCyp7C9YJZ5iFvbU1VLG6zY85un1RdgTovWsLukLy1b2zSeDyB_Lp6X2gVHxdHiyT2LWIgcyOeMt4wKFDRGZE6f2Awu8ISiJ6rvlr7vG19ILnqdts&cid=CAASFeRocp_7Pp2A84D6o9-VeL-i7j367Q&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame AF83 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-NPXRfVYHTbCkEowQ3ye4ZIiVdm452bJcJ2OtHXjxIrV9VtATJ9xcWDRWDK4aSLNywIU4StGMNEy4mSIe3Wiz1deTzcNxH9u5X5nIFSo83lvZ5CCCOYFDLpKaoKjcNtyRpiu34XIM6gkjUGBbYccO6dv7Aw&dbm_d=AKAmf-D7EhMLanXQMPpM0ybWV-k-gjX4ib0n1N_W8QnVz2ifE4nJ7Ss-MyqbA6cl0Ht25FdOCrNzqHT4MgdNWZ6b-tqHpEAdEuu5orW6RQS6YLY430CehT4czZdbj3yQYP9LqhboG75-05O5-3ruP9XfxmjfOTRVAm51E6hYAUn1axO3TgQrUL38nQSVFrwOg1rz93C14aACbkr6Jos8eiw7mIfqpXbSYwQH-68TUOHxkqItwa-v-ouXhqKQYLbx1jqUSM0MoN1Px9iI6RBlCpbq9VCaoJW1tpd9LMqxtMreDbOOlOGz0g60e89clwKpyL8jguBVd-vMYNrjWLf4FvnjqrcFLdzET0ngJVNIZKqjW2hiDSUV2LxoYrFtoZAd9BRfEj76FmAvI2J3fG5Eo5fgReSJv7iVXtYECqKEA4aqVBBzKV9Z_DF9f1pgznb4ZGnE4TBWEzdS4_xGajhe9HjE_uadLHPT_kWcCA05qHgcG5mt55M8bpzMkZZR2YNhOS3xmkBGQo-ezvjmdgFQwX5BS6eYh8593TNi9853t22XS1GWkcMdUGAoV2NXS9lkYt4IldRx-JQ_1FKBS7RGSnoUchKcpPh-zsNiDMrxNWUfYKqiZRHOHUvJmYZbTzyKe7szktCJmt6HNcNZfwVu_84CsUypAZOfSTU8nisysnQqCZDdTdvP_11h4IZa-QiARPi4rXKhlPU-3NjLwqoLPJNCsBVDynptGs2CwgVUD5zAyKIWZYwkdhMH6TGp-LKaMYiwAUnGmPuom04xe7AwUjj39v6bJq19Rd395hTVNMSAzWTsEB4ql8-apqiu4YCI5XKdLajbA6g-qZBYIQ52W_wJH8-NWriyXubt2R9yOSKEJhqr5K8h8gFmORaEFkMH2KZkVQvy9vc52uM3A2D6Eank-PnceIXaeFqadgQS9GNnPSV7TVZo4h4Fl3d5gnsC1KSo9pCO6dp_IgbA8Ed5rijBErWjK0SQ7hfgjgcNEihDqV_oTp11p2ngZWtfoTeaeipTbO-PXWHx2F029d5Mef_L_U4yGftJxWGHeILBfLNzIWgs3SZbHmM_bHqgXVCYS_69kcRmhcprlxOtWNuSPiQPxB_GzpLZ05IPt8R9rEu7D3eIoGQKWfmLgEFhjRt_VkVxGgJz30m14cxB3roNqAfrEsBPitfeVz80hqbZ5Jpe39m0JESv4LCIj21rH3fEq7JYLpxmeVSDtimvubcXBJ9K0BghQdRbREnIQF8XZ70SRiNf4I8cv7HzzGLNxqugik6a8cOTIAU_vqOXRyqG66IsFqz7gZReocOQgjaEtdfZDvSpuLDdZXtw7R21WVU_5XqWJ8Qqv3j8sq47rjowIRa7i-ZIRVkO0NuW2lSZt_X6SAxBnyVPpRdBm8s39sWDqhGg3zd1zKx2EFO89jTpPKJCTCv-xF5g612TXYf5EmWSWcbZ8kJmXtthsR8Ex0xlvtEkAx6T39OXbaf0xFfrOvcqXbVxY3B01lGTaBX1If-1wwgJcFSZl4oiY0Mve8Z4uMO1ze5PtVaMp3lA_D-Wu_XkZqII0vCHeI6pLfKMeQCld17EIYHIUwfKK4aNQuw37ICF-dKtxCcq59K_MXXrwrhffpEpB7Xil-Ucv5-OIsRZUCUV3HkIwdigP-0JRpYxY5e7juIH0AixxDZffExXtdkQRFomy2Hw9TAA70GK546Du8AO7oX-hPY34EMr-9hkjOS2suCAp5H2-0QzKV3lYGfuDq4Tndz3fmkzbszQCmfLbjRZ9qFL-kRwgMh_ps-luP8oQRUhrlO2M9-tP6mxsD1cH3zKZ9dnvefmtPWlQ-yjaL5kVP6xTiS7SYSEFZWe9wnps4A_NvhRFbnyGJ85h4IpIUCpQJYlWcE3yUBVl9l9ckoa5OlIvsLpG4oiXeQzUCXsFTCJbBnJJfKO3o-HNItcfbV_uTajG_bMXddx1s89HbrVYZa4Rr5IBAU227SCqOQ_OOpgWNKW_qXgbrhhDgmT-kkHrNNf0oCV_Am8SwUIiM9nPMtIQRH86979SkjSXjmsOi5kISedxqFebqH3YiUWvnbubSsPOIA0BvYR9lCg5rtGJuc83u994YKg82ct4pRA9UPwHvhZ2r6tEebmdMN4vEwAkA9CrWCQSgjEocYUiO3u9t6PNZnL-x7cttsTxzwIv-Z2kzzdh0oA9XcPmobzbNJRMRwYkaq8_OF9wUdX2PJgPU0bPJikV3TCG9kDM0gmVW5uHokzHMMkcEmWLGYhfx2UgxU6ebWa-UMUodyJGQgi6iB8BPui6Otk8P0Q82Wh5qzJqINphqHb9iyJvFviP3dZdDU1FVC919yWhOvMQnpF53OOmRrD47RIay7q5u0LhSf6tv7E3TDE_oa1gL58U0ynxEzvl2jTE-IImx-f5CTa0I3jD7gXQNSTtJUM3HEgIjM3YOEJ73edvCj7czbxiza0GyLdAaPRpYn3dir1lPdj9BNzdpJhglPomkn0oypoGhjuix5Rwta4LNrBuLX1U-XTwoQ_T7LWBC9QyzruRsr8AHw7ysUBI92Lxy19t8vtkr6kBWCFQbO3lbWGTsREAT57mmOyTG4-hHkIiwt1ZhQdL0BIDbXnv83o1kCoTnVUdw45jKNkNqObpawZ6JiliB6LaPd3uyVuWAni_xu585HB6rCowKWvdF5EKbcoGTS1C-p9yUtoXOF4CQt9hUbXYYo0nh4qZYTsU3q9bS5s0yV6K9pFll1o3odruA2fYQibxFRehf5RijE0gnjv2JWyYiUegXoClCOQAys-A0h1TkoWQ5CzYhijwL3BAKUKFlUuNKnpO3_igs6P0T6IBXg4Dkr3a35jVe2uSGWgPBSxv_6552Yq3U_sAyYSbDPzUI6gRm0Si2fh8hPojf6K0g-Mg7ptt1z4C6_YdlYBPFocdRzMi5yMsqSUcUrf6TrVrqEkhYZmCYB_nzuDYyCe1H39tr6cgA150MztCxPWI9kNsDWSlAfEOJxZXS007EQnhwevrm3XsnCMkChnNUiunWkXzay1ngWTlIet4u5V4JNj7ceYeqw4OXQtUv7El2Gt0jOjE070GgKaUZueAfMFeqUVCqpHhA8flPD-GahAsh3L8yxDqRjvsB0LaGXkyfQNyZwLllbnXfK12y5qGPFDYKumDFnM4w8vw8E_dRf2FMgjVSPF0xoxPTpFspHWD_M15J4RCwQCyp7C9YJZ5iFvbU1VLG6zY85un1RdgTovWsLukLy1b2zSeDyB_Lp6X2gVHxdHiyT2LWIgcyOeMt4wKFDRGZE6f2Awu8ISiJ6rvlr7vG19ILnqdts&cid=CAASFeRocp_7Pp2A84D6o9-VeL-i7j367Q&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A965 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8slT1stNnkxZxlgJ6l0TH89NVSOneLU9e4HSwqE4oeDvwtO571TzLiQfv9AfQ_iITr-TQeKYE9Ru58Wiii5CPsd-ySg8qKPPJcsqBhR5eqB-HNPel5ItMyH0h8yShcI_PJ3sPubSuonKApYSEt0TROunin-XhksAORJeR6TUcwvuOZAA565iCH06Kes3Ddb-FvisxdBPQ567guDrTxR2HUOR5wd2ct4b2_heBqbmKi8NhRglNHeU33ASxiHTJGS3EvntppcjytrjNh6DRCZIRjra2n7V2Af9AWYNScLjv_USZU9WD8se5b46LZ2NCVZncFtKRwhhk-fcFTO_DGy3UEOZML8WsaevpdeXlAt750UPP1QIz2-Xxpoz6L8klKqDGePXLYiSM1_hqvZDqdyy3Pyd45Prc3WFPJJfUxz0G-PUKxFv9z7lDenaHmqP3aFpT8reK4WT36UocE_UZdxXf3DhL5z-hFdx9QeB1TvuYlq9PJK9WhK-D8Vo2pgXzaoSCZwai6ShEfm3fP6lJYUv-C5pzhy-CkUNOfqE5Z3j1Xw7YK9IOQCLZGlAMmbkmySYK_r_mTSKFBQhUqtElOCi3PnPP_odW9UGgaYyyKMGcLQH5YFYjtRYsWcW2sI6AA6dgKTZkEvHAbaJLLt6tGJNkz3aWcFoqwJD4pzM5NR_ZNqz6iuKYzstl8wkNGKxB173YYnzVRcS43ZaV_WL_mDUW1m_TKHd4TkLLUprqxheTgN-69Ti03OS01CoW-uqY1lpQXdtb0VufuXwbo9ZvVjtMagSYGvGBd-ZmgXX3Et1O4YnjDiIV74wZZD4qlLFm3zNinfDiqmueC0-XftHmTThWxo2m5UUmqbzA3irBwl1T7FRsRuUQ5XbfT1kU2yAcAP7dErMu7MizNZn3_Rtf-N1ZlymCoPqUMQn-GlvonQLMr1QuzJQB4ffnw0MZfFaxb3Ii18lUFdyucF-O7XesZpKw3Xkw02BhifuTOqbUsZTK9tlEAaIlwUORXHWN6kxfI_v-iuXO37gy0ZLLKy8b9dT-c78YCUpPrXjrWKUI0jmucVFgX8Jq6sGKth36IXUbnWNEPUA3Wc0V6IgMnEJ4FzwqEPR4mW4oHjCPu4_h6uwRNRu0LVD04yFFeQBtY2qIjbKw-jTacSCCXcxuUdq2GrcCOwOd96QCAXcOq__Uf4QJSX6O_w4tk-arqgU&sai=AMfl-YSSC9lBxOBRrtsJDaGvfKHT1r19mu7beqCjy-K43f9AyPAzuDQCzP6Y5hCPMa7V85kc1MRXTaxi1_SIZiakIP0knIFjvuhE10XPiODKvHDebaNTDf2ek8trEwtkuj0X7XwtSiubeZZ-wmv659aZ_wjnCrEqdduMEkN8D0Y&sig=Cg0ArKJSzJXWVx4iw3UbEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=613&vt=11&dtpt=396&dett=3&cstd=206&cisv=r20210812.73662&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 043B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Aug 2021 09:20:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 043B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YRzQ1f7n5SV3pvfiDedaywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 18 Aug 2021 09:20:22 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJI2g7H-vh9fMVWcebwNefU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 043B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELS0J7hGgEfv8is-rAYrExM&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELS0J7hGgEfv8is-rAYrExM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
2c611f87-2eea-4e70-8e3d-2efe2c783507
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELS0J7hGgEfv8is-rAYrExM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 043B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPaA5gEQl4nqARjozNRtMAE&v=APEucNX-peN51CeAOoshGV4YJEgPEQYIDznobGO9jYeSkjMVqtPjuknnpHzfjulzspeFWUMWkINX2PgjKCcwE4jI2Wsq2IJlAUM6USFGVGemvL9WfHnoaYfuQcJDlqVyRzeMnlEH7L_gdMBWVjoD2eMgto6f596oT4eYBlBbZTymc9fVpiEeTvE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 18 Aug 2021 09:20:22 GMT
X-Proxy-Origin
185.216.34.99; 185.216.34.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
bad9ff6d-894c-4c58-93ec-7c9439d56b5f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDg0MTYwNjE4MTIzNzEwMDY5OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
image-160x600.png
s0.2mdn.net/9657108/1627996608943/ Frame 3CFB 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9657108/1627996608943/image-160x600.png
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57bd1481e9ae90c19f2da06b3e188c5c9a64f08592d540a45eb4c01d5b952a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9657108/1627996608943/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:06:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 13:16:49 GMT
server
sffe
age
76420
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84937
x-xss-protection
0
expires
Wed, 18 Aug 2021 12:06:42 GMT
logo.svg
s0.2mdn.net/9657108/1627996608943/ Frame 3CFB 		2 KB
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9657108/1627996608943/logo.svg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8678583e1bd198079354cdefebad64d8ffeb45ca742506d225ce90c8b3740061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9657108/1627996608943/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:06:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
888
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 13:16:49 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 18 Aug 2021 12:06:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3135 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcAykve2ZoIm-FwG6zc54uHZpDdlJkeO6yz2pUwP8UnAO9Xe3RKgWDL6Ujh54; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 09:20:22 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 09:20:22 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D90E 		57 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f8cb8d1e74e3ed02d5af13b6c075a207440a81f8ae0c36812e8336945c61644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26743
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D90E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BniFxsS_80M3Sev7XEs-hzUhXP3ebi_N9C6srTYGGjYYCeNrB_qwWTYSIvEN2Qe0pobXV_6CdenPa_PIT7P4OsL1X1c2fPt07vppHBi26_xIcB38o
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D90E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:13:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D90E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame D90E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:02:13 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AF83 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame AF83 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c56a384d47bfa0eee9bfb075e0ac01b451ce9cc0da776db287aa3527f387a974

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/15597941406939742208/ Frame E23B 		117 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
646984aa0aab2277a670be749d10dd21d2f4b58e7b59024ae3207fa1222b5861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:22 GMT
expires
Thu, 18 Aug 2022 09:20:22 GMT
cache-control
public, max-age=31536000
last-modified
Sat, 18 Apr 2020 06:59:35 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame AF83 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmcypyYocjoCZj_ErkHMu3J_Av-MhVJa0li2QYd7pFtA1oAb-y3Y-tuW-9k1ZBZQdtF0mPV4hbObnVPwCd9UolRKJxWKzAhpZeL8vEehVThAPzMFH73ootP-sM7Rgl3r9dkC9hM1muxXSBPy_k5D4_Hnyu9SPFrQQ3XtR0LHtZpGougnMTMbsGtXy9n5z_lwWNMvdLnh_MSWkMAu_5bCRQO26XAlDChG1jR0Dn4uo4YVpEvKA7wUm_gRD2iLy0E5yye6o4FkQOLVy9aozppTt21qJJmUOHFTw8tGWfLONZItg2WB7poxOVbyP3N-gWmSMe26YXS-tSGjhf3j6j1gXrXkGxQTvFQLrBOd0lEHTX34ze6xCo1oj4_kkSg2z7WCtE6ieYsYIYy8MvkmhSLxK-1cbJiZh6H3rtAJrVEtl-PnmH0IYTzytvpVoydqrjePJ5EV-h8ve7pBXSGti7ba2buoWWegu6mNJfKJi3zlBYkcPAzd6bFhOiPerqLJpABwdH5ExAy5co7x5mH26eNC44ts4CquTCiLSZYvw7Xz7Si7D8eF3f277aqPz9sh76KnEUDqpoIaI3cKoMHTYesNpmUYc_TvXSycTFRaXh0i8Z8wlYKvoAeHLw3itLdVkHMjIfEAgykTCw2DPnSLyzqcrY5Khof19S_byB9MOmVjhSM7jJ_SyuWGXqt3lY11g3GU-UsYDCFX72tzEzKNGpjCW9jn7445GntqYCP9tC58xcqqV_norr7OYslBbwYzwHkgrHkJ77uoWsMnObJVmMGwGcuD23WG5zdg8sphPma0oYr-ZFsYRiTkwAtdhxKZ799wJxfBJUXFQnxBs1YWeP0b2nZa6SxyoBM_5ZoE-jfUoHIOxZRTuCzaeX-mVj7lDtf8pgRn2UXxcgOd1u5XQHG4RthDkAiOFfpQ6qQ187_lS7DEWW4v0qWiL_-McLYXXkjL6pC0XHbbqRsqkiXgQYF1IASSp00brMKp2gM0e_EykQctj9seQojf_No54Ip-nSx3tQvdECDAjrM3KrSKPLJjXcEYTbm5O9-hsu9yTqItcby1EmCMBtGXTtbyHytNDCO8HrtrWhU5DloJmFFBGy46IBhpvWhOF4cd1sd-3pYuVRq1Jq3m6zCpQ7x7b7u3WBrvGmOTFzgGetTNFbDlh2rbMszca_xa9VwgbeJ6S4ITJGpsILVMMtXOljz333N45YiZcIjin1nd53x06gNQ8dcg&sai=AMfl-YSVgSpWdaMWU9UDxiTdE6a4qXVPjJeV97uuzYXL01p1rA4Ik8KQ0VxFKBcSOQnrxjnWdb6ax--cpxguGTXY_ougqbb8Gal28S-oX0UCRY25N8fkwS1A8Fpd_9kCOxEwCoXCxwMEc3ExB1s_fLX3YvFpzuFX-7CJmyoDnms&sig=Cg0ArKJSzBSefPFpdeRfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=209&cbvp=1&cstd=201&cisv=r20210812.22605&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3DC1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame D90E 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame D90E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D90E 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdXtstT225ej17yIyIae1ThMguRHVDJbElagYYNXsCZ0OwNhjMHNg4T-izdGTR9Iu9I9PU2pvvyotFq6U8_ToCfuUnU6XiUve1K7NVYkevnW8Iyvi92SS9n7yLOpJnFCWKwmb-JYtDEjY4JVAphLXR5Parj7oXOjK-lM_x9W2uVzwTM2tQ4XDp16qOqkmn7oI01jtcluXckIS7Io7887V5cFLRnva4gIEfOkE-uzma8JLFa8Pwl6TJWFcum_cjJ0kMdRabXiAy14DbmEPbRPLMzkna4y4ajZpbC2I_pfRpGJb8oRIRPmNrYvKt88FojGp-6OlRQ2TO5OGK7vLGPXdR2gPrw67DonSPrtU1GQIAf5X_exaHYPjZhxImLFtYFNqMqxFPSCMYNhUFxTw2Iyl9JMIHIPzZDmeMRD8xYzhxbHdFhthyxT8g6Ivztmub6db0p_nCz23yX3Kxo30JNKcP6D4Ti1_UMvVORYJ6Eielaohj2g5QQ_lWyyKRrW8Mx0gJ9-x0e5R03O8sDMaJZqZ5wBkUCMNkuRcwFuQEzbDvZe2Xxi9uXDArn8-q6MJmdACBdCjknT9D1EpwfpwN95UVSRcxni4CvbOF1Wog0P0yIFIbIJ-9eLGK44zTBLbKlZvPL3bd0HBthfwz1R_B-QDNU2kXyTdJaXrdJxyFTw9Tft_7uYeJ8eomhj4iopKLScoPabdyyCMI6PJQO2rK7jv46_kR6d1Ewmpalr_mtAR3DcfHpf15CeQaIHOMzEsqpniKKeEgMWc1pdNygB5BPGfxTVxufPKD_vpbmngkgKagEDz-zhBcywv2rV70MSuM5pHmxL9Qcbnmk1HGBFM5g6mFWTxQh1RKlPOuazy8B0OAxvhCm46VtAuNCAQmR_i_ub0ZjOZQ4y4WwQGF9HwxJ2h_tNEac4OoezAZJuQrOD98YbuUCTwt_63nv-iYzogNf8tIDVKIBxucrqL2zw9pNAd3E0Y6fZPPXuBvL7S-q0owAlIhrqBHPrJh_rzdqaNLEcBk1CYNfuYh2FKGQhLj69umXeeYMcPa0CMm9W1i644pw_C2DT9KwHD-QBC0tM1SSXPcwCu--0tzaWxBYF4WPAS_TqFUm5Pi1YQRSjhz99MTdChXERbRfzPQm_tf2KqRU3ZM1rddGTERa3oXtZoBod2vumgwU1rULxG7cSaG6Gs2avRH1w&sai=AMfl-YSBZsydqStXJuM_m_Rxj78F3DY8jgvKyecOJ57hMEK9xVCzBfK4UWDDhuY8KHEdlVHcxarFdwXG2xjJs8LeCptMjINZNIINrv7P6FtQHXOEfYnqtJxjVxpRhtUMpYl3qt0P4pf-M1qcS1mgTZc3CZRrwpIAEb3pWSG_JnY&sig=Cg0ArKJSzMYlZuygnbUGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210812.88066&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
moatad.js
z.moatads.com/heinekenatdcmdisplay728490507552/ Frame D90E 		297 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/heinekenatdcmdisplay728490507552/moatad.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3c4d04a87d928e0a06ef881dd516f789e0e1c6ee7818a9b46e6e1e4168486010

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 14:38:00 GMT
server
AmazonS3
x-amz-request-id
A1G737GJASVDBAC7
etag
"411853b6a2f7758a1a50d08c0d756fdd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=59345
accept-ranges
bytes
content-length
102870
x-amz-id-2
riEfDcSw1QrraE3icdRqxLvYqAMvkq0zlpYHS+fWwbpo7QLmGDAtDL3BucV9ilfLkrN6JAwvY9w=
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D90E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
003N_NR_NR00_Spar_Mahlzeit_210x287_L03_St__rer.gif
s0.2mdn.net/10416144/ Frame D90E 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/10416144/003N_NR_NR00_Spar_Mahlzeit_210x287_L03_St__rer.gif
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4023abf12a7bfcb0f14083c434d06948fc22a1e19783cb110913e16442c4171d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 13:47:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 10:43:02 GMT
server
sffe
age
70378
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198045
x-xss-protection
0
expires
Wed, 18 Aug 2021 13:47:24 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE6F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sd
us-u.openx.net/w/1.0/ Frame 3135
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPw4blkVHpHQKRpJjp9-0go&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPw4blkVHpHQKRpJjp9-0go&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.214.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
via
1.1 google
server
OXGW/16.214.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPw4blkVHpHQKRpJjp9-0go&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3135
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGVmYTEtNjdiOC0yYzQ0LWY1MmEtNGZmMWU0YjgzZDQ5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGVmYTEtNjdiOC0yYzQ0LWY1MmEtNGZmMWU0YjgzZDQ5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 18 Aug 2021 09:20:23 GMT
content-encoding
gzip
server
OXGW/16.214.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjQ5ZGVmYTEtNjdiOC0yYzQ0LWY1MmEtNGZmMWU0YjgzZDQ5
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 3135
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDajPGl8_-2f8KnVGJGkDEc&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDajPGl8_-2f8KnVGJGkDEc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 18 Aug 2021 09:20:23 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEDajPGl8_-2f8KnVGJGkDEc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 3135 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKDw3QEQ4NeRoAIYzsegsgEwAQ&v=APEucNXFadKL0y0jsn3N0nE_l6JP3c6AZ9Cy9X230FamA_httsZYi4lkaOEsW5A2J5OQiVdeCrNJhtupaguGDtC_nV9P69mVhFMLY3sc7bdDBByiqttsH2hdh9oKRuXXOyvheHMS_LAdOVzzfFUQFuLv6klG6kHLZ5hqvlFGlOwedDS_kNHe6pc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.31.88.106 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-88-106.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 18 Aug 2021 09:20:22 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
css
fonts.googleapis.com/ Frame E23B 		5 KB
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:500,800,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eedcd858b717d51a55a283a8c74d9ee4e8d0eb247499263f53b84f91338a1e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 08:59:08 GMT
server
ESF
date
Wed, 18 Aug 2021 09:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 09:20:22 GMT
Enabler_01_242.js
s0.2mdn.net/879366/ Frame E23B 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 17:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57150
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 17:27:52 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5BDB 		499 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcAykve2ZoIm-FwG6zc54uHZpDdlJkeO6yz2pUwP8UnAO9Xe3RKgWDL6Ujh54; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 09:20:22 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 09:20:22 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5CF0 		57 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af9aa0ab019d8e666ac57410b0da8d550fbc5903e0e9d1f45ea99f7fe47302db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26927
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 5CF0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:13:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CF0 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:22 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 5CF0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:02:13 GMT
l
www.google.com/ads/measurement/ Frame 5CF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvgVCKSR-FbouGZp0dhkpOylG1WSNhce4VuYpzujBvZKY1r_hmpWaqXxCuRoNa1fs1-5cTDNmbhUGnyw-J6S8uCZsF3Q
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CF0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CGzOMfF7o6XcKJz523fpPCteJhBsvizpzSwgtTB1W3ZnHR6Syjdl0GkFZv4MXedUhwADfIC1SxibVmqucV_uMGomEZ_JDhap8T8GtEFxjV8a4uXrU
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 348E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012108100143000/ Frame 9203 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55213
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2f5786613d323c5a"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9203 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4877
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0140540fbe581c13"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9203 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28511
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"07ab47082d8b4bd2"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9203 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1660
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"758b6350805b356b"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012108100143000/v0/ Frame 9203 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012108100143000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
74083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
sffe
date
Tue, 17 Aug 2021 12:45:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9aa942d03505fee"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 12:45:39 GMT
css
fonts.googleapis.com/ Frame 9203 		6 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 08:53:12 GMT
server
ESF
date
Wed, 18 Aug 2021 09:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 09:20:22 GMT
css
fonts.googleapis.com/ Frame 9203 		4 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 07:44:53 GMT
server
ESF
date
Wed, 18 Aug 2021 09:20:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Aug 2021 09:20:22 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9203 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
server
cafe
age
41246
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 18 Aug 2021 21:52:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9203 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 18:40:15 GMT
x-content-type-options
nosniff
server
cafe
age
52807
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 18 Aug 2021 18:40:15 GMT
truncated
/ Frame 9203 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b6e4ea136dccf0ec066812f0375f913f4d44ac7ee38576dd175906efd52ef43

