www.ensonhaber.com Open in urlscan Pro
2606:4700:10::6816:48e7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ensonhaber.com/
Effective URL:
https://www.ensonhaber.com/
Submission: On June 12 via manual (June 12th 2022, 8:31:09 am UTC) from TR — Scanned from DE

Summary HTTP 91 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::6816:48e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ensonhaber.com. The Cisco Umbrella rank of the primary domain is 156347.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2022. Valid for: a year.

This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:49e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 41	2606:4700:10:... 2606:4700:10::6816:48e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
13	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
91	17

1 2606:4700:10::6816:49e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2606:4700:10::6816:48e7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	ensonhaber.com 2 redirects ensonhaber.com — Cisco Umbrella Rank: 113827 www.ensonhaber.com — Cisco Umbrella Rank: 156347 icdn.ensonhaber.com — Cisco Umbrella Rank: 152952 m.ensonhaber.com — Cisco Umbrella Rank: 185872	1 MB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 104 googleads.g.doubleclick.net — Cisco Umbrella Rank: 48	243 KB
7	googlesyndication.com cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 146	74 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3131 onesignal.com — Cisco Umbrella Rank: 1222 img.onesignal.com — Cisco Umbrella Rank: 6879	101 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	109 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9967	2 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 82 www.google.com — Cisco Umbrella Rank: 4	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8201 www.google.de — Cisco Umbrella Rank: 5859	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	20 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3473	70 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 172	28 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	39 KB
91	12

	Domain	Requested by
38	icdn.ensonhaber.com	www.ensonhaber.com icdn.ensonhaber.com
13	securepubads.g.doubleclick.net	icdn.ensonhaber.com securepubads.g.doubleclick.net www.ensonhaber.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	mc.yandex.com	2 redirects www.ensonhaber.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.ensonhaber.com
3	www.google.com	1 redirects www.ensonhaber.com
3	onesignal.com	cdn.onesignal.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.ensonhaber.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects www.ensonhaber.com
2	cdn.onesignal.com	www.ensonhaber.com cdn.onesignal.com
2	www.ensonhaber.com	1 redirects
1	googleads.g.doubleclick.net	www.ensonhaber.com
1	img.onesignal.com
1	www.google.de	www.ensonhaber.com
1	cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	m.ensonhaber.com	icdn.ensonhaber.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	icdn.ensonhaber.com
1	www.googletagmanager.com	www.ensonhaber.com
1	ensonhaber.com	1 redirects
91	23

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
ensonhaber.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: 1F063DF43DD0CAD8414D3FF7252E03C6
Requests: 86 HTTP requests in this frame

Frame: https://cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3D996011CC2E1E4847357240C293E88D
Requests: 1 HTTP requests in this frame

Frame: https://cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CAF0B3348EDAC3885EF47EBD187CE6AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ensonhaber.com/ HTTP 301
http://www.ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

91 %
HTTPS

94 %
IPv6

12
Domains

23
Subdomains

17
IPs

4
Countries

1888 kB
Transfer

3855 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CRkC4SqSlYviWE7SI9u8PrpS-yAHyufvLatH61uTsD9vZHhABINaG2yVglQKgAcvJveMDyAECqQLs2hRnpl5vPuACAKgDAcgDCKoEjgJP0EfWuFUegE4qFvqTLQtD0umLgzmxWguxrS-c2VB855jdvqXIB30s2tSA_jXAfw8yjkiPxhfYwZhexEvy1eTqr2JDHv8EcugPKXQQTFTLSZxDxC-eJqBLJc1jBn2etEFzL_C27xFZwNygWfvAuuPWD5qiw-53d3WJR7euQ1MZ530KbmlzVlItZuQCKu0OIJVb76CRVgOXMMLRU7gf11xXHLjOUqBa0-tY6IN-caQIGMME1k8-QOnpkg7aCeSKNo5SL2oKEJAvH85XSQfGtefM4C2FijQNq1sBJ2S5MZ0Dhw0PjlUYFkxQRXn29n9IH3jacG8mirLz0sYL9Jp-sQywECCIxXofh2jgcQVvQKzABN3_5LrzA-AEAaAGAoAHnbbCHKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIIEQiA4YAQEAEYHTICqgI6AoBAsQm3JrIQCDwh7oAKA5gLAcgLAbgMAdgTDdAVAfgWAYAXAQ&ae=1&num=1&sig=AOD64_2Cq00LmisVxa2Gd-g3QrpCy6GKRg&client=ca-pub-8601585505701947&nx=CLICK_X&ny=CLICK_