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/16287976123638193121/ Frame 9203 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16287976123638193121/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qmLy26cHDDwkhDNnD4BZ6XqDP_66g
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a462a6eb6079380a6c06f01653fe70150ba44232f662746517f4fcd20f8da244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 10:35:16 GMT
server
sffe
age
0
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43454
x-xss-protection
0
expires
Thu, 18 Aug 2022 09:20:22 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/748346279863093801/ Frame 9203 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/748346279863093801/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qnO1fk2Vf8eL0UD99hBsIuIg0gGlw
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83c81bbb7db55d19d97322a38c7df2ebf7982aebe92fd4dbb18e1a7cb9eadf8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:23:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Nov 2018 11:41:30 GMT
server
sffe
age
17810
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41261
x-xss-protection
0
expires
Thu, 18 Aug 2022 04:23:32 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9203 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvLoC1tAcYZmwIpbQ3gPEsaqwA7ryzNdbq56claIJypPA_OsCEAEgrILWI2CpsL6AzAGgAZiI-t8DyAEGqQKD7wEGEamzPuACAKgDAcgDCqoEzAFP0IEDMqmqUMts0HRW8_YVIE2d7sBJUsdwwTW4_LCi338gdL6OvRs4zQw5s4BEPn3ylaqiTQwT59VpncyBhYs35BGMZ4q3Wg6NnnBYm5XXQZ3tMZ5JU8P_lmsAAl52Tqlr6G5DzJaAEVWC7pfKBhUdB4dPtmVUVMKCzI74w-o80dhI-oNmExfBTbti5gZ9j_S79KNA6gvOkhzK-iu5Ei0BDKqv2H_Bswod7Ksr-VBP0lmW15L77WujOHVJ3d8b-2NxaOSw_wERlDfa_RDABKvo7ryHAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAfQ94UgqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOGqA9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDQzNTkwMTg3MTk2OTE2NYAKA8gLAdgTDYgUIdAVAYAXAbIXHgocCAASFHB1Yi03MTA0NTQzODAxNTAwOTY4GPT4Fg&sigh=Xps5a1IBark&template_id=492
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
696554.jpg
haberbank.xyz/d/news/ 		256 KB
257 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696554.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
3016a0a633534162a1b764f024cd44fb5e99c8ef957d6bf671f3aee99c4d08db

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=3c173336afe9ee26-22928d96a5c8009e:T=1629278421:S=ALNI_MZcfBDaOD8DUDLMFWdha9NIBGXJ8g
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:22 GMT
ETag
"611c9a84-40197"
Last-Modified
Wed, 18 Aug 2021 05:28:36 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
262551
696550.jpg
haberbank.xyz/d/news/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696550.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
376effb6445dbb13ffc68f3043d83b07a235435c662b9e475aa2a7c8b488b5c0

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=3c173336afe9ee26-22928d96a5c8009e:T=1629278421:S=ALNI_MZcfBDaOD8DUDLMFWdha9NIBGXJ8g
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:22 GMT
ETag
"611c945c-17757"
Last-Modified
Wed, 18 Aug 2021 05:02:20 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96087
696523.jpg
haberbank.xyz/d/news/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696523.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
56165bc2e057897262036e6be82eb1096c6606badc98691695561a55ddd06850

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=3c173336afe9ee26-22928d96a5c8009e:T=1629278421:S=ALNI_MZcfBDaOD8DUDLMFWdha9NIBGXJ8g
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:22 GMT
ETag
"611c8ebc-1bb44"
Last-Modified
Wed, 18 Aug 2021 04:38:20 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113476
696521.jpg
haberbank.xyz/d/news/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696521.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
8b8233587f76031b40e28a3194a6190c769f5ae78f04ee1f12165d559eaeb6f4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=3c173336afe9ee26-22928d96a5c8009e:T=1629278421:S=ALNI_MZcfBDaOD8DUDLMFWdha9NIBGXJ8g
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:22 GMT
ETag
"611c8c80-16fab"
Last-Modified
Wed, 18 Aug 2021 04:28:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
94123
truncated
/ Frame D90E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a48cafd1c726e7473e002243b24e304be3e1ec56abd9bf0c046f587c78c8213

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame D90E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdXtstT225ej17yIyIae1ThMguRHVDJbElagYYNXsCZ0OwNhjMHNg4T-izdGTR9Iu9I9PU2pvvyotFq6U8_ToCfuUnU6XiUve1K7NVYkevnW8Iyvi92SS9n7yLOpJnFCWKwmb-JYtDEjY4JVAphLXR5Parj7oXOjK-lM_x9W2uVzwTM2tQ4XDp16qOqkmn7oI01jtcluXckIS7Io7887V5cFLRnva4gIEfOkE-uzma8JLFa8Pwl6TJWFcum_cjJ0kMdRabXiAy14DbmEPbRPLMzkna4y4ajZpbC2I_pfRpGJb8oRIRPmNrYvKt88FojGp-6OlRQ2TO5OGK7vLGPXdR2gPrw67DonSPrtU1GQIAf5X_exaHYPjZhxImLFtYFNqMqxFPSCMYNhUFxTw2Iyl9JMIHIPzZDmeMRD8xYzhxbHdFhthyxT8g6Ivztmub6db0p_nCz23yX3Kxo30JNKcP6D4Ti1_UMvVORYJ6Eielaohj2g5QQ_lWyyKRrW8Mx0gJ9-x0e5R03O8sDMaJZqZ5wBkUCMNkuRcwFuQEzbDvZe2Xxi9uXDArn8-q6MJmdACBdCjknT9D1EpwfpwN95UVSRcxni4CvbOF1Wog0P0yIFIbIJ-9eLGK44zTBLbKlZvPL3bd0HBthfwz1R_B-QDNU2kXyTdJaXrdJxyFTw9Tft_7uYeJ8eomhj4iopKLScoPabdyyCMI6PJQO2rK7jv46_kR6d1Ewmpalr_mtAR3DcfHpf15CeQaIHOMzEsqpniKKeEgMWc1pdNygB5BPGfxTVxufPKD_vpbmngkgKagEDz-zhBcywv2rV70MSuM5pHmxL9Qcbnmk1HGBFM5g6mFWTxQh1RKlPOuazy8B0OAxvhCm46VtAuNCAQmR_i_ub0ZjOZQ4y4WwQGF9HwxJ2h_tNEac4OoezAZJuQrOD98YbuUCTwt_63nv-iYzogNf8tIDVKIBxucrqL2zw9pNAd3E0Y6fZPPXuBvL7S-q0owAlIhrqBHPrJh_rzdqaNLEcBk1CYNfuYh2FKGQhLj69umXeeYMcPa0CMm9W1i644pw_C2DT9KwHD-QBC0tM1SSXPcwCu--0tzaWxBYF4WPAS_TqFUm5Pi1YQRSjhz99MTdChXERbRfzPQm_tf2KqRU3ZM1rddGTERa3oXtZoBod2vumgwU1rULxG7cSaG6Gs2avRH1w&sai=AMfl-YSBZsydqStXJuM_m_Rxj78F3DY8jgvKyecOJ57hMEK9xVCzBfK4UWDDhuY8KHEdlVHcxarFdwXG2xjJs8LeCptMjINZNIINrv7P6FtQHXOEfYnqtJxjVxpRhtUMpYl3qt0P4pf-M1qcS1mgTZc3CZRrwpIAEb3pWSG_JnY&sig=Cg0ArKJSzMYlZuygnbUGEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&vt=11&dtpt=224&dett=2&cstd=0&cisv=r20210812.88066&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQt6C6eIt4FshNWk568Zu7Sj3JWECVEBHyy1g2fdnaa2Y8bccTB6mwYJ-FA41_hXMcuopqA0OQVhpKfaG4DD-PYZp7FF965-3LcFZx71kV7N76x9TEBlQglQO06KpOtt7x-uHztWLihV6CoxvfrXPXlA6ISA&dbm_d=AKAmf-BxpKMlXTfzl35nWgEtjNNxHmndGWPJQM9W2_hHDscarqUr4jW9xIMiastFJSo7G0nftToiQB44yH8pWBieCWj5SELq1t4gVm0qmT5DCFjb3rgwrcIoem1aodmI1O1h8Rt6BKIb9n3EHsl3qXfWkmZSCvkudOq420DMorwn48_4128tZAKvFgpLqSL6ShlJkdgsDXNz5uZ38RCtnLqhYTzyKvSo7pa-XKOkTS6bZJrwUh2bepTy4LA4jFurHcfAdy383yw0UeOVSL2TWIwk41k2CX5l2s9NjKltN-UdRLVjLxs_X3lsU9rVXveNzX_O-9nYyMW37ixM1goROrqCSwJurLXcj2LkLXKii9BiSiaYE8bDyHP0GVYHx9ZqdUYdBnQXZes7iAmJzofULnMBUmnXwcKpsQ2OGcddwK4RGF8Qzgfa7BF9s9FSHql45fJIxRAUUM4Q6nKecgzAf3UruloOHX8yXSTEc70xTjC46O7u6EXpgT4iRXHvafGmrJYvSx_zZVP-X7hh7aG6HLRlt6oxac54R5NBZepAmi12jjROpOGY_3xF8NTyTrin8sL0hSzUVGYVKk6s30K8_jo8GTkZSB8CmRa2X2TByc766N3c18zYaldIgCQLXxmymF5ZMpwi5G2_GVtPj_80SDroQQQl-Y3cTRN1rnjGE3BEOIxicFeqft1KCVIGJKPlGukNaAUT1F6mKEswNV7pePz6zGqcUA8gtTkavd5WPN8ihy6T6g9YRYXgz31rJxzXjy_pYGQwPnVGAjH2YmdznlvCeSlpHOmFodggK2PXIv6TfmMSgXDwmK1HB7Acg_5qGIUXlV5U219gEYiNMOILRJaw-vBgH2poGaGkZM-_3_m53lzoemYH7gYLb9EcR0DxxB2qRmuoXWXuSkyOhPbtlvX1CpL-mWFVU7HQgwvLhN6J0rciFbeohWIe85PKuXqBwOPD0oR4-mtx1EtO_2klpXBTH7sbyKiwzC9JIw8w_A3BPVeH_U3-Tj5MXs7_jxn1B5VWajtGEArrK3pbz_IPs_KyXQZ0RJtTCYi5htP6tkTiV0t0OHwoJ42m-VXy9p-sjzcnB6t4lEFWQPzwaTSVGE21qRe-9_LdEXA9lMQnYsmGCU4ltjhW6eKgdQskBG1PbhMUJTYa1YCaka1ynixHThaV-pe6JZRQxMP5jw5D8VwFXwssd5FrjyjdlYsPcQZ4mBVGKvv8UkHssBoSPd3bFn37xe8HrSEcRZ81j6Bxoj1iggxoD5JzYCdvTBltDMzQZrINwcWyIHZztJs489mCD8jdcuZ36N_qNqnche6H-0L4kDMqOhd6rTq3NWnfWtTBMO6mHFLX5eSRDQHb0hgmUt_EYiZLMrrJshnaLjYoJAQy4zQ9g6nofxxuj6ILZHMXYI8377Jp4WGMQeBzQOM-upw2uS-zVeDWNr0MYXY98bUZ42Cr_9T1IXGDvE9IY_X8Etcj4IP4Xp4Q-tLNJtOXEj9wZuw1apulsXWYPpIIh5aUBqu53FzGFAGW7GaqFcFIO44BXIeVBSVYmrhJE4xBDPRhA6fNBtmA3LiHS-Ut_vZUjg4xshmuJN6qNvtJYpIY9KBUSYfIKpk_3i5c_qypDXnY34VQSiwqz8CqvB_EMDA5fbyuChm7diQ7p4wPCFGAuzcmaXS1UHA9KdGt5rreHgQlHkxl8zHuSqCuqQQnMvNDNBpg7ud3mLk_C58GN_AaoJCIk6s7c3DqEZXXuk-ByhDLic4v5We0ybr8I-X27Ph42ESlBS-WaZMt5ntzaSKQ3a_dSEoMZ-GX9WwLXrkS0Ptx_cT3iqMAEoFsS03uxMB5wbtZUl5JglbM66HhLtEkc-XGOm8bRW9wOdK55xJogJs8Vn_JQPS6NFzS04E897HQtlS0kcWTSK8xlkyvozgiVTOGg4szo5dgkGVwFFHE31VlEZ86St5A5zL137tRF6kijfpCdYYov14jAnV3HAiqwDNtXnOXyCTebZbI_exD2e77q5UjgKPKrRpl-DCSMFurApXWCvm_fOopQh8fD8G9EoS7Up90cqyhcovt2SRCpyUuZ58YOrVd3VDmquaadzUxIsSNB44HW3rAk4FX_2EZRr82T_dcJ7CJRgLJlfPKzuQ8sT3VXj0C-WfVPPt_cvhdDBe57Af6v1Vt40aJ6YriUuQZNNKr5EzIIquooVKItUHGeHoya8j0ZAbHIUC5lE4RpNLgaogVrFZ5PJAq7sjalGAENY-NdqT0A2KwjmKObnhdZmxw84HIpEzxMlmumEPpGB0dlKcE4v5p_MLx-vN_2WkVR64PpdBw5fpwnJQh2VB8G62-gacGBuKDBnnEIK2M1lAoNyuvce4dSmcEWK3lrY66WBbSUvthrhljys1CEvvdvazqS54g1GO5aJeODk1qq_OGfaJujhW0nF5xY8g7EE4a9EGNRLuaXdvgnqsSPYeJsCGeKxXaisjegxiksPuasrNowQYNPU1AR0Nd9bTmY6AsH-vM4TxIUc0Cg9SJuFL-qThmziItG3uiKZRL9USccVd__XzBMMLDgMJFyLZccn1Y-gNgh9zaGd-rznrAb2vLdLNqGSq8GJVdPAy9R7zH0_x4NG-CyqxpwseleWA70gP8DwzPm6tbauxx3foC_GZ85OdOEnbUuTR-l8IMb-BTyzT9tNNAVamEUNpqMkxehIL8xGMCDFaajmPpv6hVwACBis3iPC4heKgo9Y1qYh-g-dwH4ITppNvZj8x6awsHXtMhHj7CYBiAy1E-nVoPf22UJOSOrbBs1URJ_QGpDiC5VfLokuZbpwCCpT5w3mIG0TXUKD9Jf3NF2Oj_xeaKY9ycSft8N7Q_Kphoxu58yUj3cBW9CqxAb9-LksGknmZtyMp0yqSdTdyQLrG3UuYokLghCfGUjZMQDeb7k-KAQTr4q3US1j_BkInFzStIDHITDSbvvTjShxWPkC7mxTvDvzfXzWuLaD4B0O56GiDvQ6vdeEFVGK4powdgNaEbZNxrnxV9QcKExtmQmuoLSAxrbS8iHFuj6DTyyLyTmr0kYbpAb6Sq2il2t5CX3nPSWq665tdCvt52Vl86QO2jHB8SSSQyTKTv2jaCm4--6oiWHo1aLA2eVmFWZcxe9s18fTjfWeZ8dGq_fRkMIRIonqIYVa2oyMxyUn9PvnAPCRTYuN3WCi4Ml1SbvWUb0W4LXARA_Ongucj5ut5eifhQAeWQJYW45O23J10oDA&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9203 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://haberbank.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 18:26:24 GMT
x-content-type-options
nosniff
age
140039
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 18:26:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 9203 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=de
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://haberbank.xyz
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options
nosniff
age
57776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 17:17:27 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ Frame E23B 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:500,800,regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:45:28 GMT
x-content-type-options
nosniff
age
113695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:45:28 GMT
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A7A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 5CF0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame 5CF0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5CF0 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQHZobjRIYACFw3rvYSZDVAid11J5Oa3gcmwpaTj-A4Qa7OswJqtP-wrpwgfiknhuG974zGMbF1se_tRfWKlKFa6FW1g7RComLEQrcYV27qh6c4Vbm0dbrVqwgwPztRjLN0S6q98XPITjNQvFc_jxcvKmPSMkneYbJxIfK3MFh8TtWEKkyp9wyl21A7xpzyJiMMvb2o7SEiCzmK9Vx0kiZGuphWZPnVOSu-9bijZvt0D23ICwvUyOY-D1SGwX70fyi7ngtBP6iqprq2g5Zkmq9s67CciIEnYnJ_EefoRCtsQO8_lpUiBNDTIKAFdEeNEUZlJ9ZyCCzj2NaVGjiyScS8bT9_eE1_lxgl_bSlzJz-fkxSUlP27SqH73pBppHVqZQ-pfZJNBVYZHBv_oznt2JGVC0gwjHAgxS7msaoaswbGJcmYxN8wDmvDSu-jYCyqUongykcboeEQZt1Lov1SMagENT2uHA7GrYeVZxZwVdJxwJyWYCQ01OdgMnoZqgkkO6EBvRMVsSaitz6C_LlUvVFRDu28PKKk0Z_aEputk8ziix7s53bVqm-ybb9xxs4ahXe_uD552vRs5scnLIZOATTnxFa7H-msVlMzZEO2sD4sG50bhIM8cGKxvMYBJ1XSrHIPnxy8BS9Hh0M8G9TFpBFdJI2f4GyV_xxPBqEVDAylE7-Q8JkLH2aXszAtey6Od2n0n-PqN9xaWXq4tKEdOut4-Y7P4Ql6hyOuhjnpvZNBQP6q3ZZlllvFwCL44rAHoNhDLHDygDTn_tkQEK6wR8094_T-QKwVrEOGd4MSsX6zyWv3sc726y2lCw-uGNVxgB2fen20H0-twYJtTCItetT4zlkJEQEJmoXVuzZfOcE9h9RIEMLhekPJeEXtrjgE92c1tkRwIn56H0qVgOxQoYbjNDiVypITTzHQt30KSQ61MCrG_TEqI-UQ9PckO5LcG8F8ixBEFqyglYlPjFo-X-Scqc5Y3N72LDcoMrLRWPeXJ-Mfx_9yFQ-kfJjmm_1O349v7ZGjGKYWEweKAxz5ZWf_Zw_e7pZJlT1b5MjILS3AfD-Iw_PoFfCW7oPwAw4_COLZqQ58SJFgCJQbIKA166YbrIm1tZFgoAyaNZkEysFOOlgazKBtl8H5SfYtkkVjGtH_7jrGMVNV6NReWSX9PTqT3_0c-P0vaWJyugkUdcXByjA&sai=AMfl-YRZpYhYj7DAejQPHmZVwW44wlTryOMGUHszK7Gh8BpBISch8l-Lw9RmPh9QHLt7Mn4Hi7n0bh1QMAa8SxhD0JD3ykFLoKYF3bMBs4BG69Km-u4NTxSsCrsV7EZUfNnEP24XRV5bcTxqPBc4Rv8n2-zXMRXzxo7dU2rWm6w&sig=Cg0ArKJSzKipSMEax9RGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210812.92606&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5CF0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
07212021-015122930-2109_FC_CleanserGratis_OM_320x50_DE.png
s0.2mdn.net/9677181/ Frame 5CF0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9677181/07212021-015122930-2109_FC_CleanserGratis_OM_320x50_DE.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
170fb1700c127dfd14c268e507bf0c40380e403b14ee5ec8df5403d71f34867f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 16:56:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Jul 2021 08:51:22 GMT
server
sffe
age
59020
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5878
x-xss-protection
0
expires
Wed, 18 Aug 2021 16:56:43 GMT
pvs.gif
ssl.hurra.com/ Frame 5CF0
Redirect Chain
  • https://ssl.hurra.com/pvs.gif?cid=416&tid=38532&cb=3564507500
  • https://ssl.hurra.com/pvs.gif?bd3p=1&cid=416&tid=38532&cb=3564507500
43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=416&tid=38532&cb=3564507500
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.144.160.15 , Germany, ASN12312 (ECOTEL, DE),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
server
nginx
strict-transport-security
max-age=31536000
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
cache-control
private, no-cache, no-store, must-revalidate
content-type
image/gif
expires
Fri, 10 Apr 1973 05:00:00 GMT

Redirect headers

location
https://ssl.hurra.com/pvs.gif?bd3p=1&cid=416&tid=38532&cb=3564507500
date
Wed, 18 Aug 2021 09:20:23 GMT
server
nginx
content-type
image/gif
content-length
0
strict-transport-security
max-age=31536000
p3p
CP="NOI CUR OUR STP", policyref="/w3c/p3p.xml"
activeview
pagead2.googlesyndication.com/pcs/ Frame A965 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgeXGgZHCHMZv9MgqO9SUdojcIx8VIm8fKU-sT0lHVIArPd7UNFkUUxW_vIqZsaSTIRRzxqcMo-2ujjORR-15FnVH7W4QIH5H2R-y74or_BZwQyxDKzwb8AJpz1A&sai=AMfl-YRisUi9YlGpTMGquRoBvdGwriuzDMjE317tSUkeVO2rFWRlcbTUbrO8Bq0yVqwpAPfB36uS5kocKnybhB-yi2ivBI5MQlYK3zgwJhii-5v-1bF_TpFmW-T1zE22yA6q&sig=Cg0ArKJSzN2DNpDaoc1PEAE&cid=CAASFeRo-OSOz-Xu4ZWUnN8LpdwEackIHA&id=lidar2&mcvt=1313&p=50,1430,90,1471&asp=50,1430,90,1471&mtos=1313,1313,1313,1313,1313&tos=1313,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1366858423&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278421720&dlt=44&rpt=224&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 80AC 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfY7SyrulPKUDlIBRbNW1b0vBfJZ6_LNSHV42vx-CNULiR8FIPSS92S3B5xedWYW6csxT8dbJsDuFkEELl4GVP9PNBUxlq0rbP8ToOKvnsIq15WiLtmR1xAi_LjQ&sai=AMfl-YTxqiIhoV9j1n3c0nEpyfObDBevRCNHB-HWQt4fPv-yzCjREYXnPGfzg_ilEQKp6XDh69_1U5ZILUDrO49dEiizNvWoAXv9sT4yx6E6KTv0xzeqHBmirGhNSmXXRgE&sig=Cg0ArKJSzGRVCDkAL04uEAE&id=ampim&o=310,54&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1149&mtos=0,0,0,1149,1149&tos=0,0,0,1149,0&tfs=129&tls=1278&g=100&h=100&tt=1278&r=v&avms=ampa&adk=0
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0601 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 18 Aug 2021 09:20:21 GMT
expires
Thu, 18 Aug 2022 09:20:21 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=HEINEKEN_DCM_MASTER_DISPLAY1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&m=0&ar=4790001-clean&iw=ac4b0db&q=2&cb=0&ym=0&cu=1629278423575&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=25832561%3A6515169%3A311353750%3A155966465&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&bo=haberbank.xyz&bd=haberbank.xyz&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=heinekenatdcmdisplay728490507552&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A463%3A463%3A0%3A655&fs=193790&na=915022861&cs=0
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AF83 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmcypyYocjoCZj_ErkHMu3J_Av-MhVJa0li2QYd7pFtA1oAb-y3Y-tuW-9k1ZBZQdtF0mPV4hbObnVPwCd9UolRKJxWKzAhpZeL8vEehVThAPzMFH73ootP-sM7Rgl3r9dkC9hM1muxXSBPy_k5D4_Hnyu9SPFrQQ3XtR0LHtZpGougnMTMbsGtXy9n5z_lwWNMvdLnh_MSWkMAu_5bCRQO26XAlDChG1jR0Dn4uo4YVpEvKA7wUm_gRD2iLy0E5yye6o4FkQOLVy9aozppTt21qJJmUOHFTw8tGWfLONZItg2WB7poxOVbyP3N-gWmSMe26YXS-tSGjhf3j6j1gXrXkGxQTvFQLrBOd0lEHTX34ze6xCo1oj4_kkSg2z7WCtE6ieYsYIYy8MvkmhSLxK-1cbJiZh6H3rtAJrVEtl-PnmH0IYTzytvpVoydqrjePJ5EV-h8ve7pBXSGti7ba2buoWWegu6mNJfKJi3zlBYkcPAzd6bFhOiPerqLJpABwdH5ExAy5co7x5mH26eNC44ts4CquTCiLSZYvw7Xz7Si7D8eF3f277aqPz9sh76KnEUDqpoIaI3cKoMHTYesNpmUYc_TvXSycTFRaXh0i8Z8wlYKvoAeHLw3itLdVkHMjIfEAgykTCw2DPnSLyzqcrY5Khof19S_byB9MOmVjhSM7jJ_SyuWGXqt3lY11g3GU-UsYDCFX72tzEzKNGpjCW9jn7445GntqYCP9tC58xcqqV_norr7OYslBbwYzwHkgrHkJ77uoWsMnObJVmMGwGcuD23WG5zdg8sphPma0oYr-ZFsYRiTkwAtdhxKZ799wJxfBJUXFQnxBs1YWeP0b2nZa6SxyoBM_5ZoE-jfUoHIOxZRTuCzaeX-mVj7lDtf8pgRn2UXxcgOd1u5XQHG4RthDkAiOFfpQ6qQ187_lS7DEWW4v0qWiL_-McLYXXkjL6pC0XHbbqRsqkiXgQYF1IASSp00brMKp2gM0e_EykQctj9seQojf_No54Ip-nSx3tQvdECDAjrM3KrSKPLJjXcEYTbm5O9-hsu9yTqItcby1EmCMBtGXTtbyHytNDCO8HrtrWhU5DloJmFFBGy46IBhpvWhOF4cd1sd-3pYuVRq1Jq3m6zCpQ7x7b7u3WBrvGmOTFzgGetTNFbDlh2rbMszca_xa9VwgbeJ6S4ITJGpsILVMMtXOljz333N45YiZcIjin1nd53x06gNQ8dcg&sai=AMfl-YSVgSpWdaMWU9UDxiTdE6a4qXVPjJeV97uuzYXL01p1rA4Ik8KQ0VxFKBcSOQnrxjnWdb6ax--cpxguGTXY_ougqbb8Gal28S-oX0UCRY25N8fkwS1A8Fpd_9kCOxEwCoXCxwMEc3ExB1s_fLX3YvFpzuFX-7CJmyoDnms&sig=Cg0ArKJSzBSefPFpdeRfEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1305&vt=11&dtpt=1096&dett=3&cstd=201&cisv=r20210812.22605&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
partner
sync.search.spotxchange.com/ Frame 5BDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEO3jDiC6SU7OB7S8XYsRMCk&google_cver=1
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEO3jDiC6SU7OB7S8XYsRMCk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEO3jDiC6SU7OB7S8XYsRMCk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5BDB
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODQ3Y2E3MmMtMDAwNS0xMWVjLTgzYzUtMTM0ODY2N2YwMzA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODQ3Y2E3MmMtMDAwNS0xMWVjLTgzYzUtMTM0ODY2N2YwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ODQ3Y2E3MmMtMDAwNS0xMWVjLTgzYzUtMTM0ODY2N2YwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
84
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 5BDB 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMKPFhCD0twCGIXZnbABMAE&v=APEucNU-ODfkU89ipQN-M9dA_rMlMbsg1DCZBta4r-Kf9jotlM7wKKG43qHWO6E0XTDqQEeODQBDDf6XgWdbZdtotxMLRME36V_bbbwOnWWcbBCRXokbEmc6rrx7ErI_0JTyGDOQ-8qLuuqIVDYMnUhvWSXNBkL6RVQB6ig-tEOoiRO_c2hLSSM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:23 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9203
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 5CF0 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrQHZobjRIYACFw3rvYSZDVAid11J5Oa3gcmwpaTj-A4Qa7OswJqtP-wrpwgfiknhuG974zGMbF1se_tRfWKlKFa6FW1g7RComLEQrcYV27qh6c4Vbm0dbrVqwgwPztRjLN0S6q98XPITjNQvFc_jxcvKmPSMkneYbJxIfK3MFh8TtWEKkyp9wyl21A7xpzyJiMMvb2o7SEiCzmK9Vx0kiZGuphWZPnVOSu-9bijZvt0D23ICwvUyOY-D1SGwX70fyi7ngtBP6iqprq2g5Zkmq9s67CciIEnYnJ_EefoRCtsQO8_lpUiBNDTIKAFdEeNEUZlJ9ZyCCzj2NaVGjiyScS8bT9_eE1_lxgl_bSlzJz-fkxSUlP27SqH73pBppHVqZQ-pfZJNBVYZHBv_oznt2JGVC0gwjHAgxS7msaoaswbGJcmYxN8wDmvDSu-jYCyqUongykcboeEQZt1Lov1SMagENT2uHA7GrYeVZxZwVdJxwJyWYCQ01OdgMnoZqgkkO6EBvRMVsSaitz6C_LlUvVFRDu28PKKk0Z_aEputk8ziix7s53bVqm-ybb9xxs4ahXe_uD552vRs5scnLIZOATTnxFa7H-msVlMzZEO2sD4sG50bhIM8cGKxvMYBJ1XSrHIPnxy8BS9Hh0M8G9TFpBFdJI2f4GyV_xxPBqEVDAylE7-Q8JkLH2aXszAtey6Od2n0n-PqN9xaWXq4tKEdOut4-Y7P4Ql6hyOuhjnpvZNBQP6q3ZZlllvFwCL44rAHoNhDLHDygDTn_tkQEK6wR8094_T-QKwVrEOGd4MSsX6zyWv3sc726y2lCw-uGNVxgB2fen20H0-twYJtTCItetT4zlkJEQEJmoXVuzZfOcE9h9RIEMLhekPJeEXtrjgE92c1tkRwIn56H0qVgOxQoYbjNDiVypITTzHQt30KSQ61MCrG_TEqI-UQ9PckO5LcG8F8ixBEFqyglYlPjFo-X-Scqc5Y3N72LDcoMrLRWPeXJ-Mfx_9yFQ-kfJjmm_1O349v7ZGjGKYWEweKAxz5ZWf_Zw_e7pZJlT1b5MjILS3AfD-Iw_PoFfCW7oPwAw4_COLZqQ58SJFgCJQbIKA166YbrIm1tZFgoAyaNZkEysFOOlgazKBtl8H5SfYtkkVjGtH_7jrGMVNV6NReWSX9PTqT3_0c-P0vaWJyugkUdcXByjA&sai=AMfl-YRZpYhYj7DAejQPHmZVwW44wlTryOMGUHszK7Gh8BpBISch8l-Lw9RmPh9QHLt7Mn4Hi7n0bh1QMAa8SxhD0JD3ykFLoKYF3bMBs4BG69Km-u4NTxSsCrsV7EZUfNnEP24XRV5bcTxqPBc4Rv8n2-zXMRXzxo7dU2rWm6w&sig=Cg0ArKJSzKipSMEax9RGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=431&vt=11&dtpt=430&dett=2&cstd=0&cisv=r20210812.92606&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRjyLDzrgvUxUH80BQe65JeFZkTbD-Rft7D2BhNSf6PdY_FxuSd4Dg24vPf04mVstm89dKh3KVDjFS69cMT01FcdJOjAglJjeHmboY5Z3ReknI7NUhz8FGKQn8mxjqodsaavgpVe4AssWxyKmHG2KOVnj_jQ&dbm_d=AKAmf-AuDfaLDLTjZXcPtZewW-qJWt1zkAzUbffDt8GYPunZ08U0mm0sqMZ8NjXx17ivkjABzQoU7aJI-tVrMCXnoqJHd27Tpd0oimXxNT5f6Lpgn4VbxIow0qyXUjc6g0f2zdtlcyRah3DlT86RZMsCP8_V3qkOPv-v2SJVl_hTxFDpFLB6nYbdeMrYynr3MkvyjP-nhW4frmf4_dZzaeN4Fia14mZe0jO2oiOz0ndI9TYU0guqPmPNQHIA1JryPce7ES-wQPruJgWab2o7SEDpEPpSWU6g8Sor4Jz0Cvz1gftlIs7BrpD832h-HGvK8wBoOJ8juNyiouFRTLM20EuuNeUURMMqlvPyobXH4uCZw3y8aS_lgJ9T2MaMXEb4W-wj_7okELjPwcK3-7pzCwZ4dd_E4mq-d7cR2PxuX_DnnF2JYgN3wlZWHg4rxLzSWv4Cysy-9Hu9tQv1OKW0WLHa2XETMBej0xXGtAc4QCqmscmvW4Prn5kS_5MlzDpcJBDXVHXuWAsgtq6Wogb-hHsk38QITYu2tJUufVHlDdfHpN_isk2g0JCltOKQmDk2ikancJIpPExLjUUHAqKSb-myvoRcIzgYo5Excc6-AX6460906i8g784li1Z8Jao_IfKLeZQ_RLTWW67ZgpP5culsFr11mrujF218-3nUTalF0MY4msIQ9GTjUVFIxGTLxsBMCK2mpO8dpHQW_Evrme4T_vYmkIOcKT6dW1MlW8xK4FL35TtxM-csFfMRuy5JM7cO46wZFCS-RYAcMZOuuFC9VskzzSTq4Mbc-vjQzgTKF7_3MRAxvcwB9TAe4UB7kiIg8cHxMLkQxJXO5fX7BjjKQJR024oZQsKj9S6PovxtBHC9Rwt2XLVw5mKj0SyT1yyIz7UCdpMBhVX1DTPI1Z9ce25KO3GwuNUosRs76_rZ1hpkCPdWJ7L1hJ_IUrTPQ00Ide_QwRmAnye3EqsRePYmd_5ucWirQviYUJ8jf8aOQBIDnxtfxcswsi9BNH94WO6GyhBX9MwEjE_ZV_p6gqaaBPWbMC_SPJSiK6YLouT85f_Fmlg1-CYQfT65osDY8wQVywzI4dG_ssV1Xw6d58h1ruz-jg6iXG_h3u4llOVoRi_EnS6ku0RV7Ktf8yiWZ-SA7arprgI-_vMmmfR8fl6f3wQMuepy5pJeDzLreZIoPij7trO54zFD9x8THs1zB-dn_WBWBCqjb2qPlLxFPN71tMHv558RGMGa4VhZDPzGUkKF0zCTDjqjS7tBP1w3QlejwqBMtHNJbaFGDLOnfc8LqFQe5_fDm3nTSReMoWV9lC6tJTg-mlZy06NxJ2gcVt5OMenL9eEVchaXeRwKa_EI6WqdArYIeIMCeKAoZN_-wT9umEqNxZ6jax-rRTsBJ_YICHEFLEK9roaKBl1sOcxMHz1hysUhul5sq8wgx9D468JgGtyfnc2aLrmDuNRXi__ojVx7cLPHEPcTbNgVdv9vCqLmcSqQlAorXTbzXqNJL9qJQrUHCQBoS8tyDaxlJqxsYTy4RAALUhwSGnxmJ22_g7yzJtK9sQb9gOmlxObP4LkMWmUmZ38AxS-qTO-Sx-c7nGKBUreclMl2fSLQEFDolBqkTqCOd9BUbboUxkUO3aXAo7xo1XLCdyajdssOKNnXimlmkYGmVUBPWyE82m71QspTeHfkYj4XmnSNNTfYCMaJsJ4m0wcmFZqmD0-OgykbXZ0NwdKz-E0pYb9eO9_D5VO19Czbqivj9NoBy1kuiPtUbTC3WyC5bhWjEtLcyRi5T5glhe5kjjJ0-rTe03jWhe-oSak89BPLCE6yJP-QojiMJQqxx54SxTtWlQHHviB-cQIRT3fwB28OekhuxsZe3br_7yMFLbK_w32-kwChWlzMYzZRQjKhpOUSAeZPTclF9x5PYbVWc2iYUtqf-WQ6YgMJOCqZXaDes2qxubWpzcE-Z4mwPwkrQb4-EJ-KZ8pwrimVrbPoNk_zorBe4uy6WcS_CsyiC8Lxd5pDFx4-zG2TokE6WGPHmJOOMscYgLP5YCU7DqFvyq8j4FJKJkUhr4sMz1YjZQsjcEEFLf2wTH017bzgmqmcolODiqHSqrvPbORupzah2783ownRM8sRLm424Ex-1DMypklfo87OYymOeaxNl-EYJUDrpfkY5xX73VV_7LWU3dPyQZGjeS6jZHcmwVQgCRAmI0ao117pbmo4LtyuzYqhbFip6wlRc2_oZhv-hz8ODRb3BCtsFJePXeQAJ0X_Bx6K7eYNKxu-EbBql7pJIUmDn4CLRhWpy5OL--RODIPiJDR_HB5pWnJw_tQOv96H0oPwT6QH78RrQ9pCA3DlZPlrXMx6j5xo27hIfroXPumPL5AJa0gaKxi4KvHVfxQ2fbW7e3uDUS4DlyBFHuNIhFY80Fw0a3bsScA0ysxKcJ8hzZgYe7k-5DjK-O7ByUuGnS6YuLNycnuxqEW9QJBQWw2ix3ga4XAhma0geO5yzXUhPSq6P8l6XgucOszksB8OCtM5YK8ymuPkPnhj2lRjDMkJ9vXLsYuqQkwHSWtatuhLqVmaV2ne-HTvw_WoTlDOsbkwrA6ZAUGFAIyEIu8agsF2Nak42gHyXkBJwBY-VG1MwAF8BRjRV_NYxb48GfU39lAl1OSxjUOSCjlCL25XtQST70eDs_5LXqcjMAoho4vAS7vMpbEitNys7UrqRbW_LXiBRwtiHrYWWjTuo2Jxfr-RnCqaoAvNlci3xWngTA5IQyjSi88CJzuwc9yZmrEDoxziFu1G38h1AvEpQgMb7oJbw9VaidNtWLuohkjdYbcgrG4t_6250mDcYeNdLH8M5AqcwSQJSNk4lt6SXg9x777fl_ALY_AQ9jd2jiBWL8b20_xH07HLjyklCm1uIsjaH-4LTw3Ry86MZwEOxMGWoNSscClplmYknrw9GMs4zzZMtUCH7nW1XGlOKSoZVCxD4dflwIg2aL9mE5-gzs3Hx_uA13x5FIkmMKiqWxMIuwEuSAvCkePVkV4xpBCe405dJfIiO2VR1pLfSUwhMeeWanRuSz11E4wGewqDzCvuQS_6IBCsEf7w5sWK2H8-5QtOPSfLY-GNik9zwfJW7OPc4lOSa79nZztUFBVONQYul4WSgrnTJYC8yhM_oKwHjH9wBDCmSywfLSPTjVo1UMHqHw1npAuQ-YQrY6wfKCHzPwCsroI89QiuIJHEWeIA2LZpKAiLjsa7zPIns3LKEjQa4ko&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 5CF0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf7c238e1d573c641211b74f22c0ae30669b671c20847f1e42df7f97af65a14e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
downsize_200k_v1
tpc.googlesyndication.com/simgad/16287976123638193121/ Frame 9203 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16287976123638193121/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qmLy26cHDDwkhDNnD4BZ6XqDP_66g
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a462a6eb6079380a6c06f01653fe70150ba44232f662746517f4fcd20f8da244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Aug 2021 10:35:16 GMT
server
sffe
age
1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43454
x-xss-protection
0
expires
Thu, 18 Aug 2022 09:20:22 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/748346279863093801/ Frame 9203 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/748346279863093801/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qnO1fk2Vf8eL0UD99hBsIuIg0gGlw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83c81bbb7db55d19d97322a38c7df2ebf7982aebe92fd4dbb18e1a7cb9eadf8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:23:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 21 Nov 2018 11:41:30 GMT
server
sffe
age
17811
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41261
x-xss-protection
0
expires
Thu, 18 Aug 2022 04:23:32 GMT
tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9203 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/tr.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 21:52:56 GMT
x-content-type-options
nosniff
server
cafe
age
41247
etag
9957912877679239782
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3057
x-xss-protection
0
expires
Wed, 18 Aug 2021 21:52:56 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9203 		344 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 17 Aug 2021 18:40:15 GMT
x-content-type-options
nosniff
server
cafe
age
52808
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 18 Aug 2021 18:40:15 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AF83 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZtWgIEN6yt3zxR7_ZsAiadfOEc3idEp_dUQTzKJ2MHa9HVQShM3cED-8yTHu3mJQPJqVvZ7G7rGmxuvLX0DxY39R-eqyZ--nNJ-6kJyv8EaTTAb_luQGE9zA6Sw&sai=AMfl-YRkmbhuDQ7KgP9uaLz7G460EYblltKI1QTcQ1SLV6YEN-B8YW6TXQYx9l83sxMtsdhYiUXixt0cVGf_CW2VfHHwcdDHaQUDL_A7okY4w4GNofORBJTZcr8Hw6RYKLk&sig=Cg0ArKJSzF7j6cx6Ttj-EAE&cid=CAASFeRocp_7Pp2A84D6o9-VeL-i7j367Q&id=lidar2&mcvt=1239&p=50,248,90,289&asp=50,248,90,289&mtos=1239,1239,1239,1239,1239&tos=1239,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=729430596&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278422149&dlt=67&rpt=485&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame DE6F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F855 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prod_studio_01_242_configurablemodule.js
s0.2mdn.net/879366/ Frame E23B 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/prod_studio_01_242_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_242.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 04:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10358
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Aug 2021 04:55:26 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D4A5 		500 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcAykve2ZoIm-FwG6zc54uHZpDdlJkeO6yz2pUwP8UnAO9Xe3RKgWDL6Ujh54; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 18 Aug 2021 09:20:24 GMT
server
cafe
cache-control
private
content-length
299
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Aug 2021 09:20:24 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 9A7A 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPnOaOitBmOXLxcVzJMNIVI5I_Et3oB3lhMD-xbs-0iaHskWFAz88C-qiW7Gt4sYAIC04hMyn7TpD9j6sftVXp44JZlfr_8DQe8nhidCOKOV3RY5OqyY2kTPEIFXsRUQYI9TSpwNd07-ZZbbQfEnxrR_nsdg&dbm_d=AKAmf-AmU8FgD_nR_0Org8KLY8TinkBK8qUYP5-kpfm1Tl5k3YSRjAKa5mv3Ic_JMhbLbmL1a4STxV8gvMt-Wj6TjntukWyd2Nys6IXz0YUGRfjCT5x3KXUGqHRmt80EquIvGt9y4j-Hl4Bp7wIQVgrzSktIsHuauH6gIv-WZQ3qprB2WRf_9NLyDwF4ybyu75Bs17fA3U7Kvb1MrS5PFgY15UbLb_cxvZnEjBD7b4rnCgkfddFcGqEJgC9N2sz6tr1jCrywmeBedSOww33HU-Zm8hj7FiYi34SVX4l_eUt8CJGQcu7ibpQdACiHeGjJnoLuBytARC739VG3NcBPZtgBHzzHlOfsPSy7pk8HvNBtnyyd33VOf3qLi9G9E_bNfQ24GOW7D0fvZ5r_QOR8679VDaz4gAfTwaJ_636E0LvaYfvgeFimkWbZGUDtrbB7A_Uuys9lxkv33RKZIWMpRLedG4_10UjaG9IIhx7rOWvhjhtsqAGZEysrlsTfmwbkwUJRz3Zb4vbAs6VfM27CM55uTy1nMxKd8M73VgXWaXdoKdo4kemWAWMNmlr9Wwr1ArgCixcPPOPcP4q8DIW4Nmf9xNy7LJtRVkk1xGf4RYtGAbFMJTh235OqqIoOrG_jGeHWJvlud7ZaYIJZpWBn63InHH5p6B1oOfrLDEcOSHLp0DzwEY-ltkeSnqQiE1wi1ZTTgWtorfASnTnr_bQ0JE4hvoh_phJJ8EMx-tIevWTqcjG-CvCAHPYSWZ7SrALcPQsVtof8K3Zg77xSPcDH6rUz2x92xJ_IEvazQodBce3jq6SsPMUfcD5dR3JeYCCTBd7M4BnboKCrXaMwLu7MRR8I_Eis4yJ-pHUquP0CKR9VKeHaJjJLqsp4Cb1Qsn7LzJ3HHyWJDxlEYACxtQ3HP7qLkq8BkewmW-jfdR1-ggrG929UjG6PMWZHEM9QxIPfQ1GV1X4iu3SrurhLMJya5KAmX2g5ebjW7codGTXMgwNZMV_NviqiunGlHugT-2wN1FHnrvFl4ZeIQY46bLrXoK1-qFer7ZTk4Bqmouh8wfnoX3oU1yOMBXotX1y7ZRCg9slYdhHGW-UMa6T5Vw6eM4HwPItyXghTYDd6EzJVPHD9-TWG2tEBkL8kCVLdJlhUKwq6zIo1AhWVNZiLFzH9cyIJTxYc7B6qd09wY34-YJnQIxa7YM3LOsWEKJVAsx8dK8igOR2D7WZ_UUyxKGxvorbv-GNCzgg83BphNN8oZTxo2VIvGx1xZSsVO2kBdZptvmV7qbagh1fk5P90mfBNQav7vGKA2y8zFZP31oqSZuFr0bEX-e3_7Tel9lrKUaXoqRBTO4BgVWxEWdZBXHwV1FqVX4E3hDKWV4UUE6BkxOXHmvQwgjnA-Tptm25qlwJpd1hQlMOuxBzTwvRsKkIPsAj4xmHKnVu3rNLdsRL9PbevFqD03_KiP65tnN-ltOT8-XNlPS54uxIUxkQ1KngEUfY9KdIRP31UsiL8lUlmlCqhJ8eGqb3jGj-CKI3mjSNFYiYVY2knGm-FFjD0ZSpa4s6YFU32whYle8ZNoXLUYppWHYAUmovjgUC8UlY95mWwmzCLeJ5naJv00ezZ5uKuRBB0-MMjt04zdTk1bqUgrNmDtsFgmC0LvEZlHwLHY5L2TSU0Y3f2kT0Rccc7a2HkHWDBarW3tD_dzDcd7ZpZqrZcL9YSvDZIAgvcFMkOKMSZPK0clehu__ODwJFjPHvPwakulvsQT543Ex4KWj1zPRxkKonI3a6dflZL0xJBY4SWhq3VNiA-lLVgGQpzNXDzH_boSvX-aW8g5ApdhX0VwXcqo5pCNMW2M-RG1ZISBKV2BSwoqCMW4CoDje_k2OwTQlK3GDflmepneK0wfIO9tA7J3ksOcxgXxKfHUb1OwqXKvsVABFeL3oMVBCrGYnr0_pkEKzBmiVUKyayT47KWquiio9Hb_m0pKgctqN6ID8khvDPWxfq7bPdwFIY1IIpnbuGo5734onGVhxoAX7lRLfuEADJvchc8ZfCcDgSwpwclqLlS2sfjZSZNASpioTJj8XYhaaVCk5RRog8kwsstYw-LrYdTT_a7lajjE-bYkXzZrx7jnr7rK8ZcxJ_PKGSCFdCikILpwmhUQ4aqDYkLTcEHa8xp_74mMNs72k_SJLhGPTt2Pdb5jB5BrVvmF4UpQvgn5FRBDbvThLawQuvqUG84g05u9uGhPLmS0IyDQp42DmA3pRL41cIMSlnHu988aWx97zCevP6-M97xqxNF8o_-O3OMlBbg-mXH9p_tMlXqAY8cwv6C01sL4HR-jUNMT9ZLsvg7Xdyy_b9RnVilvkv0INF_YdjJT8dKppmFFKSBYAjVeVVJVCZh-j0nuwElxocQz-N9WGEZ2n4myVN0aIgIgHkwIGwKqtqybfalayK0aeFkDb-nX7FJPFmOqBkTDD4CpkNKSa5LqC5FMfpyFkK2fc0LVE_UTjAJ8kyKheIjCAke2G7V6fm0PUpbR2fNUTova8O3m7OFkxH1YPFwEQGTPwniLRSek-C9xHLdaC1g5lNjXAJxQv-vqaefGmfErTuEIoFof4pzv5WMpCBMq5-socfCl6XiYLv23mf4YIRresKoVXzHuDsOnZ7qbb0M_ko5vTDdZnUX0qR2ypwa-J4P6TTpWy8ajbSbth9GgSUEzHS4vGQRZv6OPBwGg_HiIApBXhSEvBQww-5iEenOxQv-qSl4-51rlj7QjeGmtN0OSBed4bAdSrk_rXhqLHxnzdziUFuualzYrWnXrS9zeoFzE8xbE_16lAWiQHWiq8tWhghOM2JXVswfIYEn1wH17TcGWYWm-H9GKQIMKRN45GeWNbu9blPFLQDnZ008j89z5djlNvRuK-HreeySLI-nJhkwE9VYHENCF-rWlQgx8p7YRw2NLfa3Nswecx-GK377t8DTMyGBnahOVVHdKr4z9zpyCRLWXD5eJWDNtrzDwIcaiNhJOEkd7r7kXBYlNkvOkyw0yF5nFgn_5Z2H83GV371H_9GVvaqMNgvjagH0W_gHMlqyvpS8SAk2L4fj42ZIXiNZ604_Qo0n2ehngyyjaQooLPdmzDN_DG31rHVTjdRALrYC56NxR_WJ9mi18nHTKHBbwec83MWeXb0w1mBmzb43DeoaY_Daa56_YeceecLtB0G0cFgvREQtbNbK8y7b2rvFE3Iqh59R4MFNIn3NZvCQK0GVLGwTTPwfwyJHzMN-Hu0QimNjlOjQtti5AzajyIta1fhPtoh0&cid=CAASFeRo3HH0nboNVuqFFxn891IHU7jHYw&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df7338b37ab8af758cb40db50f048b8c1c0702a303aac52a816e028a29065a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29478
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A7A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BdUfJX2QCIoN61MIVbovZq3tl4hjenjK1LC-C0OiTB2WF75Gt4CLTV79hxZl4yXseNtnwNAmfIIj2NorNy6CVIWTIIdboH0PA0knKEY4zVYPNR7qM
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 9A7A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:13:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A7A 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 9A7A 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:02:13 GMT
l
www.google.com/ads/measurement/ Frame 9A7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1MlReD3H5oiY0VNsO9D55TyiBRGAJrxq1Yhd--FczriRjt65IF_9PW4PqvILEEBrilo0Uyas9ZtZQGb89LNAGfLfoAA
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
696520.jpg
haberbank.xyz/d/news/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696520.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
57672c96213af7ed313c3957d9a3291ee60c421001541fcfa1ebf377c54441aa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=9edd70e1aeaefed9-22ddf189a5c80084:T=1629278421:S=ALNI_MZezynH-ZzD9VPmVkih8Xcfq4WpgQ
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
ETag
"611c8c80-2454e"
Last-Modified
Wed, 18 Aug 2021 04:28:48 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
148814
696516.jpg
haberbank.xyz/d/news/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696516.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
aab58027e5c3de4897eb904f5d6fc00d20b00c7be07236c09e67232d99b8f269

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=9edd70e1aeaefed9-22ddf189a5c80084:T=1629278421:S=ALNI_MZezynH-ZzD9VPmVkih8Xcfq4WpgQ
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
ETag
"611c88f3-e8bd"
Last-Modified
Wed, 18 Aug 2021 04:13:39 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
59581
696511.jpg
haberbank.xyz/d/news/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696511.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
6f2fb73794b723566bb1511e78dffa9a6d1c5f51259c17f666d5231cdaa8308f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=9edd70e1aeaefed9-22ddf189a5c80084:T=1629278421:S=ALNI_MZezynH-ZzD9VPmVkih8Xcfq4WpgQ
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
ETag
"611c87f4-1241e"
Last-Modified
Wed, 18 Aug 2021 04:09:24 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74782
696510.jpg
haberbank.xyz/d/news/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696510.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
ec048c64900fcbdade1e9bffcbcc513ef0c30832fb20a4c563c70e08cae9bab8

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Cookie
__gads=ID=9edd70e1aeaefed9-22ddf189a5c80084:T=1629278421:S=ALNI_MZezynH-ZzD9VPmVkih8Xcfq4WpgQ
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
ETag
"611c87f3-12962"
Last-Modified
Wed, 18 Aug 2021 04:09:23 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76130
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F10416144%2F003N_NR_NR00_Spar_Mahlzeit_210x287_L03_St__rer.gif&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=170&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A463%3A463%3A0%3A655&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=103&cd=0&ah=103&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1043178505&cs=0
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:24 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 348E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 19D5 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKThqgEQ0r7gARjOqrqxATAB&v=APEucNWhLZjqhhO4FKLuA7t-ZBepMx2Z2ySLZdc8fQoXG8if8ogPfQ4KwAo6MynzYrWnn-qKqwfQCRDxTM4f6hl8CPSwxx7uun-No3v6N-iaiFQ8iL1xSD8U9bcwGNdDEN_u5nMpEA9YnOt2lqddNdJVpatylqKKyzXjT_5Dn2_vdEL-5vC1-1Y
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CKThqgEQ0r7gARjOqrqxATAB&v=APEucNWhLZjqhhO4FKLuA7t-ZBepMx2Z2ySLZdc8fQoXG8if8ogPfQ4KwAo6MynzYrWnn-qKqwfQCRDxTM4f6hl8CPSwxx7uun-No3v6N-iaiFQ8iL1xSD8U9bcwGNdDEN_u5nMpEA9YnOt2lqddNdJVpatylqKKyzXjT_5Dn2_vdEL-5vC1-1Y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmcAykve2ZoIm-FwG6zc54uHZpDdlJkeO6yz2pUwP8UnAO9Xe3RKgWDL6Ujh54; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 18 Aug 2021 09:20:24 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 09C8 		70 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4iHGNTkzdOvwnh_5_wL96tpIxGR3eSnK1Uwpd-DCbDIOmR6Pzxm4JmknB7V00lJkvUu3_IKMrmyyhlQ8ba6IgK3sG698NncMyPtnKiY2_g-5T4aTe6HyYyoCsrSWU05PaDQ4yyor-X13QfslLLk73AHAFNw&dbm_d=AKAmf-D5oGnw1HYUDrFdeau_Xm4tb68Gr7YFrJe-HlS1p9KeODNuymH56JeIR1XuIAOUGvatTWCw_wo875yY8E7GjhJ7fm_KqQcr3mdDJRi55ijGBaIoN6fBLKdzIBXg7xNmYGxjnp8JM_UinZu90ApfhBzY0ldB_nL8dQcXyAdmeHeKnXg5R9_gZdxW2oJp5lgYzf-ynpSgyBHekwz0U2iU69bsLM49pBHL4Ah74T-oUGDg1GEWweUFnuwoO7SJuahn9GdfOB8e0y5neuwPMhhOWTQCreEKoWG61yoe8Luoy1jfJLQoUke2rqIgCsbrVVlbE6Ja3ZtX0DDQxVqLGL59BghNvNzpXBv4fXinUPqDVvoDwz89E8HdZSb5D8A7POCB1yhn0P25D3wZAw2twGW6JuF-tba6BUCAD01AvIMMpMoCieyAikbb1nJJAzyH9uZSXbdSoUf8hBOpNJy_QnIXMpxfsZmsOkCJ-ifyDlY1C9UTs1KeWdWiRvskZKnIfM_Md0k8Pg-xtB0r39Fo3cq8pmYNIOwykiszgTISi0b7WI0tqRyYFuCNtTVIdcvLEwvAEX25e89yiokBI97Ukdaja3N4Csy8H-secNklFDQ1vK736ds87wUPy8sUDe1AuK3X5oPVvEgsEFlAv3KwEaP6tr05v8qmdjmGlq97FUC5HN92Krw9WQBlnJcxIurMq-_g5K4Jn6-gIHa-6OL6qOOrNntU8t_FfeW3Lj1pwuDAySJP7s4HkFCdLaVES36rV3WaO0V_PuATPVJqvY8fr4Qyi_K1xDzq1-j_BPuuCszCwp-d7zq4T6W2MxQPEoRKnrICpxj76bK8f2P4CGYNz3PyKxoA6kne_4pgqNUzK5ZOqYqYNlVFWarZVuZCE1atboNYsCY37dYUPPOeShCxq6CwtecUi6yqe38pvGJPJylumPY08hhebsvgzSKqEh2Ns9iWN3EvzRYbFo_yglsuUO-j53iH9rDdysI8E3JcqpthlGylRGBTA23uujw6tWuY0dIWuic2fxNQ7cHH6XsPBWBESsd5srF8OemFVyLka3ZXWhcp_1CtSRetEgGkwSaO60L7hNjtg8_k9m7ds5x56r4TGrIjbaxLdCNasaU9WqCNmWxulYO_Wn0RSc96WTDwqF5ur-LGve5DTQWr7rbbzbjXd6HmZklYnHzZat3EjUwlBOMdO7ekyQeiU8mecgNFjN0tEOEyk0NA-GvUV-IciQwvS3Bekn9rrNeMmKJgdYSMiJ_jl4Yo-Q4Hi7vi81LlzQ23KvTYWOGbpwDVCAfJHW-5zb3_CeEhOv-TC6YL627co6mUkPtlQZifKspWxL59XSeGpYM3qha4E5I3UosPLyfgJb1yk4HK3WRdvfJTUz0s2gFXwzr1kkyGBu8a2SyO847gf2S6AahyLP4gjwzD0gnaXFOqi-M-ocHB0mzdMDaXqinKiOx5IrBV_cR3zt-uNCLNCjVz3zCgPhlAa6T_EMgWNmukmOElChoZqTabEmBn1j0rSHjnOaXNRepVR3qh7cyDKfWQq8LpkuJF1uYq6TFV9sdmccvCD5yqeaTYOOsycKsKKquIQUJq6Ol183EAvMmZldvUxi7DjjDB-wkSDWvV3t5tf2_IbDWOGlsZ8VDOVnvw_vb2uAugBKqTM1HTHcQUh0S0EfWM2t0wQvv9-7vmR4zEEOemQl_-f7QjnVGdGJWjQU5bH1waLrkJOf7NjMnPX8ug6gF6xAy9f0G1MA0USASrSq4pp4Drk6n6dOjD2cViNKwiXGFia9WiAzb4mkq2wO27vK1YXaOtzLInYwypFokLzvuquJoPq4QnFJ67KnIaV_K0M062nTbvED_Goayo6Fl5U1eOyS36Wn6zeqFbvaNZTwJV0FYdNac8DeGzKWVVVPW8L4MuvcAX0Mazz7Cvj97jMO150lPpHYKU2_SgGTTAkGY2bTYDjhnAtDaWKEZT0cqq0r6oxQUWiDj7AEybvrCZEtiAOCDJ_jZZwYNJWRyLxA7Tbc7B8BMLBKLi5uVPydHM0iQy4yDEEkItSxT8rC3RW7E6uQmUC-OmP17Ef5OxChOam3T5APSsR9H8k6S-bqocJAWrTvcy0AyiwsIFaGM6U1qmMsYPUpWRjLJg2sopdY1q7DNTItX173IbOCbTE80-hc_InqJvOXq0xuhXyszehlDafyuZzw_sYkSkWMw01rfoO9OpUGXS27QKT_FMktSuqf12v9n-gGJWrHZC-p63ApX2uHdrmCZN1iAAzEobFDNxuIkYrYu74J1f5zv-_93zIbpFvPU6lRmG2tnQfah1ajj0k3bNQNl9Hx7y71FDWrIdSU_oDs-uOdr5OLMjeq4Y1cq44UUObiSqvhCXuQkKDFY9lNuZvim8vNhdx9hHDo4X9HsP-UdgTseAYPwSjVRIc0Lz20s9pQKQgghgA6UZ81kJSb7xk2wCkdwYybQbjksOCOtfP6dqaY1TtHS4xGqHjfyPk6CjHsw3B_kwdTz-KcGIxPl7Pd6S5lYhYE4I8oGLRX-d1_6mXxvWPJ0oD48YqdCEw4TcytgwRXpACqRJejVmicJRy3P7Vh3RWO7kVelJQr4nBlmw7mJme9HfjgyHGz7GNxGOW3pQiB3S9IShi4-og9-7GT9kufqTaT2P1sc2Ldz3E_VjtNwa7fkXBvGwdsCxlIpzlr7sJunngvqFklHfkS17_ia7JQ_BXl7LnnXgdFtZbg-AGYFERpiKJ9qS2cxvbPBXx6nv419T8hJE6O2ozWGCcoJiE5t4wKM3OTC68SiSG-hM-9AQko7br_f0db0Dc7U1e8K_qznCHF1qtiY7Ef4DEKIojGEBfbXienb9BZNU7t_rjtzZBdwTWAU_-qmvKTWxcOKd_UQS7k7zfJRWRU9TS2DHwIpg0YFd2sfHxUdfsOTvg8cyK4ypafDGOS0x9D6E-kfoJC-2xLS7qgcfIVRLgASPYr9MnS0cvQ1Sz-LOXeFNQHzEzTPFoCKrYJBVseDcCKENAAIDw6h3QQGN3_EVDgRyFLZXFtl5V9X-bWH_zhsUl_WjiLlJ3pjNbSpGmYl6_wJiEF29-LVOQ2ue9mCatEHEj8B_WBGEi5JiQT2xtzPI6o4Zxcm1GSB1U6ncAXrn-nT1wqQ5STJWXGYGXdKduSixxkHNILZmBoV09ECByu9P3596jVeA78YeqRE9ur3rc6J8sbTot5j5bKkbEgcuVBYbiUDU0dtVlZOF7w&cid=CAASFeRoRA5HvvQ4gVUqa5SmL8bvjGNRSQ&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a5f1a84e4e393c1574bd97a0f386bc09a040b43b2c38dc81a2b130dce78e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28587
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 09C8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/window_focus_fy2019.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:13:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 09C8 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629113426487594"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38194
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/ Frame 09C8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210812/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1091
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:02:13 GMT
l
www.google.com/ads/measurement/ Frame 09C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMtWRjx3nh986dm5so-tVSC2xAp9FfxB7R6a9wyfrvxOB9sxMP5tK1aaI5fKX5lYDHlpMbjdeB1zKrcVzGT9oLOL3KPA
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 09C8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1tz0NshSLW0u40-3tYmrWCRNl-rVU-1bGVC7M3aedVvtMDf1WNYgTFMpTokD83OwgP8qV6Qo2oVK5SFRDC2RaozuxZm6M2aj86vSAlDUNEhM9fIo
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D90E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPvfl6D5mbwHWtvf8-M60S7-yL5GnwpXvw7RnPAJztd0e1rNJ-ayD0_y8zKfgsj769D4Op38z_so9JSvYLdKodXGNIUOMv_0iKY4fr444CJOhR&sai=AMfl-YS6DPPyyK6BUhAQgsCHgqcfmsq5SBO3RnfMnBgJaoY8ffKacHHfszfrJ5s-biqQ5w8kMVsKtOMjduP6ImirZPda3hmroWGbVi5Y9UzM4kDNEe4intSctVHCoDQBGK8&sig=Cg0ArKJSzIEGyI6NP06AEAE&cid=CAASFeRoZNM2e2zl7XCJNowEwLRBmTzBXA&id=lidar2&mcvt=1043&p=951,990,1205,1290&asp=951,990,1205,1290&mtos=0,1043,1043,1043,1043&tos=0,1043,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2857365685&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278422340&dlt=62&rpt=648&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 9A7A 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 19:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 19:02:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame 9A7A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPnOaOitBmOXLxcVzJMNIVI5I_Et3oB3lhMD-xbs-0iaHskWFAz88C-qiW7Gt4sYAIC04hMyn7TpD9j6sftVXp44JZlfr_8DQe8nhidCOKOV3RY5OqyY2kTPEIFXsRUQYI9TSpwNd07-ZZbbQfEnxrR_nsdg&dbm_d=AKAmf-AmU8FgD_nR_0Org8KLY8TinkBK8qUYP5-kpfm1Tl5k3YSRjAKa5mv3Ic_JMhbLbmL1a4STxV8gvMt-Wj6TjntukWyd2Nys6IXz0YUGRfjCT5x3KXUGqHRmt80EquIvGt9y4j-Hl4Bp7wIQVgrzSktIsHuauH6gIv-WZQ3qprB2WRf_9NLyDwF4ybyu75Bs17fA3U7Kvb1MrS5PFgY15UbLb_cxvZnEjBD7b4rnCgkfddFcGqEJgC9N2sz6tr1jCrywmeBedSOww33HU-Zm8hj7FiYi34SVX4l_eUt8CJGQcu7ibpQdACiHeGjJnoLuBytARC739VG3NcBPZtgBHzzHlOfsPSy7pk8HvNBtnyyd33VOf3qLi9G9E_bNfQ24GOW7D0fvZ5r_QOR8679VDaz4gAfTwaJ_636E0LvaYfvgeFimkWbZGUDtrbB7A_Uuys9lxkv33RKZIWMpRLedG4_10UjaG9IIhx7rOWvhjhtsqAGZEysrlsTfmwbkwUJRz3Zb4vbAs6VfM27CM55uTy1nMxKd8M73VgXWaXdoKdo4kemWAWMNmlr9Wwr1ArgCixcPPOPcP4q8DIW4Nmf9xNy7LJtRVkk1xGf4RYtGAbFMJTh235OqqIoOrG_jGeHWJvlud7ZaYIJZpWBn63InHH5p6B1oOfrLDEcOSHLp0DzwEY-ltkeSnqQiE1wi1ZTTgWtorfASnTnr_bQ0JE4hvoh_phJJ8EMx-tIevWTqcjG-CvCAHPYSWZ7SrALcPQsVtof8K3Zg77xSPcDH6rUz2x92xJ_IEvazQodBce3jq6SsPMUfcD5dR3JeYCCTBd7M4BnboKCrXaMwLu7MRR8I_Eis4yJ-pHUquP0CKR9VKeHaJjJLqsp4Cb1Qsn7LzJ3HHyWJDxlEYACxtQ3HP7qLkq8BkewmW-jfdR1-ggrG929UjG6PMWZHEM9QxIPfQ1GV1X4iu3SrurhLMJya5KAmX2g5ebjW7codGTXMgwNZMV_NviqiunGlHugT-2wN1FHnrvFl4ZeIQY46bLrXoK1-qFer7ZTk4Bqmouh8wfnoX3oU1yOMBXotX1y7ZRCg9slYdhHGW-UMa6T5Vw6eM4HwPItyXghTYDd6EzJVPHD9-TWG2tEBkL8kCVLdJlhUKwq6zIo1AhWVNZiLFzH9cyIJTxYc7B6qd09wY34-YJnQIxa7YM3LOsWEKJVAsx8dK8igOR2D7WZ_UUyxKGxvorbv-GNCzgg83BphNN8oZTxo2VIvGx1xZSsVO2kBdZptvmV7qbagh1fk5P90mfBNQav7vGKA2y8zFZP31oqSZuFr0bEX-e3_7Tel9lrKUaXoqRBTO4BgVWxEWdZBXHwV1FqVX4E3hDKWV4UUE6BkxOXHmvQwgjnA-Tptm25qlwJpd1hQlMOuxBzTwvRsKkIPsAj4xmHKnVu3rNLdsRL9PbevFqD03_KiP65tnN-ltOT8-XNlPS54uxIUxkQ1KngEUfY9KdIRP31UsiL8lUlmlCqhJ8eGqb3jGj-CKI3mjSNFYiYVY2knGm-FFjD0ZSpa4s6YFU32whYle8ZNoXLUYppWHYAUmovjgUC8UlY95mWwmzCLeJ5naJv00ezZ5uKuRBB0-MMjt04zdTk1bqUgrNmDtsFgmC0LvEZlHwLHY5L2TSU0Y3f2kT0Rccc7a2HkHWDBarW3tD_dzDcd7ZpZqrZcL9YSvDZIAgvcFMkOKMSZPK0clehu__ODwJFjPHvPwakulvsQT543Ex4KWj1zPRxkKonI3a6dflZL0xJBY4SWhq3VNiA-lLVgGQpzNXDzH_boSvX-aW8g5ApdhX0VwXcqo5pCNMW2M-RG1ZISBKV2BSwoqCMW4CoDje_k2OwTQlK3GDflmepneK0wfIO9tA7J3ksOcxgXxKfHUb1OwqXKvsVABFeL3oMVBCrGYnr0_pkEKzBmiVUKyayT47KWquiio9Hb_m0pKgctqN6ID8khvDPWxfq7bPdwFIY1IIpnbuGo5734onGVhxoAX7lRLfuEADJvchc8ZfCcDgSwpwclqLlS2sfjZSZNASpioTJj8XYhaaVCk5RRog8kwsstYw-LrYdTT_a7lajjE-bYkXzZrx7jnr7rK8ZcxJ_PKGSCFdCikILpwmhUQ4aqDYkLTcEHa8xp_74mMNs72k_SJLhGPTt2Pdb5jB5BrVvmF4UpQvgn5FRBDbvThLawQuvqUG84g05u9uGhPLmS0IyDQp42DmA3pRL41cIMSlnHu988aWx97zCevP6-M97xqxNF8o_-O3OMlBbg-mXH9p_tMlXqAY8cwv6C01sL4HR-jUNMT9ZLsvg7Xdyy_b9RnVilvkv0INF_YdjJT8dKppmFFKSBYAjVeVVJVCZh-j0nuwElxocQz-N9WGEZ2n4myVN0aIgIgHkwIGwKqtqybfalayK0aeFkDb-nX7FJPFmOqBkTDD4CpkNKSa5LqC5FMfpyFkK2fc0LVE_UTjAJ8kyKheIjCAke2G7V6fm0PUpbR2fNUTova8O3m7OFkxH1YPFwEQGTPwniLRSek-C9xHLdaC1g5lNjXAJxQv-vqaefGmfErTuEIoFof4pzv5WMpCBMq5-socfCl6XiYLv23mf4YIRresKoVXzHuDsOnZ7qbb0M_ko5vTDdZnUX0qR2ypwa-J4P6TTpWy8ajbSbth9GgSUEzHS4vGQRZv6OPBwGg_HiIApBXhSEvBQww-5iEenOxQv-qSl4-51rlj7QjeGmtN0OSBed4bAdSrk_rXhqLHxnzdziUFuualzYrWnXrS9zeoFzE8xbE_16lAWiQHWiq8tWhghOM2JXVswfIYEn1wH17TcGWYWm-H9GKQIMKRN45GeWNbu9blPFLQDnZ008j89z5djlNvRuK-HreeySLI-nJhkwE9VYHENCF-rWlQgx8p7YRw2NLfa3Nswecx-GK377t8DTMyGBnahOVVHdKr4z9zpyCRLWXD5eJWDNtrzDwIcaiNhJOEkd7r7kXBYlNkvOkyw0yF5nFgn_5Z2H83GV371H_9GVvaqMNgvjagH0W_gHMlqyvpS8SAk2L4fj42ZIXiNZ604_Qo0n2ehngyyjaQooLPdmzDN_DG31rHVTjdRALrYC56NxR_WJ9mi18nHTKHBbwec83MWeXb0w1mBmzb43DeoaY_Daa56_YeceecLtB0G0cFgvREQtbNbK8y7b2rvFE3Iqh59R4MFNIn3NZvCQK0GVLGwTTPwfwyJHzMN-Hu0QimNjlOjQtti5AzajyIta1fhPtoh0&cid=CAASFeRo3HH0nboNVuqFFxn891IHU7jHYw&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 9A7A 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPnOaOitBmOXLxcVzJMNIVI5I_Et3oB3lhMD-xbs-0iaHskWFAz88C-qiW7Gt4sYAIC04hMyn7TpD9j6sftVXp44JZlfr_8DQe8nhidCOKOV3RY5OqyY2kTPEIFXsRUQYI9TSpwNd07-ZZbbQfEnxrR_nsdg&dbm_d=AKAmf-AmU8FgD_nR_0Org8KLY8TinkBK8qUYP5-kpfm1Tl5k3YSRjAKa5mv3Ic_JMhbLbmL1a4STxV8gvMt-Wj6TjntukWyd2Nys6IXz0YUGRfjCT5x3KXUGqHRmt80EquIvGt9y4j-Hl4Bp7wIQVgrzSktIsHuauH6gIv-WZQ3qprB2WRf_9NLyDwF4ybyu75Bs17fA3U7Kvb1MrS5PFgY15UbLb_cxvZnEjBD7b4rnCgkfddFcGqEJgC9N2sz6tr1jCrywmeBedSOww33HU-Zm8hj7FiYi34SVX4l_eUt8CJGQcu7ibpQdACiHeGjJnoLuBytARC739VG3NcBPZtgBHzzHlOfsPSy7pk8HvNBtnyyd33VOf3qLi9G9E_bNfQ24GOW7D0fvZ5r_QOR8679VDaz4gAfTwaJ_636E0LvaYfvgeFimkWbZGUDtrbB7A_Uuys9lxkv33RKZIWMpRLedG4_10UjaG9IIhx7rOWvhjhtsqAGZEysrlsTfmwbkwUJRz3Zb4vbAs6VfM27CM55uTy1nMxKd8M73VgXWaXdoKdo4kemWAWMNmlr9Wwr1ArgCixcPPOPcP4q8DIW4Nmf9xNy7LJtRVkk1xGf4RYtGAbFMJTh235OqqIoOrG_jGeHWJvlud7ZaYIJZpWBn63InHH5p6B1oOfrLDEcOSHLp0DzwEY-ltkeSnqQiE1wi1ZTTgWtorfASnTnr_bQ0JE4hvoh_phJJ8EMx-tIevWTqcjG-CvCAHPYSWZ7SrALcPQsVtof8K3Zg77xSPcDH6rUz2x92xJ_IEvazQodBce3jq6SsPMUfcD5dR3JeYCCTBd7M4BnboKCrXaMwLu7MRR8I_Eis4yJ-pHUquP0CKR9VKeHaJjJLqsp4Cb1Qsn7LzJ3HHyWJDxlEYACxtQ3HP7qLkq8BkewmW-jfdR1-ggrG929UjG6PMWZHEM9QxIPfQ1GV1X4iu3SrurhLMJya5KAmX2g5ebjW7codGTXMgwNZMV_NviqiunGlHugT-2wN1FHnrvFl4ZeIQY46bLrXoK1-qFer7ZTk4Bqmouh8wfnoX3oU1yOMBXotX1y7ZRCg9slYdhHGW-UMa6T5Vw6eM4HwPItyXghTYDd6EzJVPHD9-TWG2tEBkL8kCVLdJlhUKwq6zIo1AhWVNZiLFzH9cyIJTxYc7B6qd09wY34-YJnQIxa7YM3LOsWEKJVAsx8dK8igOR2D7WZ_UUyxKGxvorbv-GNCzgg83BphNN8oZTxo2VIvGx1xZSsVO2kBdZptvmV7qbagh1fk5P90mfBNQav7vGKA2y8zFZP31oqSZuFr0bEX-e3_7Tel9lrKUaXoqRBTO4BgVWxEWdZBXHwV1FqVX4E3hDKWV4UUE6BkxOXHmvQwgjnA-Tptm25qlwJpd1hQlMOuxBzTwvRsKkIPsAj4xmHKnVu3rNLdsRL9PbevFqD03_KiP65tnN-ltOT8-XNlPS54uxIUxkQ1KngEUfY9KdIRP31UsiL8lUlmlCqhJ8eGqb3jGj-CKI3mjSNFYiYVY2knGm-FFjD0ZSpa4s6YFU32whYle8ZNoXLUYppWHYAUmovjgUC8UlY95mWwmzCLeJ5naJv00ezZ5uKuRBB0-MMjt04zdTk1bqUgrNmDtsFgmC0LvEZlHwLHY5L2TSU0Y3f2kT0Rccc7a2HkHWDBarW3tD_dzDcd7ZpZqrZcL9YSvDZIAgvcFMkOKMSZPK0clehu__ODwJFjPHvPwakulvsQT543Ex4KWj1zPRxkKonI3a6dflZL0xJBY4SWhq3VNiA-lLVgGQpzNXDzH_boSvX-aW8g5ApdhX0VwXcqo5pCNMW2M-RG1ZISBKV2BSwoqCMW4CoDje_k2OwTQlK3GDflmepneK0wfIO9tA7J3ksOcxgXxKfHUb1OwqXKvsVABFeL3oMVBCrGYnr0_pkEKzBmiVUKyayT47KWquiio9Hb_m0pKgctqN6ID8khvDPWxfq7bPdwFIY1IIpnbuGo5734onGVhxoAX7lRLfuEADJvchc8ZfCcDgSwpwclqLlS2sfjZSZNASpioTJj8XYhaaVCk5RRog8kwsstYw-LrYdTT_a7lajjE-bYkXzZrx7jnr7rK8ZcxJ_PKGSCFdCikILpwmhUQ4aqDYkLTcEHa8xp_74mMNs72k_SJLhGPTt2Pdb5jB5BrVvmF4UpQvgn5FRBDbvThLawQuvqUG84g05u9uGhPLmS0IyDQp42DmA3pRL41cIMSlnHu988aWx97zCevP6-M97xqxNF8o_-O3OMlBbg-mXH9p_tMlXqAY8cwv6C01sL4HR-jUNMT9ZLsvg7Xdyy_b9RnVilvkv0INF_YdjJT8dKppmFFKSBYAjVeVVJVCZh-j0nuwElxocQz-N9WGEZ2n4myVN0aIgIgHkwIGwKqtqybfalayK0aeFkDb-nX7FJPFmOqBkTDD4CpkNKSa5LqC5FMfpyFkK2fc0LVE_UTjAJ8kyKheIjCAke2G7V6fm0PUpbR2fNUTova8O3m7OFkxH1YPFwEQGTPwniLRSek-C9xHLdaC1g5lNjXAJxQv-vqaefGmfErTuEIoFof4pzv5WMpCBMq5-socfCl6XiYLv23mf4YIRresKoVXzHuDsOnZ7qbb0M_ko5vTDdZnUX0qR2ypwa-J4P6TTpWy8ajbSbth9GgSUEzHS4vGQRZv6OPBwGg_HiIApBXhSEvBQww-5iEenOxQv-qSl4-51rlj7QjeGmtN0OSBed4bAdSrk_rXhqLHxnzdziUFuualzYrWnXrS9zeoFzE8xbE_16lAWiQHWiq8tWhghOM2JXVswfIYEn1wH17TcGWYWm-H9GKQIMKRN45GeWNbu9blPFLQDnZ008j89z5djlNvRuK-HreeySLI-nJhkwE9VYHENCF-rWlQgx8p7YRw2NLfa3Nswecx-GK377t8DTMyGBnahOVVHdKr4z9zpyCRLWXD5eJWDNtrzDwIcaiNhJOEkd7r7kXBYlNkvOkyw0yF5nFgn_5Z2H83GV371H_9GVvaqMNgvjagH0W_gHMlqyvpS8SAk2L4fj42ZIXiNZ604_Qo0n2ehngyyjaQooLPdmzDN_DG31rHVTjdRALrYC56NxR_WJ9mi18nHTKHBbwec83MWeXb0w1mBmzb43DeoaY_Daa56_YeceecLtB0G0cFgvREQtbNbK8y7b2rvFE3Iqh59R4MFNIn3NZvCQK0GVLGwTTPwfwyJHzMN-Hu0QimNjlOjQtti5AzajyIta1fhPtoh0&cid=CAASFeRo3HH0nboNVuqFFxn891IHU7jHYw&rfl=1%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=368&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A0%3A655&aa=0&ad=106&cn=0&gk=106&gl=0&ik=106&ic=106&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=103&cd=103&ah=103&am=103&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=409386032&cs=0
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:24 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 09C8 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 07:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7517
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Aug 2021 07:15:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/ Frame 09C8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4iHGNTkzdOvwnh_5_wL96tpIxGR3eSnK1Uwpd-DCbDIOmR6Pzxm4JmknB7V00lJkvUu3_IKMrmyyhlQ8ba6IgK3sG698NncMyPtnKiY2_g-5T4aTe6HyYyoCsrSWU05PaDQ4yyor-X13QfslLLk73AHAFNw&dbm_d=AKAmf-D5oGnw1HYUDrFdeau_Xm4tb68Gr7YFrJe-HlS1p9KeODNuymH56JeIR1XuIAOUGvatTWCw_wo875yY8E7GjhJ7fm_KqQcr3mdDJRi55ijGBaIoN6fBLKdzIBXg7xNmYGxjnp8JM_UinZu90ApfhBzY0ldB_nL8dQcXyAdmeHeKnXg5R9_gZdxW2oJp5lgYzf-ynpSgyBHekwz0U2iU69bsLM49pBHL4Ah74T-oUGDg1GEWweUFnuwoO7SJuahn9GdfOB8e0y5neuwPMhhOWTQCreEKoWG61yoe8Luoy1jfJLQoUke2rqIgCsbrVVlbE6Ja3ZtX0DDQxVqLGL59BghNvNzpXBv4fXinUPqDVvoDwz89E8HdZSb5D8A7POCB1yhn0P25D3wZAw2twGW6JuF-tba6BUCAD01AvIMMpMoCieyAikbb1nJJAzyH9uZSXbdSoUf8hBOpNJy_QnIXMpxfsZmsOkCJ-ifyDlY1C9UTs1KeWdWiRvskZKnIfM_Md0k8Pg-xtB0r39Fo3cq8pmYNIOwykiszgTISi0b7WI0tqRyYFuCNtTVIdcvLEwvAEX25e89yiokBI97Ukdaja3N4Csy8H-secNklFDQ1vK736ds87wUPy8sUDe1AuK3X5oPVvEgsEFlAv3KwEaP6tr05v8qmdjmGlq97FUC5HN92Krw9WQBlnJcxIurMq-_g5K4Jn6-gIHa-6OL6qOOrNntU8t_FfeW3Lj1pwuDAySJP7s4HkFCdLaVES36rV3WaO0V_PuATPVJqvY8fr4Qyi_K1xDzq1-j_BPuuCszCwp-d7zq4T6W2MxQPEoRKnrICpxj76bK8f2P4CGYNz3PyKxoA6kne_4pgqNUzK5ZOqYqYNlVFWarZVuZCE1atboNYsCY37dYUPPOeShCxq6CwtecUi6yqe38pvGJPJylumPY08hhebsvgzSKqEh2Ns9iWN3EvzRYbFo_yglsuUO-j53iH9rDdysI8E3JcqpthlGylRGBTA23uujw6tWuY0dIWuic2fxNQ7cHH6XsPBWBESsd5srF8OemFVyLka3ZXWhcp_1CtSRetEgGkwSaO60L7hNjtg8_k9m7ds5x56r4TGrIjbaxLdCNasaU9WqCNmWxulYO_Wn0RSc96WTDwqF5ur-LGve5DTQWr7rbbzbjXd6HmZklYnHzZat3EjUwlBOMdO7ekyQeiU8mecgNFjN0tEOEyk0NA-GvUV-IciQwvS3Bekn9rrNeMmKJgdYSMiJ_jl4Yo-Q4Hi7vi81LlzQ23KvTYWOGbpwDVCAfJHW-5zb3_CeEhOv-TC6YL627co6mUkPtlQZifKspWxL59XSeGpYM3qha4E5I3UosPLyfgJb1yk4HK3WRdvfJTUz0s2gFXwzr1kkyGBu8a2SyO847gf2S6AahyLP4gjwzD0gnaXFOqi-M-ocHB0mzdMDaXqinKiOx5IrBV_cR3zt-uNCLNCjVz3zCgPhlAa6T_EMgWNmukmOElChoZqTabEmBn1j0rSHjnOaXNRepVR3qh7cyDKfWQq8LpkuJF1uYq6TFV9sdmccvCD5yqeaTYOOsycKsKKquIQUJq6Ol183EAvMmZldvUxi7DjjDB-wkSDWvV3t5tf2_IbDWOGlsZ8VDOVnvw_vb2uAugBKqTM1HTHcQUh0S0EfWM2t0wQvv9-7vmR4zEEOemQl_-f7QjnVGdGJWjQU5bH1waLrkJOf7NjMnPX8ug6gF6xAy9f0G1MA0USASrSq4pp4Drk6n6dOjD2cViNKwiXGFia9WiAzb4mkq2wO27vK1YXaOtzLInYwypFokLzvuquJoPq4QnFJ67KnIaV_K0M062nTbvED_Goayo6Fl5U1eOyS36Wn6zeqFbvaNZTwJV0FYdNac8DeGzKWVVVPW8L4MuvcAX0Mazz7Cvj97jMO150lPpHYKU2_SgGTTAkGY2bTYDjhnAtDaWKEZT0cqq0r6oxQUWiDj7AEybvrCZEtiAOCDJ_jZZwYNJWRyLxA7Tbc7B8BMLBKLi5uVPydHM0iQy4yDEEkItSxT8rC3RW7E6uQmUC-OmP17Ef5OxChOam3T5APSsR9H8k6S-bqocJAWrTvcy0AyiwsIFaGM6U1qmMsYPUpWRjLJg2sopdY1q7DNTItX173IbOCbTE80-hc_InqJvOXq0xuhXyszehlDafyuZzw_sYkSkWMw01rfoO9OpUGXS27QKT_FMktSuqf12v9n-gGJWrHZC-p63ApX2uHdrmCZN1iAAzEobFDNxuIkYrYu74J1f5zv-_93zIbpFvPU6lRmG2tnQfah1ajj0k3bNQNl9Hx7y71FDWrIdSU_oDs-uOdr5OLMjeq4Y1cq44UUObiSqvhCXuQkKDFY9lNuZvim8vNhdx9hHDo4X9HsP-UdgTseAYPwSjVRIc0Lz20s9pQKQgghgA6UZ81kJSb7xk2wCkdwYybQbjksOCOtfP6dqaY1TtHS4xGqHjfyPk6CjHsw3B_kwdTz-KcGIxPl7Pd6S5lYhYE4I8oGLRX-d1_6mXxvWPJ0oD48YqdCEw4TcytgwRXpACqRJejVmicJRy3P7Vh3RWO7kVelJQr4nBlmw7mJme9HfjgyHGz7GNxGOW3pQiB3S9IShi4-og9-7GT9kufqTaT2P1sc2Ldz3E_VjtNwa7fkXBvGwdsCxlIpzlr7sJunngvqFklHfkS17_ia7JQ_BXl7LnnXgdFtZbg-AGYFERpiKJ9qS2cxvbPBXx6nv419T8hJE6O2ozWGCcoJiE5t4wKM3OTC68SiSG-hM-9AQko7br_f0db0Dc7U1e8K_qznCHF1qtiY7Ef4DEKIojGEBfbXienb9BZNU7t_rjtzZBdwTWAU_-qmvKTWxcOKd_UQS7k7zfJRWRU9TS2DHwIpg0YFd2sfHxUdfsOTvg8cyK4ypafDGOS0x9D6E-kfoJC-2xLS7qgcfIVRLgASPYr9MnS0cvQ1Sz-LOXeFNQHzEzTPFoCKrYJBVseDcCKENAAIDw6h3QQGN3_EVDgRyFLZXFtl5V9X-bWH_zhsUl_WjiLlJ3pjNbSpGmYl6_wJiEF29-LVOQ2ue9mCatEHEj8B_WBGEi5JiQT2xtzPI6o4Zxcm1GSB1U6ncAXrn-nT1wqQ5STJWXGYGXdKduSixxkHNILZmBoV09ECByu9P3596jVeA78YeqRE9ur3rc6J8sbTot5j5bKkbEgcuVBYbiUDU0dtVlZOF7w&cid=CAASFeRoRA5HvvQ4gVUqa5SmL8bvjGNRSQ&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:18:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:18:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/ Frame 09C8 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210812/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4iHGNTkzdOvwnh_5_wL96tpIxGR3eSnK1Uwpd-DCbDIOmR6Pzxm4JmknB7V00lJkvUu3_IKMrmyyhlQ8ba6IgK3sG698NncMyPtnKiY2_g-5T4aTe6HyYyoCsrSWU05PaDQ4yyor-X13QfslLLk73AHAFNw&dbm_d=AKAmf-D5oGnw1HYUDrFdeau_Xm4tb68Gr7YFrJe-HlS1p9KeODNuymH56JeIR1XuIAOUGvatTWCw_wo875yY8E7GjhJ7fm_KqQcr3mdDJRi55ijGBaIoN6fBLKdzIBXg7xNmYGxjnp8JM_UinZu90ApfhBzY0ldB_nL8dQcXyAdmeHeKnXg5R9_gZdxW2oJp5lgYzf-ynpSgyBHekwz0U2iU69bsLM49pBHL4Ah74T-oUGDg1GEWweUFnuwoO7SJuahn9GdfOB8e0y5neuwPMhhOWTQCreEKoWG61yoe8Luoy1jfJLQoUke2rqIgCsbrVVlbE6Ja3ZtX0DDQxVqLGL59BghNvNzpXBv4fXinUPqDVvoDwz89E8HdZSb5D8A7POCB1yhn0P25D3wZAw2twGW6JuF-tba6BUCAD01AvIMMpMoCieyAikbb1nJJAzyH9uZSXbdSoUf8hBOpNJy_QnIXMpxfsZmsOkCJ-ifyDlY1C9UTs1KeWdWiRvskZKnIfM_Md0k8Pg-xtB0r39Fo3cq8pmYNIOwykiszgTISi0b7WI0tqRyYFuCNtTVIdcvLEwvAEX25e89yiokBI97Ukdaja3N4Csy8H-secNklFDQ1vK736ds87wUPy8sUDe1AuK3X5oPVvEgsEFlAv3KwEaP6tr05v8qmdjmGlq97FUC5HN92Krw9WQBlnJcxIurMq-_g5K4Jn6-gIHa-6OL6qOOrNntU8t_FfeW3Lj1pwuDAySJP7s4HkFCdLaVES36rV3WaO0V_PuATPVJqvY8fr4Qyi_K1xDzq1-j_BPuuCszCwp-d7zq4T6W2MxQPEoRKnrICpxj76bK8f2P4CGYNz3PyKxoA6kne_4pgqNUzK5ZOqYqYNlVFWarZVuZCE1atboNYsCY37dYUPPOeShCxq6CwtecUi6yqe38pvGJPJylumPY08hhebsvgzSKqEh2Ns9iWN3EvzRYbFo_yglsuUO-j53iH9rDdysI8E3JcqpthlGylRGBTA23uujw6tWuY0dIWuic2fxNQ7cHH6XsPBWBESsd5srF8OemFVyLka3ZXWhcp_1CtSRetEgGkwSaO60L7hNjtg8_k9m7ds5x56r4TGrIjbaxLdCNasaU9WqCNmWxulYO_Wn0RSc96WTDwqF5ur-LGve5DTQWr7rbbzbjXd6HmZklYnHzZat3EjUwlBOMdO7ekyQeiU8mecgNFjN0tEOEyk0NA-GvUV-IciQwvS3Bekn9rrNeMmKJgdYSMiJ_jl4Yo-Q4Hi7vi81LlzQ23KvTYWOGbpwDVCAfJHW-5zb3_CeEhOv-TC6YL627co6mUkPtlQZifKspWxL59XSeGpYM3qha4E5I3UosPLyfgJb1yk4HK3WRdvfJTUz0s2gFXwzr1kkyGBu8a2SyO847gf2S6AahyLP4gjwzD0gnaXFOqi-M-ocHB0mzdMDaXqinKiOx5IrBV_cR3zt-uNCLNCjVz3zCgPhlAa6T_EMgWNmukmOElChoZqTabEmBn1j0rSHjnOaXNRepVR3qh7cyDKfWQq8LpkuJF1uYq6TFV9sdmccvCD5yqeaTYOOsycKsKKquIQUJq6Ol183EAvMmZldvUxi7DjjDB-wkSDWvV3t5tf2_IbDWOGlsZ8VDOVnvw_vb2uAugBKqTM1HTHcQUh0S0EfWM2t0wQvv9-7vmR4zEEOemQl_-f7QjnVGdGJWjQU5bH1waLrkJOf7NjMnPX8ug6gF6xAy9f0G1MA0USASrSq4pp4Drk6n6dOjD2cViNKwiXGFia9WiAzb4mkq2wO27vK1YXaOtzLInYwypFokLzvuquJoPq4QnFJ67KnIaV_K0M062nTbvED_Goayo6Fl5U1eOyS36Wn6zeqFbvaNZTwJV0FYdNac8DeGzKWVVVPW8L4MuvcAX0Mazz7Cvj97jMO150lPpHYKU2_SgGTTAkGY2bTYDjhnAtDaWKEZT0cqq0r6oxQUWiDj7AEybvrCZEtiAOCDJ_jZZwYNJWRyLxA7Tbc7B8BMLBKLi5uVPydHM0iQy4yDEEkItSxT8rC3RW7E6uQmUC-OmP17Ef5OxChOam3T5APSsR9H8k6S-bqocJAWrTvcy0AyiwsIFaGM6U1qmMsYPUpWRjLJg2sopdY1q7DNTItX173IbOCbTE80-hc_InqJvOXq0xuhXyszehlDafyuZzw_sYkSkWMw01rfoO9OpUGXS27QKT_FMktSuqf12v9n-gGJWrHZC-p63ApX2uHdrmCZN1iAAzEobFDNxuIkYrYu74J1f5zv-_93zIbpFvPU6lRmG2tnQfah1ajj0k3bNQNl9Hx7y71FDWrIdSU_oDs-uOdr5OLMjeq4Y1cq44UUObiSqvhCXuQkKDFY9lNuZvim8vNhdx9hHDo4X9HsP-UdgTseAYPwSjVRIc0Lz20s9pQKQgghgA6UZ81kJSb7xk2wCkdwYybQbjksOCOtfP6dqaY1TtHS4xGqHjfyPk6CjHsw3B_kwdTz-KcGIxPl7Pd6S5lYhYE4I8oGLRX-d1_6mXxvWPJ0oD48YqdCEw4TcytgwRXpACqRJejVmicJRy3P7Vh3RWO7kVelJQr4nBlmw7mJme9HfjgyHGz7GNxGOW3pQiB3S9IShi4-og9-7GT9kufqTaT2P1sc2Ldz3E_VjtNwa7fkXBvGwdsCxlIpzlr7sJunngvqFklHfkS17_ia7JQ_BXl7LnnXgdFtZbg-AGYFERpiKJ9qS2cxvbPBXx6nv419T8hJE6O2ozWGCcoJiE5t4wKM3OTC68SiSG-hM-9AQko7br_f0db0Dc7U1e8K_qznCHF1qtiY7Ef4DEKIojGEBfbXienb9BZNU7t_rjtzZBdwTWAU_-qmvKTWxcOKd_UQS7k7zfJRWRU9TS2DHwIpg0YFd2sfHxUdfsOTvg8cyK4ypafDGOS0x9D6E-kfoJC-2xLS7qgcfIVRLgASPYr9MnS0cvQ1Sz-LOXeFNQHzEzTPFoCKrYJBVseDcCKENAAIDw6h3QQGN3_EVDgRyFLZXFtl5V9X-bWH_zhsUl_WjiLlJ3pjNbSpGmYl6_wJiEF29-LVOQ2ue9mCatEHEj8B_WBGEi5JiQT2xtzPI6o4Zxcm1GSB1U6ncAXrn-nT1wqQ5STJWXGYGXdKduSixxkHNILZmBoV09ECByu9P3596jVeA78YeqRE9ur3rc6J8sbTot5j5bKkbEgcuVBYbiUDU0dtVlZOF7w&cid=CAASFeRoRA5HvvQ4gVUqa5SmL8bvjGNRSQ&rfl=2%2Chttps%253A%252F%252Fhaberbank.xyz%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9341
x-xss-protection
0
server
cafe
etag
177112232901409761
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Sep 2021 09:20:10 GMT
11271109409310462013
s0.2mdn.net/simgad/ Frame E23B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11271109409310462013
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb52a2a80c353f2977114bdb5bf6f51801dd27b378bc56d6de084581119825a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 21:44:49 GMT
x-content-type-options
nosniff
age
128135
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4807
x-xss-protection
0
last-modified
Mon, 21 Sep 2020 14:08:11 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Aug 2022 21:44:49 GMT
12921437726533230930
s0.2mdn.net/simgad/ Frame E23B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12921437726533230930
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a41f2194fc98aa0034891c0746222966129a19c8d3db5301bacb161c84c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 05:17:18 GMT
x-content-type-options
nosniff
age
100986
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32264
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 08:40:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 05:17:18 GMT
pixel
cm.g.doubleclick.net/ Frame D4A5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JUTdJTlpwRTJ1R0trbWtUcHg3VHlRQW1YTVlkemhnY35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JUTdJTlpwRTJ1R0trbWtUcHg3VHlRQW1YTVlkemhnY35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 18 Aug 2021 09:20:24 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1JUTdJTlpwRTJ1R0trbWtUcHg3VHlRQW1YTVlkemhnY35B
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame D4A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm=&google_dbm=&google_tc=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHhYrQsGgBkJE1b6nMllLgo&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHhYrQsGgBkJE1b6nMllLgo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEHhYrQsGgBkJE1b6nMllLgo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame D4A5 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIP6jwEQk_jWkwIY9vihsgEwAQ&v=APEucNXP7Oly0GYB3qvpGNKYCZHqMykdJc3aySFCEekXgVKAU4izdlH5r6PboHsfz1nB5MMHj2CuFi9sXk48HaA8a3Ei-7JoZJEWJOLYNo0FpC9Ai6Pg9E9FsoPV-GO9Snrd_yBWnNMTRrPO8Rq8z_WS_FVhdnKMauhgvH3e7431q6UqchI7wtg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
transfer-encoding
chunked
content-type
image/gif
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		181 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57576f007bb1348ba0d3c9a1272ea80af374388ace82d4b8efabe9f6abc7060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
41280
date
Wed, 18 Aug 2021 09:20:24 GMT
expires
Thu, 19 Aug 2021 09:20:24 GMT
cache-control
public, max-age=86400
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9A7A 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAwqdsZFwXruOXBmW9G3ZCFLWgYZ7g2_miliZ8VcynBgRM_X3x1cBzq84GFJXpNpd0jbMzmjFbh8Tua71jq_Fuyye10_Xn4HgpkzzqaYT3nq4dRpmWsMcCGjenHm4BAaAFw7Y5bjEVXeETZx4YnxYi36jkKayRG9kzSWAXzn93wqTX-HnrmSeW_cjBtNY19NXvlwB2Y_w45Pngzf0Ec-E12mSFkxJemcJN5_vnY81f2lFzerb73DXh3ava7sQPyRaFbzOzUzFE3mJdx9wwG7SrLkOTmQdkFjNdp_sIx6tPTUQwSmf9vVxPabsNmv-Lu4OOabvL_zSdBWi2dUqBsReMSAzQEnRYvwie5EGFcphFSYjk4h8o8CJwRtrOJaf5rRTMH6PdGHLXLnSh9KBZG9FqphUsURKpzq62vdzUrD7Q5lDGBi_qnmOTYaymqYegPAKwPTYq6HixGBR_fYuXzZJxI73AaLkI5gyKYTQUIEE6O0w2r8bxc7amk1m1KCQHDuCWDEYr0jZ_BdRJ6qMLYXzEfOJckZAgLvMYYW2iV21iQquqgOeaJ_3rTJlvKJRxadlbUiaMgky73gHNivqmY0fK9wMI6ttGXhsiPzDsXqmlODUo84SUZ1QmZmg7ybXx02kB5kkq6QFj4oLXWU-XvCiNxshY1F0JCWF0awhHEEbi92NcjocO8RSrxicnoMt7AVdUe4PtHBfroiI3svWrgK7dV3vwiyg5QdY54k30dxUUuUYJ3PdXAusM7qkICsTe8eDbB8Mmj93ydGHrJFuF7e8QunxQ-Z7sxahEofnMtNbv_xA6Uhs02THgR2gMrkvw5FzVNmTx9QYA9bn5CEGweWbqNjz5UP4EfyRXw02UQJ9TNgXGmoQhPQbXRIZg8BaTGv3H3tbztyeeBXGrx199xv1SIspaxTuyi1Nods9sGaxW1Nfn5T2gLQL2_OFvD_GJRzQPK5p702VQJSmnA1E0gFyCMm7ooBJOyGEZwXeak__jEwH_7qaJRf5-pyfg4Fqm4Oe9m5xCVJarl6pRjnlRly3c5Y6IGCbHVQGjsJB7EML5YvQZCvOPtONcEN0tSC-6kSOXsuNV9jnKAc2jb6PvjPFkmhvNQSxfQvwNXDNlxtQnGlzl3PzsQjHIZ2GMIpvhlp_fosN3SVGCOTGH0OtPURuc8imnEzCa87KpRI1KVPPuQVIP5z6_QohAxDjdlUQ1D0v7dYujguO-YzWZXw&sai=AMfl-YSEl4hgPIouoruUB5VeCWH9FrGJWVsJ8rjYxscVya4i7vl3TVZyJlVba-0BUVa7Mi-AQfftVm5SQJ38c_WQ7KlKqaDtZqmXM4Z_EVkmMaZfyqWqjUQPG179P2585ifF6TY82eNG_-aMJQ2843y2VwoQgzK8isg94Re29IE&sig=Cg0ArKJSzLqon2w0v1kEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=285&cisv=r20210812.92337&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame F855 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
12921437726533230930
s0.2mdn.net/simgad/ Frame E23B 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12921437726533230930
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415a41f2194fc98aa0034891c0746222966129a19c8d3db5301bacb161c84c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15597941406939742208/index.html?e=69&leftOffset=0&topOffset=0&c=vGAmGCZIFR&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 05:17:18 GMT
x-content-type-options
nosniff
age
100986
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32264
x-xss-protection
0
last-modified
Mon, 20 Apr 2020 08:40:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 05:17:18 GMT
truncated
/ Frame E23B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9A7A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame 9A7A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83d5140d6fe0931381827f9a78bf9d119557e608e2d91c028d00ba653988859c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 09C8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 13 Aug 2021 17:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
403953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Aug 2022 17:07:51 GMT
truncated
/ Frame 09C8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27985c7a5e5506f8cd73e973f8588ef7a5921703dd3508a848b0a786c90bea78

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/9720347/1627984548260/DACH_728x90/ Frame CA9F 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d178416fd1412a2a15a1b9e6663348aaf7296dd4490c273edbc00f7cf9b4ae00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9720347/1627984548260/DACH_728x90/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2704
date
Wed, 18 Aug 2021 04:32:09 GMT
expires
Thu, 19 Aug 2021 04:32:09 GMT
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
17295
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 09C8 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRdGkNw09KbOuz1hnkF3RiF1DsMnLKDsAX3wObd1FsOLjgJTSO7WWIGXJV3GLZAtqLUPhaz2E265LUTVTdNHpXs9X_Kq6Jo7jmDagJ9Z59wKRezhPYNfvCkP8bG4q4bcPs0tG9AYS7JnyhsIi8FQNkeUM_H8c9o46gcqaI6owSc6hV9BBxmaZ4-L_AZ_6MsZ9LwM_CP4ttAERcYg3KUTVY2-MRq161oZcT5hIEkiWyM1HymUyBbEV0PbzeHZDWoth_CmN5_J1R9-BhW5E_AtsFrOPYudOjHaHrzZqB0KeqTKxe_TuZ8-FaT3TPO_A46LT8dukH2l0pqggtRcwqvS4vPWKYudyK-Xf8qiggDW6ODwPwKbXo_igYmwvHOi_BQJXWubdPkBO05YoMieTI9BEeaFbAsTadnhXCT7Ph_kDeJLM9m-lPmatInY33jBzBe1TpnSiL6OQ4zoMr5MNHdm3UlpoNizpff0ChwKg5LDJ1b5OkGmLGI_Un-o4m4epQElDyXvrwe4fvLYtU70MG4uONpUCJ1-Ln2OZ7oGy-iu66B-HGK3-cotzgGCQoZXKvsaaAx1Qj3UCKrSj2aV0dcgyNxkxsHIoQgqzYVp78WBTvqeWCXwsu81wR9EHF9-Oo234OG7zRpAgQHMdVz1Ahpe14W0gGSWC3CTOFwwFpkdzIDRy326-B8ebwxpzn_ssFNg6TH9Z7ODvkW4xSY5G6Nd0JHKqYhm6o8lGf-ZDSmMocryYZ74Il87c_W_-ObA8-2mOB8lkdqev_RUPCxxe3gbn-NdpP_AGY_xr1BBxXwX4W-sGotDrn3_tk7to6MNK4zbpbwF0A-tJmCVjA77m5XbvI28xNePFwb19ugfUvRwyKLQLof4ls2xj44DHVOKYq2KZWfF8ayyopyT-oPnxTinJAoqE_uHIPxvwAVKfOp_7nTSSWlplkms_f-vl6j5q32R7qgXKFKU7W1dQknAtZyyOzRDW2H3lywQkmRB72VpUHcT-EbC7PiX4oXIbTyjRar7eJT6G3QIBE5B-eHFSiU4xrN7Bv3ftkEJc44-FyYWAODU8Acj3BHAllCev8Pl8pt8gY3Nt-hXJn64uOSpTWtLsQ-6oal-aFmPW7jHkPRUebDvusYzJTPc5jwIGKXuTe8NlT1tMPv7UUIQhKvvl4qdKDiidPpc1McnreikrUy-th&sai=AMfl-YTiws6badjxkDCVTuvfjeoE4yLQ-ppB6cTPvBe-SkDlmqpq5tCBd-FRsOgkzwNx_4Xupzz2Ow7Hnj0xoIWny3hHVLN_XiX7-6tb9BXjFGxQCTlj5jH9P9Dlnp5kpWlzCya88clvvaB5V-O8dJJHGxIkyVWrtqxJy0wSVms&sig=Cg0ArKJSzPfOYJFzBDWhEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=363&cbvp=1&cstd=362&cisv=r20210812.94401&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 18 Aug 2021 09:20:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E12A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1fuw1dAcYfX0MZubgAf276GgCwAAAAA4AeAEAg&bg=!ZGelZyPNAAZvV8FTb1c7ACkAdvg8Wl9AVW0Op_fwiajj1xZNM-_50iMmM16rHqA4t9rlCwa0P32vsgIAAAcpUgAAAPhoAQeZAsA93_L46PHmmw7ZQVDHAwrrR4B7_6r6lKqyxoTnIoE33xXIUFKyMT6lpFe8AeZpg67Qa8hvNZuCZ9euc1ZPsGUJOVL03abQ7dfrMtv3uKzhfOUBgTetsiho-f4LfnuBRiOAcoNwIjxevyeLn5ZA0EwJYP4021Ku6MUTzm3I7fVnb_Eaq74LVrykAEpna2XyWlgqPIgnbjRLlWStDtwCL7HsWJGork1jYFjxeorlcAGmgNxaQ7oVjOrs-lwBT9cUOmBo5qh-833cpT1HY2WfC0gcvQBYxIACFdEGfEKpVBqL_1Sv6UbTVWm5bMxlaEu9JLS7zj1rXi0qrUB3zJDyLhJnLYgeUaHgtFYuCYxwBU_HNObQ91PrpnPMHbo0gaT_oj6uwVbnbD7J_DB0EsQ6Vwh2lYbXa5VLFlK20u5WzrEv07rB5hUYznXMQM_caTyy0XV97-8gaGdE8SGznG9W_LFnGmFIL3k9-RKf2vVaLpYws8rywHy42TunzcE6d4bhcTgHupZkCisCtuSpJTOeohyl4owOo7jlIAVu8E6_NlXtp7GEu5mucPwt1e5sJG_vRPo3YmhnvfI4nLEAWREaNFaTpvDFT2V3h_JOtRBIxoK_gM1VoTvDCNWQkCGXvppUSojTTv0xHtGwNj-2Xg5YMrGwdZq3ngd-e6BuUB5s0zugBv_v4GCyLcfutCS-johhBRmNYce8daRzRcUdCJTZLEuCTM0BtcMBQPxAmOZX1ICOA1Bui7BU-u6cr_7XJi-ALzydQsCvwpsScR02vYX-3mZ-bXwd3aPpj7By-sw_Xn1dtBXJE_TCx-QCoUBCxzaUVPZrE-TK51mdWQ5DvnYkt5wmuofM4qZ61foDT4bOEa-gSHU61hfdQQGKH-SZNZQbb8hDcPh261brduHN-txBKlI29lsc-0r-LgHDKs2K1JU3mA
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B79C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9426 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Mon, 16 Aug 2021 00:46:47 GMT
expires
Tue, 16 Aug 2022 00:46:47 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
203617
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_246.js
s0.2mdn.net/879366/ Frame D062 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 08:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Aug 2021 08:08:33 GMT
style.css
s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/ Frame CA9F 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5289964e5ea2940df302ad317f20a2d155cb69a867532fe620800040add85764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1501
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 18 Aug 2021 20:59:30 GMT
responsive.css
s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/ Frame CA9F 		34 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/responsive.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a58f53367b65adcb05fa621ff4adeb23ca935fd39ec9d4442da1d33ae40c422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4346
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 18 Aug 2021 20:59:30 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CA9F 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 09:20:24 GMT
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/ Frame CA9F 		113 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.4/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
621681
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33534
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c274"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm3H7LrGZve17rRZ2gD3END8surzAwgpTP39dVgSCEAhutJ6sZcKtIT2y%2BnCuL0rw0d%2B6ZJmT9qhyKqiIS2igcqP3Des73BgUHc5rsvLbGwk7V5MWhhXvcPIexVvR8TLv0SnJaJqSVihH%2FtK1COe6cAr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
680a10eb5fb81f1d-FRA
expires
Mon, 08 Aug 2022 09:20:24 GMT
w.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/images/ Frame CA9F 		252 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/images/w.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e52847ae47895fd395b79451e96326f987ea177294f19275501938281d622b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 05:59:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
12054
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
expires
Thu, 19 Aug 2021 05:59:30 GMT
hoxton.js
s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/ Frame CA9F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ddfdaa0f9c8d82250fda4d65e49d9fe51f5d2139ac064a621936fa5645a1a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1770
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 18 Aug 2021 20:59:31 GMT
logic.js
s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/ Frame CA9F 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf1d0bd6bf199a2ca60f0534d0461fb5af8eb7ad7dc847c24e2613efb9e1c656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2753
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 18 Aug 2021 20:59:31 GMT
null
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:35:25 GMT
aldisuedot-regular-webfont.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/aldisuedot-regular-webfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad8ccaaca55aeda443dca19bdfab82fa1c30fdae8c1b3e90eb19f59a45483ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:10:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
age
76206
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21292
x-xss-protection
0
expires
Wed, 18 Aug 2021 12:10:18 GMT
aldisuedot-bold-webfont.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/aldisuedot-bold-webfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
108921308d9b81fe3d5b104629ab48237dc98e5c896e080646e43e8035fa3b15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:10:18 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
age
76206
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20816
x-xss-protection
0
expires
Wed, 18 Aug 2021 12:10:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5CF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaTJBdt1zR7vs1oYMCKonZ27OkqKHkbo4vwQQU6H9wyf-bMHoAWmtWwdOkpU_iI8caTFGt3AaZW9Ee8zIyuVmj5KMKJrWnaHswB5cLGSokOnxF_AbAb_g1669UXw&sai=AMfl-YQNd9Y7ATys3mAIGDphxF10o5ITdpvQRcSVuoNKlkbEFhStWJlEgTjlQbKTUMsvbZCnsPb9t_qmPkfEKC7lVISj4mOkoMs3g22tdS6VbjHG6YUlIbTGn4sBIemWvVHh&sig=Cg0ArKJSzFqUO6GsLVIEEAE&cid=CAASFeRoh9H0jo4oe9tlaus5h022LhdMtg&id=lidar2&mcvt=1019&p=321,562,375,882&asp=321,562,375,882&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&app=0&itpl=20&adk=1731393643&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278422819&dlt=109&rpt=1062&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=1426&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=1165&cn=106&gn=1&gk=1165&gl=106&ik=1165&ic=1165&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1136&cd=103&ah=1136&am=103&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=466391249&cs=0
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:25 GMT
696509.jpg
haberbank.xyz/d/news/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696509.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
4778efd4ef85ab7780d350619b75d909c19ddff772cea93eb2e93afcfa02206c

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:25 GMT
ETag
"611c87f3-114f6"
Last-Modified
Wed, 18 Aug 2021 04:09:23 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70902
696503.jpg
haberbank.xyz/d/news/ 		378 KB
378 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696503.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
5528a664d2011a2384e5b4a850dd6fd5fa756db1cbc55608b138939832f0ea65

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:25 GMT
ETag
"611c86bf-5e7bd"
Last-Modified
Wed, 18 Aug 2021 04:04:15 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
387005
696502.jpg
haberbank.xyz/d/news/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696502.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
5f82b29fa607019a063ed00f5d4d7531a1821c02746258780f818524f0687f21

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:25 GMT
ETag
"611c86be-28d9f"
Last-Modified
Wed, 18 Aug 2021 04:04:14 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
167327
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame B79C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
696455.jpg
haberbank.xyz/d/news/ 		104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696455.jpg
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
9a13c1939f9b2d7ce1c19bdb767df4a069385c5beb508d268a0084dea426a6fc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:25 GMT
ETag
"611c0b87-19e9c"
Last-Modified
Tue, 17 Aug 2021 19:18:31 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106140
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 9426 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
noimage-MRItNlCs5o.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		68 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/noimage-MRItNlCs5o.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:31:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
78540
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Wed, 18 Aug 2021 11:31:25 GMT
champions-league-ANYQDRS3Kg.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/champions-league-ANYQDRS3Kg.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8084ca6447bee664144afd84a1bc98b367a80b3d34a2564f8f5f29816bb6f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5140
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
bundesliga-SueYM8Lwpc.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/bundesliga-SueYM8Lwpc.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c66e4586a2e1957bd169f0c6b5db377654765c9c92bfa41e1d2acf8f4dc55b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42576
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
daznlogo-w99GO5cVkw.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/daznlogo-w99GO5cVkw.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772336dc0a44b17c4b694dfc0b1cead21d2324869a820cef43211f4ca1e68e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3093
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
chevron-white-NLBFv94F8n.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/chevron-white-NLBFv94F8n.png
Requested by
Host: c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
URL: https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ef075baea077778bc26a06c58d53394019ac97f057a1f6f3a2796cafd876012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3214
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 09C8 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstRdGkNw09KbOuz1hnkF3RiF1DsMnLKDsAX3wObd1FsOLjgJTSO7WWIGXJV3GLZAtqLUPhaz2E265LUTVTdNHpXs9X_Kq6Jo7jmDagJ9Z59wKRezhPYNfvCkP8bG4q4bcPs0tG9AYS7JnyhsIi8FQNkeUM_H8c9o46gcqaI6owSc6hV9BBxmaZ4-L_AZ_6MsZ9LwM_CP4ttAERcYg3KUTVY2-MRq161oZcT5hIEkiWyM1HymUyBbEV0PbzeHZDWoth_CmN5_J1R9-BhW5E_AtsFrOPYudOjHaHrzZqB0KeqTKxe_TuZ8-FaT3TPO_A46LT8dukH2l0pqggtRcwqvS4vPWKYudyK-Xf8qiggDW6ODwPwKbXo_igYmwvHOi_BQJXWubdPkBO05YoMieTI9BEeaFbAsTadnhXCT7Ph_kDeJLM9m-lPmatInY33jBzBe1TpnSiL6OQ4zoMr5MNHdm3UlpoNizpff0ChwKg5LDJ1b5OkGmLGI_Un-o4m4epQElDyXvrwe4fvLYtU70MG4uONpUCJ1-Ln2OZ7oGy-iu66B-HGK3-cotzgGCQoZXKvsaaAx1Qj3UCKrSj2aV0dcgyNxkxsHIoQgqzYVp78WBTvqeWCXwsu81wR9EHF9-Oo234OG7zRpAgQHMdVz1Ahpe14W0gGSWC3CTOFwwFpkdzIDRy326-B8ebwxpzn_ssFNg6TH9Z7ODvkW4xSY5G6Nd0JHKqYhm6o8lGf-ZDSmMocryYZ74Il87c_W_-ObA8-2mOB8lkdqev_RUPCxxe3gbn-NdpP_AGY_xr1BBxXwX4W-sGotDrn3_tk7to6MNK4zbpbwF0A-tJmCVjA77m5XbvI28xNePFwb19ugfUvRwyKLQLof4ls2xj44DHVOKYq2KZWfF8ayyopyT-oPnxTinJAoqE_uHIPxvwAVKfOp_7nTSSWlplkms_f-vl6j5q32R7qgXKFKU7W1dQknAtZyyOzRDW2H3lywQkmRB72VpUHcT-EbC7PiX4oXIbTyjRar7eJT6G3QIBE5B-eHFSiU4xrN7Bv3ftkEJc44-FyYWAODU8Acj3BHAllCev8Pl8pt8gY3Nt-hXJn64uOSpTWtLsQ-6oal-aFmPW7jHkPRUebDvusYzJTPc5jwIGKXuTe8NlT1tMPv7UUIQhKvvl4qdKDiidPpc1McnreikrUy-th&sai=AMfl-YTiws6badjxkDCVTuvfjeoE4yLQ-ppB6cTPvBe-SkDlmqpq5tCBd-FRsOgkzwNx_4Xupzz2Ow7Hnj0xoIWny3hHVLN_XiX7-6tb9BXjFGxQCTlj5jH9P9Dlnp5kpWlzCya88clvvaB5V-O8dJJHGxIkyVWrtqxJy0wSVms&sig=Cg0ArKJSzPfOYJFzBDWhEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=712&vt=11&dtpt=349&dett=3&cstd=362&cisv=r20210812.94401&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame D062 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2841bbb4cf9d5cde10ce73ddc0f0e6330d114d9172988099ab9913dfa42301ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4455
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=1427&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=1165&cn=1165&gn=1&gk=1165&gl=1165&ik=1165&ic=1165&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1136&cd=1136&ah=1136&am=1136&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1052952973&cs=0
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:25 GMT
noimage-MRItNlCs5o.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		68 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/noimage-MRItNlCs5o.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 11:31:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
78540
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Wed, 18 Aug 2021 11:31:25 GMT
champions-league-ANYQDRS3Kg.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/champions-league-ANYQDRS3Kg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8084ca6447bee664144afd84a1bc98b367a80b3d34a2564f8f5f29816bb6f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5140
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
bundesliga-SueYM8Lwpc.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/bundesliga-SueYM8Lwpc.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c66e4586a2e1957bd169f0c6b5db377654765c9c92bfa41e1d2acf8f4dc55b30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42576
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
daznlogo-w99GO5cVkw.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/daznlogo-w99GO5cVkw.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
772336dc0a44b17c4b694dfc0b1cead21d2324869a820cef43211f4ca1e68e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3093
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
chevron-white-NLBFv94F8n.png
s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/ Frame CA9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/assets/chevron-white-NLBFv94F8n.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/hoxton.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ef075baea077778bc26a06c58d53394019ac97f057a1f6f3a2796cafd876012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44448
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3214
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:37 GMT
DAZNTrim-ExtraBold.woff
s0.2mdn.net/9720347/1627984548260/DACH_728x90/fonts/ Frame CA9F 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/fonts/DAZNTrim-ExtraBold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a72021640167bbf7dfb8e74c704058e7af17c6b292a09ceb10ea712d72df850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 20:59:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Aug 2021 09:55:48 GMT
server
sffe
age
44447
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11796
x-xss-protection
0
expires
Wed, 18 Aug 2021 20:59:38 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=1429&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=1165&cn=1165&gn=1&gk=1165&gl=1165&ik=1165&ic=1165&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1136&cd=1136&ah=1136&am=1136&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=2044355727&cs=0
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX3KA1tAcYbnhEpPW-gaYiKZ4AAAAADgB4AQC&bg=!HB-lH1vNAAZvV8FTb1c7ACkAdvg8WnNRXdxxA707vbm3hO_rYU5in5VIs9wkIdnETzG7rtMKFfOokgIAAAOKUgAAAFpoAQeZAsVqyfIBeKoJ6qYP2gCMVP9bfHIKiD6wUT0Mckb-HrMurMn5qcAcNzeKmicT6FeLel6cqN46xJbo9EolOgRlYQ_hsWcSFmtej4YD607tKtGP3YanVukOGp2CwMmRndr5M12qYeabRYc94JACKcF1oZzjOS8IlU9MO0YqEimWXgTDOnZG4KpqSv4hWgS1Km7apbbNcXe-D4YpDvFbodUBbICSGoeSx0eA3y42Fb-d8ZIahnzx5XIVqzOMljFnjrh1QmwgV8eOxxgD1L98vAs4xh3CMIziV6CRZLupfRqfwySK3V8ECKwdwuiKVeXMVFjzgBjDcjChfGcsBPOTT9v0PvmG8CW1koocT2dw5rY7xFkDOMqWGxl5gIVSXBe93txxny5GYXwE4P98oNfLqtKl1fQBPmleoA4YHg-EA48sc76gBB6s_hLuQWeVGRywCfpLsKjWzzPCNrn8mKcWASJpbe5FIruLG6uXzmmN8y5ZD1k-m0Q4Br7rndZXGSMPViAN42vQLZXKvHNuFxM7fZCmtfzO0HtTWQtO1ctZyjTV9IH0q1pYAv2zd2hfoa-ZOesQwzUCfl6FV6eAoWM3lgtEL73RYW5p0YlJtJyOHqAoF0MVRZITBckYhgWOtiHYXQJP-3x0OepBLekokqT4s5WiVi6OJEDMZwKNsxGAM-4db7e784ztukLzZDWn7fc3DjWEpdE6ncSZya2YNUzRpHHEC3T2uHIUJQY1C_oZJxajvks-rCcq9beikbbAbO9VsLfyn2geEjv_JkeqnFiMwAdtRKCg632PcpZOsrP6Oa62orolX-2o5M8l9jkDvedbBB7u8JIHj_VkHdAqhBLVkvH4o19scAR3mui0xYsLdeC5imqSW34sF7umoV17h7vTFK15gHSW7A0wRbPtkrxrIzpLjxAcdVq1D7alM89nnu2tiQvBXqIlJBQS
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 348E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYTaE1tAcYfnWIqGW7_UPjJuguAYAAAAAOAHgBAI&bg=!19Sl1JDNAAZvV8FTb1c7ACkAdvg8WgeKCaWlPlcAz5-ZWW1uaYc3zt4ljsF9GBISnOfhgNlLHjMwLwIAAAMlUgAAAGVoAQcKAHfhtEgeH3SX8_is7OHzS3n3DsfhR6QVA9aTIsyGjUTN-TqMEX4CLY7iX-J00CAZjMaRkolMVnMaN9ldsu1TeyR1X1HZTwrxxobP6-8AFhyFW6wVGY3lEj4ryNhmNg745Eaq5k48Dhl6eGXuvps5jt8Lw-n0-DrSy5kCvJrjGoThNmfmdngr3x3Dp1wJb0QRXME4bmY5gdD2B-nLLa0j5nYVUZD6Fwj1kvxQGb6b4s2boB4I9DW7h2cGWyoXiHd6cOAr00LBqKWSZAhJC8qdypFSkRzXJLvMDbmQhiyH_4tFGIjqgAik0EdOBq34C4kPSUKoHA7KG0DGo1WcBRe-ZshhEKYFE2v1355bB51r_rvPNSUD_aYepvu4m563MikHsQmwFEMPojb_Ifn2_AmyZiIXG63M4EHhe30_KRvviQCJmaeBSRH8zulx7G00rnGn-O07ZD1OYDF-bXWRC_XVSlO2XDeAoPnSGXu6ilvZIubXS0emKzcGZqcFHfQSyJLxgNLxGBHB1AVlw6wSeBfpSKBAIm_Whb1vWNIpR_-gSNdj-ZGYPr4Y2VXCZ_95AJKG6Cm_Tf-GNAToggLzX06PtfxpiRI4BLDsrfmWa6-Cr5aUpzYKeXzJjrSU3dX0WywIklVXc6zEpczGsLFji77OJobiShI1Ek_rSjCZjFAleeJxtZ5nBWyS-6cobXceWrKRnbhW1AluCZSRTi6SofLK5TIA0NM7dBcdTW57TBivjQFRNyrWqi0WkkDQx1F_G8o_1z41t1F_uaKd2wegbbpArfQWpbSadFJ0jB8UsMYsbhAlLuD3R98pXtkFFrPrbVctPkgMs30q4bd86VNyoc4p78-BtwtkDa4TdyCaiggul-a_Qdv6LCAFAoAdglKAa8gYof4NP5wZc5JXHfBClRvE9kNjjlwpZXqksta1ECTAgMTlawvQWSC3LqIoCp9ad6eMgw2Ij3PdwD1zvYfldFprmr2YNBTgBsAkq7jCtpU4n9QVqPuXsofJUADnwOc2KV8Y9rZZzbEyc4EgmA0kDKbvnRBESS-fAu_MsDJHEE49n15y4OkEA4QUDMg1oT17-EFrhRZMPHvwEDQ
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F855 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKcpf1tAcYaDMM_qM7_UP4O6uyAkAAAAAOAHgBAI&bg=!iomlic3NAAZvV8FTb1c7ACkAdvg8Wom1O1UAd8BbiJjsKel_pABazklbSxeRcYRVWfpwsJFCBb4OSgIAAAJZUgAAAEtoAQcKAA_dANwcATm0crdwLE48BfqZAwdmQ4_ONHpw7i6m0aeUc42z2QallMgoCS7WsQYpHQrEegcRZVwUkWRHRJEIlDUOrlQJbtveGVgNqqSRjhDisYaY5Xht2m6i9FqaNFJISD2ssnRqplEsC5YOMcqUS8NTEGR6MMM9h5XkfRFlKVJc4h58W8dZOx_it-ZbDQ56UUEKAYaGGWNsgZQEc8zwf5s4YidtMrHpux9GGHeTRD-HgSMO8qhcGr8k0XLeQeQWEjEH6km81C7z_D8HblLsAmKV9J8Yj3fpnUPmhSX8txM3KJ_41XhBLqVhg2hnuWER2qZtVG8LLOqSWGqHiJvi7YqQtMViwJu6hNTeeyHdg0D4VDyK6Obum2qn_AiApytE7AHsnfzyLrcA7ao2r5OIvuK_EP0bHYeuFj2xrLrG2vgD693u0N2Bsiz6vlxeSCYxFj3IDWpVI0onYJd56Z8Fc8yDZQUB-1J6ZLlOsODNXUqmBY00nExi0pm9u0esShb8A5X_JsYI-Il04luw6yC693A1AEUdi8ssWrc3Hy-1xcuvahUINhg7jAzCwtCPeDMVP6RjIXgpy_LgBSOPCO7Q8wVnrW1O-OXyjKSUV-9vvYX6PoMKSPoizlrOAS660RUWi4XByqnEYYSN0oBw0r60Jo0PIcLRKa5VrjoYUrxDva_iDsDhapEPj66__U6Cz3RllxZZ3HDc8Iqst5088d5ZZFd24lUPzpnxmxf5IB_OFaAP-fuGXp6aULvzZBVAYvVGwCAxsDKeL133lhp9dgiKTmLu_WxUcsij8zdpI66INysnHFlVPsMjRl-POoNzRVdTYcmLroYH_eY2LtPOb2iaunROij194P4HkiztCVmhOzLlmfN_olgFV-xVpfMsjRDHTq7wqDgT7uYdDnbtJwxipVYXDaUWQb6HrOQP4vxA9BZjb1Z7-i5PDUarQF2NcmYvGVkMBPfFnBLUHqQiSMaWe0Ah-y01KaA2SZMxPcRqLr5c1wWLFnbySPqZvI2fIj-fdAk7r_ZH-C-i3OfPyZhkQUlclK5jfX6B5v0O
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D062 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9A7A 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAwqdsZFwXruOXBmW9G3ZCFLWgYZ7g2_miliZ8VcynBgRM_X3x1cBzq84GFJXpNpd0jbMzmjFbh8Tua71jq_Fuyye10_Xn4HgpkzzqaYT3nq4dRpmWsMcCGjenHm4BAaAFw7Y5bjEVXeETZx4YnxYi36jkKayRG9kzSWAXzn93wqTX-HnrmSeW_cjBtNY19NXvlwB2Y_w45Pngzf0Ec-E12mSFkxJemcJN5_vnY81f2lFzerb73DXh3ava7sQPyRaFbzOzUzFE3mJdx9wwG7SrLkOTmQdkFjNdp_sIx6tPTUQwSmf9vVxPabsNmv-Lu4OOabvL_zSdBWi2dUqBsReMSAzQEnRYvwie5EGFcphFSYjk4h8o8CJwRtrOJaf5rRTMH6PdGHLXLnSh9KBZG9FqphUsURKpzq62vdzUrD7Q5lDGBi_qnmOTYaymqYegPAKwPTYq6HixGBR_fYuXzZJxI73AaLkI5gyKYTQUIEE6O0w2r8bxc7amk1m1KCQHDuCWDEYr0jZ_BdRJ6qMLYXzEfOJckZAgLvMYYW2iV21iQquqgOeaJ_3rTJlvKJRxadlbUiaMgky73gHNivqmY0fK9wMI6ttGXhsiPzDsXqmlODUo84SUZ1QmZmg7ybXx02kB5kkq6QFj4oLXWU-XvCiNxshY1F0JCWF0awhHEEbi92NcjocO8RSrxicnoMt7AVdUe4PtHBfroiI3svWrgK7dV3vwiyg5QdY54k30dxUUuUYJ3PdXAusM7qkICsTe8eDbB8Mmj93ydGHrJFuF7e8QunxQ-Z7sxahEofnMtNbv_xA6Uhs02THgR2gMrkvw5FzVNmTx9QYA9bn5CEGweWbqNjz5UP4EfyRXw02UQJ9TNgXGmoQhPQbXRIZg8BaTGv3H3tbztyeeBXGrx199xv1SIspaxTuyi1Nods9sGaxW1Nfn5T2gLQL2_OFvD_GJRzQPK5p702VQJSmnA1E0gFyCMm7ooBJOyGEZwXeak__jEwH_7qaJRf5-pyfg4Fqm4Oe9m5xCVJarl6pRjnlRly3c5Y6IGCbHVQGjsJB7EML5YvQZCvOPtONcEN0tSC-6kSOXsuNV9jnKAc2jb6PvjPFkmhvNQSxfQvwNXDNlxtQnGlzl3PzsQjHIZ2GMIpvhlp_fosN3SVGCOTGH0OtPURuc8imnEzCa87KpRI1KVPPuQVIP5z6_QohAxDjdlUQ1D0v7dYujguO-YzWZXw&sai=AMfl-YSEl4hgPIouoruUB5VeCWH9FrGJWVsJ8rjYxscVya4i7vl3TVZyJlVba-0BUVa7Mi-AQfftVm5SQJ38c_WQ7KlKqaDtZqmXM4Z_EVkmMaZfyqWqjUQPG179P2585ifF6TY82eNG_-aMJQ2843y2VwoQgzK8isg94Re29IE&sig=Cg0ArKJSzLqon2w0v1kEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1299&vt=11&dtpt=1009&dett=3&cstd=285&cisv=r20210812.92337&adurl=
Requested by
Host: haberbank.xyz
URL: https://haberbank.xyz/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021081201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
063ccb8223a41081d97628ce2bbb87c34590e82d60f164509e0c5d950ccfed01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 18 Aug 2021 09:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8633
x-xss-protection
0
arrAsset_8.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		392 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/arrAsset_8.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d39d4d2020717c577c684ca8b12c847d3c7d6354028321860b5b3b46cc61b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
712751_MODO.jpg_1628852816292_712751_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/712751_MODO.jpg_1628852816292_712751_MODO.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fafaed57a7f0bd790f130cb8be9217ff95495a17209db3699c56ec899b40af3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:04 GMT
server
sffe
age
162661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31382
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:24 GMT
700000_MODO.jpg_1628852816292_700000_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/700000_MODO.jpg_1628852816292_700000_MODO.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c669cc33f4fbf369d4e1cc7590e73a28ec81fba4bf37008e552b3b9240565f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:03 GMT
server
sffe
age
162618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24141
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:10:07 GMT
44635_MODO_NEU.jpg_1628852816292_44635_MODO_NEU.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/44635_MODO_NEU.jpg_1628852816292_44635_MODO_NEU.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c115a87a00da9cc088f17fdc72d8297dd83d162ce715a140dd6ab09c0bacceb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:06:59 GMT
server
sffe
age
162633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31837
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:52 GMT
25996_MODO.jpg_1628852816292_25996_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/25996_MODO.jpg_1628852816292_25996_MODO.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98d9802f1ddbb44b0bd3ba65b6606ad6f1e6a7c0983601f45f4b671f19d71bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:05 GMT
server
sffe
age
162661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23350
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:24 GMT
Aktionen_1.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		37 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/Aktionen_1.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22a5f2ddfb40c4a63f868909f7e225f21f21e5e9d6972a00b7027d01bb6424da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12112
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
V2_HL_d2Asset_1.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/V2_HL_d2Asset_1.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e69652115e32096c8b03be5571b360f2076af2a828eff8cffe2b7ce9fe8a7be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1596
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
superdeal_badge.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		18 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/superdeal_badge.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70ef213c58d661457a299d6522d1f33e15677e18477940a7c2fdbaa684418d20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12427
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
Aktionen_2.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		37 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/Aktionen_2.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22a5f2ddfb40c4a63f868909f7e225f21f21e5e9d6972a00b7027d01bb6424da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12112
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
hofer_flat_logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/hofer_flat_logo.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bffcd421c8b370dcc758fcd576fcc1a4ac156177bb538972cb8aa2aec624e24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1456
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 09:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Wed, 18 Aug 2021 09:20:25 GMT
btn_728x90_hellblau_hoverAsset_4.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/btn_728x90_hellblau_hoverAsset_4.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f6c0264ee3454e63a91b80ede0613d57c2830e598c7373150b78379f5607d30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1395
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
btn_728x90_hellblauAsset_3.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/btn_728x90_hellblauAsset_3.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fda201ad79ad8be89b9955bdbd53872b3a292fd00cf38d859d93e644751941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1389
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 7329 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
truncated
/ Frame D062 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
25996_MODO.jpg_1628852816292_25996_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/25996_MODO.jpg_1628852816292_25996_MODO.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98d9802f1ddbb44b0bd3ba65b6606ad6f1e6a7c0983601f45f4b671f19d71bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:05 GMT
server
sffe
age
162661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23350
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:24 GMT
700000_MODO.jpg_1628852816292_700000_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/700000_MODO.jpg_1628852816292_700000_MODO.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c669cc33f4fbf369d4e1cc7590e73a28ec81fba4bf37008e552b3b9240565f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:10:07 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:03 GMT
server
sffe
age
162618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24141
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:10:07 GMT
712751_MODO.jpg_1628852816292_712751_MODO.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/712751_MODO.jpg_1628852816292_712751_MODO.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fafaed57a7f0bd790f130cb8be9217ff95495a17209db3699c56ec899b40af3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:07:04 GMT
server
sffe
age
162661
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31382
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 09C8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaga01Vv2uiGhmAvitPZli8BCagtZbv6Lj--MvjT7_ubhDXURhB5GzE5YRwSVw2wRWo2JMThpVrMhAHFttnTUh84vjvHkG8HA4pQtG_ulXdlutV4ZiQB3-wbnUZA&sai=AMfl-YRMLvX6LjuTf9iKFzfDtcC21RfYwxOwFAfE8MYW63Oo9YiETl_CfdE15PO0nOWLOEIMyxNYM-MY7uiR9pB9poA8-0ifvKUCsnxBLWn26REgXbzc2X-mN2PDDSdOiprG&sig=Cg0ArKJSzDQ2CVEztGVPEAE&cid=CAASFeRoRA5HvvQ4gVUqa5SmL8bvjGNRSQ&id=lidar2&mcvt=1046&p=503,310,593,1038&asp=503,310,593,1038&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3734033171&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278424110&dlt=620&rpt=542&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9A7A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQHV6A0mASPdCVUVo4vnLPFyetAkHSkjJeeSy6j-NwolIcHYUuyIyq7k04UWjnqS8DbKt8KuBYM5GelqbTPbsDSmfWBKd-0HS6Q8nzpDbj9mJ7nTWBiANhD0D4Sg&sai=AMfl-YSGoKqQC7Kl6BlM2yuooLU4HPW873ZXFA_42XHg1vMGgNFQA0B-MQFkqgXmA4DW8VC0UDNMLE7XYGjtuOGZRfklR4ZPujF8NYyCjF1TdVLFv9XasJp4zD3j-Zv3E8eu&sig=Cg0ArKJSzKhwoviOLFPFEAE&cid=CAASFeRo3HH0nboNVuqFFxn891IHU7jHYw&id=lidar2&mcvt=1048&p=849,310,939,1038&asp=849,310,939,1038&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20210816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895373562&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629278423365&dlt=106&rpt=1250&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hofer_flat_logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/hofer_flat_logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bffcd421c8b370dcc758fcd576fcc1a4ac156177bb538972cb8aa2aec624e24c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1456
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
44635_MODO_NEU.jpg_1628852816292_44635_MODO_NEU.jpg
s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/ Frame D062 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10851197/s7g10.scene7.com/is/image/aldi/44635_MODO_NEU.jpg_1628852816292_44635_MODO_NEU.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c115a87a00da9cc088f17fdc72d8297dd83d162ce715a140dd6ab09c0bacceb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 16 Aug 2021 12:09:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 13 Aug 2021 11:06:59 GMT
server
sffe
age
162633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31837
x-xss-protection
0
expires
Tue, 16 Aug 2022 12:09:52 GMT
btn_728x90_hellblauAsset_3.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/ Frame D062 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/btn_728x90_hellblauAsset_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52fda201ad79ad8be89b9955bdbd53872b3a292fd00cf38d859d93e644751941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1389
x-xss-protection
0
last-modified
Fri, 13 Aug 2021 07:27:39 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Aug 2021 12:12:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7875 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 18 Aug 2021 08:24:04 GMT
expires
Thu, 18 Aug 2022 08:24:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3381
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 47C5 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d55b64829cab362ccb8011f37e5fda859080a163c8a4108f9a6dd7ef944ea02d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-br4i8nXyE1mJxwYuiQPBzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://haberbank.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://haberbank.xyz/

Response headers

expires
Wed, 18 Aug 2021 09:20:25 GMT
date
Wed, 18 Aug 2021 09:20:25 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-br4i8nXyE1mJxwYuiQPBzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 7875 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 08:47:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
88349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 08:47:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B79C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlBib2NAcYbqlA9W17_UPjaCEgAMAAAAAOAHgBAI&bg=!OzilOHzNAAZvV8FTb1c7ACkAdvg8WlEgqwp2v6me2mzuew2oGxRKgGQxTyF-8bzT7hzwhJ00iBqgbAIAAAJCUgAAAB5oAQeZAsJFXWEk-nWuVhfw2IcId1fvbvqryr7UeuGhyhlvJduhO_Oy9Wb0gHE4OvbT42-6_xPAJrK79hFY4IGM5161dxJ5fD0pYuUBdsMIKdf31zmUhyOISqP2ljV6APKWHhr9p02UvyZE_TJI6h7R_tsEXCIPJpenISloQKO3E02PYTgx8jqitlCDOvIYsShzLO89zEA9yLhiR82SR6_NOFJXmUmpW-ZQYqo95s8KUGSoeTr0z0Lz3JiXNjNXhyYsAQOsL16RCpp5prXM92dfkpYZUssbRvs2A3fqt-o4HxgvUop509olkZcb0IsnM4rkDxseas5wm-EIVmicCZxCeMUzjx2_B79-Dbl0ykuG8GM9bfHYJG0whMNAIWtNtIqtvAb3fUnHhsl0ud_jRSlktKRoVto9wES35ouWvuIOtLiPGZLv-TMz-pDtGePGUhaHRuIfTnvrakTXYaJ1WV79BlmeomSEdqLaTMozkfAU6i7lit0T9GF7_-wJUNPXg67HdkZ6yk7hB6wtUpJY44HkQRDWe7ltwZvKq57iBiMJC23xtqoXMiuPmlQEGDpe5uyMCrXhJ9H1bbJSVMXGCElqRHgn0jpnBNUHQ1Ej-WPr1Vgh8Rbxuo_Tg-FsQi-84zIZJy-MoKQF9FdoB_BEf7znoA5NRwL2_3WWqaRdebYxntmIxlpVijvkUixmi_Cn5qmj1tCQGkksfRK9fCvvapI7_yOsmslpwQjMahEzj1G43P1uHc6wZcTLCmAPQtIJvZpHlhiy6s4jjhCMqala3vuQv1hKLKZMAq4eqDBR0sRV6wutgABaNlHC8Hu_dHIxacgxXX2RATOYAXBXU6H3INWT4pcKXhzufhxrgPfIUGtVNrlvHLXjuNW59vpkuL3ud7eTXgN94ZMkMNiL2-DCUx-7jldbZKA7XEXqUt-LXxBSILFKGblKJrZH
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9426 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be8kd2NAcYeGsCLDX7_UP7fOisA4AAAAAOAHgBAI&bg=!LyylLGjNAAZvV8FTb1c7ACkAdvg8WpxrmM7mwXLF6XN-Ht27FpkHmirU37ePCTw2qLyoI2jT5tq0VgIAAAIvUgAAACFoAQeZAw_i4aFHGTT6MBFlf685RAIp0xfzy4gNnyOSDqYumMbzrVpa2CQEmJO9JhtDwSk9egW0d-WqvEjDu9PKrtqqoE4YFDi5YlCf6FxTklWvxGDigCFEqc10McbtLvAadTmKSOdjwfvLYAGiOJFlTckBrPG9EY_vVuP0mlC80Zu8ZKN-PsvJ-ofVA0vVKMrbTPOSx0rSQiJVCRxNWEg1c-vSR1aCD_vDMPQjlcGsuSy1EoxVSCd7MfT_TXf1rSrc1tJhBSuxL34XDdHwKdEuooyXvSmL-vck527eUxF8_IZPztT6qXf38j_q7m_-Cs28iilkEAPimWs36qqd1qVoJstpqiEcKI_cW3kxwQinOTzZIt3zTVa6gKYJVb3fx88w96rnp0cyIdK_JOvGzhVa_J6bcvIoE9nBNZ3wuHGkm8iy_vgFbz0d1mz1GdYc4G5QtnyV8tmrg-pzYRNkpofHTKEhb4idUP3l2nf50uExU1I4jBtrOMvfcSz9ZabyWgUCA26qx0nPc2zw7PctkoNWSR-0lFTpS2qD6VdRXxT9m8nzJQPWLp-QuNsakc3QKR937B6XBekcM9DQjAwjs3l18yhrHTnupZHM1zvWye6RR-GV6g7S0GWmW4TwzYCjEqd864Ai88SVR8U-YRHHp78gI9lCN1_Cdyx03Gl4Db6A0nfawL1qc3ZWlYeKrJ429W_ctgTTEFpgcH4bB6IZnoS0XfiVv97gEI9w4vHCwWktxbSX0OgsOXZJpnwSZHSXlu4loefcmJvn6kLONz5YfCa5zG5_eJuPQUvpOcrqwzwxsqqeJR7k7XGMuyxL-Cm0guY8iWPPj1DtX5I45t3nsoiosWsfhyBn_l6GhyTpzNHwbXcCJ3M25Z7kugnhypamOkoNKd-aCQxPqRofkbuuyal8SZW_e3Jabxbx-c6F47_NtXbSHs9kLAPR8sxbsvuvAlqnzagUe1Ax8B8_CceSd_WXrMGx17mbGSKPM0VyzDR2BHalHUqpLR30SKuoXyCGIz6VTIPcCpr0AQ6Vs7rP-zcLGBOjRGo
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
696454.jpg
haberbank.xyz/d/news/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696454.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
dc9dfcc5f11ea492a4ededf062bb3d47b89aa0a6ece97eda0ba0fb6c26a184fb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:26 GMT
ETag
"611c0b86-21c55"
Last-Modified
Tue, 17 Aug 2021 19:18:30 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
138325
696299.jpg
haberbank.xyz/d/news/ 		325 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696299.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
4cba30d37d87d1308d60faa49e7c90332077c72151bd08b1fc5ce0b20bf3e561

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:26 GMT
ETag
"611b8716-512d3"
Last-Modified
Tue, 17 Aug 2021 09:53:26 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
332499
696276.jpg
haberbank.xyz/d/news/ 		374 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haberbank.xyz/d/news/696276.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.135.222.24 , Turkey, ASN42926 (RADORE, TR),
Reverse DNS
server20.cmsunucu.com
Software
nginx / PleskLin
Resource Hash
dca3b255413edffaf12ebfa9059db2e97555ec4aa81720c85a1d701a70efa573

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
haberbank.xyz
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://haberbank.xyz/
Connection
keep-alive
Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 09:20:26 GMT
ETag
"611b7909-5d8ee"
Last-Modified
Tue, 17 Aug 2021 08:53:29 GMT
Server
nginx
X-Powered-By
PleskLin
Content-Type
image/jpeg
Cache-Control
public, max-age=290304000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
383214
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021081201&jk=2034611275176350&bg=!IyClIGTNAAZvV8FTb1c7ACkAdvg8WsCOfbKzgw3xBm1vARz7YIK-CjFnnadESLQYTh6OIH0xvxlL8wIAAAD8UgAAAEdoAQcKABmYGVduck9m4yXD6VODqgtWLlqqnLFCkBdpmQJqSadGhks4xaYA_g21AzqHuXb3qmcvzhz-Lh7vD8x9fz6hLbcP3eI8fLtElHwadCCTujbIOUQsPr97KruFrGnBAMLhBqmdjA7U_lYWRToH2UBCkY_7jHicDxFBTs-A7SQplg_Bkiw2zEWs-2VFec17b2Za8c_SvRwI34PEpmDFvWIP1kpmN2gF8AvX2R6DzskkHkHlIrEXWVcCanvAf82wXvNxiKYtBh_GtKJh59iEn1RhyY-hBA3CcyPli9YOtx09w2rfO7jzOP_u3iTHNOcaQHfc5xAvdsQ0jUDRax-yEUejqG1FWS49VlavIMNaCHA2Lah9piVyW6lreZh7uhQiFtBsxncK_IIL_lsPCvE5_Tw57kMRHOliG1BjV2aGJUrdKGfUi9vTVKJV0FzhFSJAU5CaTem1NJ8OwfO-II-vbz0x67LVXA1BGbV4p185MCeF7lJv0WNkhrAmhdr5yVh78OXCb9N2nQ17Cr_70RLao0eN3syJDLU1EOahpz0saIbkfTItFzvujayrVzgn4etVRLza5ZXg0IbIVJqelRlhkTyvQL4r9spF2QeUoXxl6pdwl3st3tMUlQ9uhjrsuL0bruhwRH8QabTj3Sd9pIcDathCeL5ayhYslnEsp8AnqQWKRmLnq8snfKXjkhBJSEjTDyJ5k7Lm23Fz6X73VPZoJbmtuv7QsPnH-sT8cz2vRHz_y2qL1jOcOUycWF3--fKUUiVdIEXgQ9wCu5iqQ284VTefPWFcgwzsoSxVOoX88qVdqtImKCyrrA8XdOhAFJzX5_D8d8IFR0cuKxJFlJD0tmxGlCc5McWx04KK
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haberbank.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=5271&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=5007&cn=1165&gn=1&gk=5007&gl=1165&ik=5007&ic=5007&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5014&cd=1136&ah=5014&am=1136&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1741464557&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:28 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=5472&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=5210&cn=5007&gn=1&gk=5210&gl=5007&ik=5210&ic=5210&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5215&cd=5014&ah=5215&am=5014&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1273147696&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:29 GMT
dc_oe=ChMItbPKjJ-68gIVmw3gCh32dwi0EAAYACDOzJhKQhMI1uKyjJ-68gIVEf93Ch1mhgdJ;met=1;&timestamp=1629278432481;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A965 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItbPKjJ-68gIVmw3gCh32dwi0EAAYACDOzJhKQhMI1uKyjJ-68gIVEf93Ch1mhgdJ;met=1;&timestamp=1629278432481;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F10416144%2F003N_NR_NR00_Spar_Mahlzeit_210x287_L03_St__rer.gif&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz%2F&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=10294&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=10033&cn=5210&gn=1&gk=10033&gl=5210&ik=10033&ic=10033&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10039&cd=5215&ah=10039&am=5215&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=759917973&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:33 GMT
dc_oe=ChMIuaTojJ-68gIVE6veCh0YhAkPEAAYACDZsdo-QhMI5bLNjJ-68gIVWPJ3Ch13dQXM;met=1;&timestamp=1629278434086;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame AF83 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuaTojJ-68gIVE6veCh0YhAkPEAAYACDZsdo-QhMI5bLNjJ-68gIVWPJ3Ch13dQXM;met=1;&timestamp=1629278434086;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI4fjXjZ-68gIVsOu7CB3tuQjmEAAYACC_sYtKQhMImcCQjZ-68gIViJ93Ch19gwND;met=1;&timestamp=1629278435067;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 09C8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4fjXjZ-68gIVsOu7CB3tuQjmEAAYACC_sYtKQhMImcCQjZ-68gIViJ93Ch19gwND;met=1;&timestamp=1629278435067;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIuvHSjZ-68gIV1dq7CB0NEAEwEAAYACDat7FKQhMI5c-EjZ-68gIVtAyLCh1VXgoQ;met=1;&timestamp=1629278435107;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9A7A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuvHSjZ-68gIV1dq7CB0NEAEwEAAYACDat7FKQhMI5c-EjZ-68gIVtAyLCh1VXgoQ;met=1;&timestamp=1629278435107;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=15315&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=15053&cn=10033&gn=1&gk=15053&gl=10033&ik=15053&ic=15053&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15061&cd=10039&ah=15061&am=10039&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1155847227&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:38 GMT
pixel.gif
px.moatads.com/ Frame D90E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=4&hp=1&ra=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=1518644078&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-NUVHrRsiY9DHPuItB1naGEI1eBgfNVBhuFIp1Vf7AbESGfqluabr2V04&sc=1&os=1-Yg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fhaberbank.xyz%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fhaberbank.xyz&lp=https%3A%2F%2Fhaberbank.xyz&t=1629278423575&de=398349114792&cu=1629278423575&m=15516&ar=4790001-clean&iw=ac4b0db&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A463%3A463%3A2088%3A655&aa=1&ad=15255&cn=15053&gn=1&gk=15255&gl=15053&ik=15255&ic=15255&ez=1&co=1165&cp=1136&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15261&cd=15061&ah=15261&am=15061&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25832561%3A6515169%3A311353750%3A155966465&bo=haberbank.xyz&bd=haberbank.xyz&gw=heinekenatdcmdisplay728490507552&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=AT&zMoatDBMCampID=-&zMoatDBMIOID=-&zMoatDBMCreaID=-&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=193790&na=1792080640&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Aug 2021 09:20:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 18 Aug 2021 09:20:39 GMT

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _taboola object| $jscomp string| BURL string| SURL string| DURL function| SymError function| go function| goSelf function| openPopUp_520x390 function| openPopUp_600x450 function| openPopUp_670x500 function| changeTarget function| Set_Cookie function| Get_Cookie function| Delete_Cookie function| getSWF function| deleteConfirm function| scrollPage object| swfobject function| addToBookmark function| CM_isMobile function| changeFontSize function| setCookieFontSize function| resetFontSize object| lazyLoadList number| lazyLoadTimer function| lazyLoadCollect function| lazyLoadStart function| getNormalSWF function| getRolloverSWF number| countdownIndex function| interstitialBanner function| interstitialBannerCountDown boolean| bookmarkJSLoaded function| loadBookmarkJS function| showBookmark function| showBookmark3 function| showBookmark4 function| showBookmark5 function| showBookmark6 function| addComment function| checkCommentState function| voteComment function| setCommentReply function| clearCommentReply function| notifyComment function| addNotifyComment object| comments undefined| commentType undefined| commentID undefined| commentListPerPage number| commentLevelPrev function| showCommentMore function| loginSubmit function| showLogin function| printPage function| closePage function| showSocialOverlay function| disableGalleryBanner function| showAllGalleryImages function| showGalleryFullscreen object| indexGallery function| changeIndexGalleryPage object| indexVideo function| changeIndexVideoPage function| changeMostlyPage function| changeGallerySidePage function| changeVideoSidePage function| scrollTopNavSubmenu function| $ function| jQuery number| _FLASHID number| _ZINDEX object| s string| revenueFlexConfig object| googletag function| gtag object| dataLayer object| ggeac object| google_js_reporting_queue object| google_tag_manager function| pbjsChunk object| arpb object| _pbjsGlobals object| a0_0x3238 function| a0_0x3fdf number| RevenueFlex number| revenueflexInit object| google_tag_data string| GoogleAnalyticsObject function| ga object| TRC object| _tblConsole undefined| msg string| a number| iPrev object| imgLazy object| commentTab function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| gaplugins object| gaData function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnEDouYq8zolIGcveeG_uPW8Kqh7HrvLSt5dCxLYB_UF_aBF_jB-A2R91MeykM

189 Console Messages

Source Level URL
Text
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js(Line 6)
Message:
[GPT] Ignoring the PubAdsService.enableSingleRequest() call since the service is already enabled.
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://haberbank.xyz/
console-api info URL: https://cdn.ampproject.org/rtv/012108100143000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2108100143000 https://haberbank.xyz/
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/9720347/1627984548260/DACH_728x90/js/logic.js(Line 167)
Message:
6
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1
console-api log URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61857365/20210813242739023/index.html?e=69&leftOffset=0&topOffset=0&c=eIqvQzdiJi&t=1&renderingType=2(Line 619)
Message:
1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
ads.yahoo.com
adservice.google.at
adservice.google.com
c5c1e6ef742356d4703e3319c6958edb.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
haberbank.xyz
ib.adnxs.com
pagead2.googlesyndication.com
px.moatads.com
revenueflex.com
rtb-csync.smartadserver.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl.hurra.com
sync.search.spotxchange.com
sync.teads.tv
t.myvisualiq.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.haberbank.xyz
z.moatads.com
142.250.181.226
142.250.185.194
142.250.186.34
151.101.13.44
18.156.0.31
18.158.209.84
184.31.88.106
185.135.222.24
185.86.139.115
185.94.180.125
2.18.234.21
2.18.235.40
216.58.212.162
2606:4700::6810:125e
2a00:1288:80:800::7001
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
34.98.64.218
37.252.173.27
54.38.29.221
62.144.160.15
00ba58400fe4fb6a47e77ddf7117da1155435979ab49bff6fde398f8b8ed5791
0182f3e6cbd441d6179668ca244ede8455f87948e2c9adb9b22a3f0231d8ead3
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
0234aed01b43cb2933f36edee04fb8061bb783456502eddf1ed53798a2fd1807
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
063ccb8223a41081d97628ce2bbb87c34590e82d60f164509e0c5d950ccfed01
0a0c8d7f05e3b8d5afb8654c9497a2a7a3141e02a7c2155797b028ee1a1953fc
0ab20cbf2d53b45fe3896d83db8aa635bfc20478c1299655f92f03643f8b4bb6
0b1f3acbb1221be4eadc501d2e428e7c4f1dcf467bac7115b00e956ed4e5bc4e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c566704e10564b6992cf1ac0e15fea9f5992e3fb6ff07bbfbf3280751df7ffc
0d5b13be7174b98a286badaa41fdf234f4c8a2a904cd9d6077011345d00c3238
0f6c0264ee3454e63a91b80ede0613d57c2830e598c7373150b78379f5607d30
108921308d9b81fe3d5b104629ab48237dc98e5c896e080646e43e8035fa3b15
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13438bf0ff2c4e7097d49d12ca3353a8be696b69384dc9e06aaa1dbd5f887d82
170fb1700c127dfd14c268e507bf0c40380e403b14ee5ec8df5403d71f34867f
1c3ca6d969feff8dda54f4cd1f32c2321171f1d7c24d34c31ea2b359ad370fe2
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1fcebac5ec46b66c08435c08389c4d97136d16caeb3ad24cf8aae52cb131eeb5
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
22a5f2ddfb40c4a63f868909f7e225f21f21e5e9d6972a00b7027d01bb6424da
22e730c5e58a487c838bda5b1a08e1b2a0d537371c08d4a01c56593ed8160ee6
26a6b3951637f081d057f796c17b11865fe4a64512a9029e0b8a983ab027f595
270d4005cc04c172a55defbc6ecb1cde62c49cd260b5ea4afee332ed2b241dab
27985c7a5e5506f8cd73e973f8588ef7a5921703dd3508a848b0a786c90bea78
28381aa1eb7ccb3e4cb95da002ae1e7b7c2c8ffa45c5e8a4b1887598531d3856
2841bbb4cf9d5cde10ce73ddc0f0e6330d114d9172988099ab9913dfa42301ca
29f05e8bf9a1687fa02e4c279f688b6c62ac272c08e1c8bd4db9f0649ac6c68b
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c4569a123585f4f0660d581df2d1639216b118941dbc8f68043be6e7bbc2aaf
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2ef075baea077778bc26a06c58d53394019ac97f057a1f6f3a2796cafd876012
2fcec7cc42085ed7c21736b39ea8c944977d51a00b5497d7175af17e737edeb6
300a46532c1bcc4d81d2c2f61a5f66e79674d76a0f43faaab30b52a64f0d9b6c
3016a0a633534162a1b764f024cd44fb5e99c8ef957d6bf671f3aee99c4d08db
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
344412afaba0cfa4c326b640c6e3488ff70fbe93e566913a8660150769083c67
376effb6445dbb13ffc68f3043d83b07a235435c662b9e475aa2a7c8b488b5c0
38e71574b72981e9e327b18c8e9d4fe3ac4ea68d9458b04491eaf31eb946ea23
3a58f53367b65adcb05fa621ff4adeb23ca935fd39ec9d4442da1d33ae40c422
3ac618ec136931453b97f7e1b619940be18d3d1cf57d87dbe1f75164c82eb2ce
3c4d04a87d928e0a06ef881dd516f789e0e1c6ee7818a9b46e6e1e4168486010
3ddfdaa0f9c8d82250fda4d65e49d9fe51f5d2139ac064a621936fa5645a1a88
4023abf12a7bfcb0f14083c434d06948fc22a1e19783cb110913e16442c4171d
415a41f2194fc98aa0034891c0746222966129a19c8d3db5301bacb161c84c31
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
445de3be870fb1a6d8bad08c7ac93113a7981bd6137addc684f136c1b908ee99
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
45892495b67e265af0bfeac3b1536730b441a96319d90682ad8e397dcaa5f198
4778efd4ef85ab7780d350619b75d909c19ddff772cea93eb2e93afcfa02206c
4858efe3d67a3bcec8af530bfd8091e60fe014107482853995551c6241e0737a
488fb522659be2e5f5b819c9466c49fbdd7fd692b20b3192f01ceb3c8725cb8a
498d2c1fccd2727f6c8373dddb63c3be2faeb16a7877739685328135be596255
49bf74092519230222c54861f904556e19e3f4cb715fc3c60ad7e378822ac967
4a72021640167bbf7dfb8e74c704058e7af17c6b292a09ceb10ea712d72df850
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4cba30d37d87d1308d60faa49e7c90332077c72151bd08b1fc5ce0b20bf3e561
4d39d4d2020717c577c684ca8b12c847d3c7d6354028321860b5b3b46cc61b62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e52847ae47895fd395b79451e96326f987ea177294f19275501938281d622b5
4ea0126a8f3df5e4be70a1d8e90df56a0537db00fc5d1c973623519751aa0ccd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
502195048a6a8005571119c98ebe3282278e74cca1de6512563c8997d0ea1408
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50eb52744efe58839f7d41fad9899d7bad03952c3d800c2c280b7cd85d246a41
51cd71b1385796d2ef453fa38f31fe3c1257aa72abd667b613de34136bd2649e
5289964e5ea2940df302ad317f20a2d155cb69a867532fe620800040add85764
52fda201ad79ad8be89b9955bdbd53872b3a292fd00cf38d859d93e644751941
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53d4056482798f3b7b7f9cc5cc08fc821140552572aa61637c166ef6e1675b09
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5528a664d2011a2384e5b4a850dd6fd5fa756db1cbc55608b138939832f0ea65
557a2481814cba9005cd2ff80f43570b2329c1ec0c961c202d63a6e6d99ea292
56165bc2e057897262036e6be82eb1096c6606badc98691695561a55ddd06850
57672c96213af7ed313c3957d9a3291ee60c421001541fcfa1ebf377c54441aa
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58880dd235c594c751d5ea7a9587d676c26aba5a4a0bcb6e18f8784925b29af3
5a48cafd1c726e7473e002243b24e304be3e1ec56abd9bf0c046f587c78c8213
5b418391a5ff86378d2f4b82c2af0be31b9b53f007d4b815730bb34706ac1439
5ef584dc7d4cb518ed990242fc5d6a465aef233a5ea1897dc26b528c2af71060
5f82b29fa607019a063ed00f5d4d7531a1821c02746258780f818524f0687f21
5fe19808ad099f13fa61d92bc601912de677a900ca535c344029b8dfe4999b0e
607fe49372f521f5a6c6c7fcde31ebb07f017c1efea75cbbf167612641e006e7
61fe4436f1d882b3acd98fb2763984bacd382664582f4918647b89894f46b871
63ed4c66bf3ba06512f7028be62a4bd53295e1ba68a919a7591f5fd392e72b90
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63fa1f97c9bc448552b4d5d3c90061d2dd58e43deca946e70cb75f3be15977a7
646984aa0aab2277a670be749d10dd21d2f4b58e7b59024ae3207fa1222b5861
68a1eb809781154c2c6dd9ef157e3ffa54c45afade2bb70edd006707d28c3a7c
694fe7ebf24a35b5723242b213a3236d7079ec44e68e6b88e4358343ddd87059
6a3716b4dd56680e89dc3b5a1a045f17166d65fe29db277aecaeff983232912c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cea7d67aa87b4bb4916b9b1ea7233b32332dbebcf8f6b78258829ad4e48dfa7
6dc04926bfead3648a1a6bec7ca2f2bd70b26811c5f51ae969631979cf5a696b
6f2fb73794b723566bb1511e78dffa9a6d1c5f51259c17f666d5231cdaa8308f
6f8cb8d1e74e3ed02d5af13b6c075a207440a81f8ae0c36812e8336945c61644
70ef213c58d661457a299d6522d1f33e15677e18477940a7c2fdbaa684418d20
73aaf945c213727963e320dcbac08cd98fd0f421ca20175c19abb196f6147fa4
74ce4a1f4d75997ff40047546727f9d0732cb9741c1a937bd1a7edc7a0df9f53
755b29e8fc45b54c36fa66190170b00fbe94e959e6c621efcab5a6c4e1bf02d1
7615baa1d0a2426f7ec41fd2764df17ebbb3d8e21c82ebfb88b8969d330c5415
772336dc0a44b17c4b694dfc0b1cead21d2324869a820cef43211f4ca1e68e16
77b858685f05f8190915abd7dee94e4c5ca8f3852036e7980a5d40abcc43efbf
788e7fe4e0b96a66ef6b67ec93a8c15ee57b874551c27fbf1df2061782bfba4f
78c0f77679f8b3318f2b466f00c9bdd3013e6034275c9e789b7f0db03d10de2c
7957504f907ffedfc0d7ec27f93664a47d4d36b36ece1386e74492f753d24025
79f97f5c807f55fc2d99cb2dbfac95eb04bf5a88aac565fcbf398c7ccef2d6cf
7a18a8eade404b816f73ce1eaacbb7c9b6caa1982de1c9467ba540fd7cb15560
7a5f1a84e4e393c1574bd97a0f386bc09a040b43b2c38dc81a2b130dce78e159
7b6e4ea136dccf0ec066812f0375f913f4d44ac7ee38576dd175906efd52ef43
80552188ade64dd7f4ffd7b9dc82b63a67cd59265cde1fb838d7a0d4f0cc56e9
80a45863e4c39b2491174aedcbd73d8f2cdfa82298e329567cbb1432388eb799
80f5433df727188d43a64cda6f7060bc5117045b2cbcd1492a00183caff5f1ec
81023878bc116ebf7cc254f1dca8628175a52789ff8e70dfaf7acebdc10b4a0c
83c81bbb7db55d19d97322a38c7df2ebf7982aebe92fd4dbb18e1a7cb9eadf8f
83d5140d6fe0931381827f9a78bf9d119557e608e2d91c028d00ba653988859c
8410f8cda1e0fc828c679502c25bf44417b684def89cbb6ff8e479a264a02393
84fdae9a3684b8fa40ef949d2304862f29c44b1fc53d922bb70e22aaec0d1d10
8678583e1bd198079354cdefebad64d8ffeb45ca742506d225ce90c8b3740061
8790f3f6771766c7cbdf53328393a037b9bad3661cff0bf69e79a9655a84206b
892f356f79a98c66de818355ac375634e39ce10a39440f71392edee91296ac19
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ad34b9c0e62e29634c681f9b6ebb54a343d09cfb0380b24b75d11eb144296f9
8b8233587f76031b40e28a3194a6190c769f5ae78f04ee1f12165d559eaeb6f4
8be4a0637aba9097b24abf18e5a7d074faf7f790e935465d2fd780f664976211
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8d1dcf0f360d149d81a2e95d8f839fa87615fbaf0d9f7af418721d84cf418246
8e6fe64899bb06f60961c891c7557e38e641de06681fd1d959bdaf6493a46fc6
8e9cfd680e674dad9df993f4b71a3377c0d8cd66395402df9420b989519c86c8
8ed8a96418e11927180feb2f43a52470670f246117ebf4dad19cacb17c252ae9
8f1056221f1fac6327f586da0c20138f2d6b12ed6dc2c66fabe03b7a7da32248
908045b777d9906109fd2170f2009e2df5b9ac03d8db3a11095d0bc49fe1fa17
938c833f076e9a9069a9ba9220f014a3d768fb804fa2f657da9e1967e4f0b8b4
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98d9802f1ddbb44b0bd3ba65b6606ad6f1e6a7c0983601f45f4b671f19d71bf4
9a13c1939f9b2d7ce1c19bdb767df4a069385c5beb508d268a0084dea426a6fc
9b49a6cde51c0b24f61b97efadaa1285123665fd099cf14109dbf6fd77fb6152
9c6e94d56fa93456f2c94126a6128b34922c790cc3e72a03755f885b03c4d668
9db4f6a9acb774b771102d222fe371f1055a80d1e04788c53cc5b4818a339f4b
9dd189ef52ea74a10651864dd73d21639d99289fb8ca5be69df4aa29c81afc4d
9e69652115e32096c8b03be5571b360f2076af2a828eff8cffe2b7ce9fe8a7be
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a1cddd93d58b74419056506c445bc99decb3874d50c7193f9a952d599fcba4
a1d9dca7faf30603348f082f1e6c2ea66aa650a79a3284f27231f1d5931f9302
a2069353a95b487b5b79ee5a50e2e952b870a3fec717c67672ded9143775bd8b
a45d3feee0dee4f40bbeeb9afb6e321a1df6bea8f6a1a3caed6de69721bf21b9
a462a6eb6079380a6c06f01653fe70150ba44232f662746517f4fcd20f8da244
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d47adbe1b93304f67cb69e3d6bdf09fc741e48ddb00431b76ed0f5e0ad4551
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c4b1199dad4f4f0b399b610b6cd52a2e9a8625f2ec99226f95577568a70335
a9a26200327e8aaf6c9b3e7f7bed753319ea1ca39997db3decf954ccaf3f0782
aab58027e5c3de4897eb904f5d6fc00d20b00c7be07236c09e67232d99b8f269
abbbb63e5616fa3a2bf9113e259b0fe9793f70fcdd33114a1c47885ae8ccc881
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
acf50b45d9a0cc2d9887ab83a1b5112ff3f219f1056b31da052ecc66e10429b1
ad8ccaaca55aeda443dca19bdfab82fa1c30fdae8c1b3e90eb19f59a45483ce7
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
af9aa0ab019d8e666ac57410b0da8d550fbc5903e0e9d1f45ea99f7fe47302db
b0996d05ac0d5fa2c44fb8d0461a2f488ab13a0c26b45ebf5888531d8112b14c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b270599ccaea2dd51759fabba80d2470cb37403b8e6ceab6819b535867b31cc5
b4f8894d94b318f6b45d307011393175ed8165812e67753cdfd6347650474533
b61fe764edbc50a36c4d2326be0a0423c11bb73c0de87aea518a032f76946f7a
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6b5b6f0674b63603da099ce4dfe9ed5d4f3cfb1b05cb294e9ad7cae084c3375
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7d11fe80889199b11f169951706d7fe39a06c58185089802b9ecb4807d228c5
b8eef04aeb78f8eb66d8421b890f10fc6f971a0f89052cea6a33c49a5a6946b3
b9e84f704bac793faf4090489993f63c936647e5f7722ff3439ac2f2d185b7c3
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba77803b29277143ede66598b65cc1bc4d927097df98120148e20a84f262301
bef94bb1a6a7bbb14f946f6396505f4d10309ee5a8379d166ea76aeacdb8d27d
bf7c238e1d573c641211b74f22c0ae30669b671c20847f1e42df7f97af65a14e
bffcd421c8b370dcc758fcd576fcc1a4ac156177bb538972cb8aa2aec624e24c
c115a87a00da9cc088f17fdc72d8297dd83d162ce715a140dd6ab09c0bacceb1
c207220318ecf7a91088232fb8f298d37ee1c65c14a612995795cea38aaf174c
c3f269f959af86fa0ffc3c9245daddd856e5c6f1cd66b0a509d7b239f5f1739b
c5418201407117e7ef6c4207e1bb625e1559c296d97ff524126bea7c51add0c1
c56a384d47bfa0eee9bfb075e0ac01b451ce9cc0da776db287aa3527f387a974
c57576f007bb1348ba0d3c9a1272ea80af374388ace82d4b8efabe9f6abc7060
c61a359ed865f2c5fb69be465754f10a55594e28454840f1fb02f37a407929c9
c669cc33f4fbf369d4e1cc7590e73a28ec81fba4bf37008e552b3b9240565f07
c66e4586a2e1957bd169f0c6b5db377654765c9c92bfa41e1d2acf8f4dc55b30
c859583ac41173f2bdbd19ca7c4a274f787cffa0e6f61c5eec4924369c4a7add
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c87f0c02bc8c633f765ea833d8260d34a1a39dcc9570f75079dc24fb41353443
c8ac7de792c2dbe2cde57197b58e3f2ab26b0b6a4a74cb0f84716b5d64e138cb
c941a2b97730aab3c99c2a772635a5e93e8e1efdeda0b9302b8ea1cfd7e711b5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccb3affdf9c9f2e5925f0b94f8275d7d8222c118722591b68b585e90fd53f815
cce2d9e56822ca13d0bc323ca0d7a4a6205b58a7006eea4ca3256f77da7a6a0c
cd2c04dfa65eb5457195f7c6cfe519db5e74b33c3365dbd439052a136b13a6a8
cf1d0bd6bf199a2ca60f0534d0461fb5af8eb7ad7dc847c24e2613efb9e1c656
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1156fc4379a2d391453aecabbf2ab8677618109593b92df41156c2b23307fb7
d178416fd1412a2a15a1b9e6663348aaf7296dd4490c273edbc00f7cf9b4ae00
d2ba79d78694b0917243f69390adc049b2dac032398cc9925a00df3bd88689e9
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d4c2aa11a021cbea64968abb5df81afbb3ccf21ea2286e90ea4b1345cdc837d9
d551596511264d694ac679eff2e31059f02eec98c614566f797ae16ec44d9617
d55b64829cab362ccb8011f37e5fda859080a163c8a4108f9a6dd7ef944ea02d
d65f976a4fde96787f46ef02dc65daf2c3c4ffa175e30227c5bff38c8ab31da6
d7497beffcd1fbb22b76bf35e3ce6885ad906f93233c5bdda1f58ff423716819
d7981306cb2f4a96bc2d386120fc451ea9e00c592eb9d159106f9eab81322e92
d7ea26b93c08451c3b36edf3aeed10447fcff13d7cd7fab7a8b9284d6af53185
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
daad39b756e2099575c560ca68f1134cdbbecfeb02db8c6654c3f5ec2b1f6d0f
dc9dfcc5f11ea492a4ededf062bb3d47b89aa0a6ece97eda0ba0fb6c26a184fb
dca3b255413edffaf12ebfa9059db2e97555ec4aa81720c85a1d701a70efa573
ddc71720012b5d4aecc5cf638289581c4f9eacba6b7da3d02e7b17afb1b4fa64
df7338b37ab8af758cb40db50f048b8c1c0702a303aac52a816e028a29065a13
e20edb943fa99e584614bf7b3d5a347e1a7aa3cf458200dcde4015d6c5c556f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d051b39cc57452b3f9f3653092202fdf16bf2a01c3dfe52bc7283bed9ed3eb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e60e74b4e59cc043b87281ebe6a3ce183dd0db40598168b94617b49e3689ce47
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6f6705d8bd6b774eee5dd8ee22de7c4748237b87f5e8c4e0c424f36d61a0381
e7949f7a06fa87f787e6c78a3e70879176e4937262deae49fff4d57a72ab96e3
e7b4f6cf12af5dd36ab67c78c404bc932cae5be2cec556e158fcaf5dec7c3f2c
e8084ca6447bee664144afd84a1bc98b367a80b3d34a2564f8f5f29816bb6f54
eb52a2a80c353f2977114bdb5bf6f51801dd27b378bc56d6de084581119825a4
ec048c64900fcbdade1e9bffcbcc513ef0c30832fb20a4c563c70e08cae9bab8
ed70aab24114c7c74bb70eb16251f6046e3a15326acb36aaf9408cc43feaf0ec
edde44925437dcc7eb3d75062a28fbe433a4818f640d2df8369211df1e3de6f2
eedcd858b717d51a55a283a8c74d9ee4e8d0eb247499263f53b84f91338a1e3a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6ab0092642cc91c3ba854b8012a9a85fbc3eda06b8093d7ba8da36f59b5c6d
f3d8ebc2323f8193f8fdd9ec690b9883f435062e5116ac1544042535d54345ca
f57bd1481e9ae90c19f2da06b3e188c5c9a64f08592d540a45eb4c01d5b952a3
f5e4daaf8087c0d891b8853040b9f531f2857748130d27014fc47327df281a06
f98b5c90b315feefeb8aeb9007b58472f95b6b43d974c905c00cc4c067166403
f98f2b089201cd9d93aaad02ee002c49f0ee0cd7f268e32e867d97329961946a
faccd1367d9ca6bc500db876e82002c7aaf7a6ac38053ef9be2f2931bbdcecc4
fafaed57a7f0bd790f130cb8be9217ff95495a17209db3699c56ec899b40af3d
fb4b27b4a022b4f7bf448aec63c2f73a4adf058665212da521b42807f107bf9e
fbdc4900f2754a5effa8f0ddbc9c072d549c32a5f3bf2e711f5002b626032b94
fe7dba94746836646c306ce9c39176db00b9da3cdae1bf7dc041c145057d0b33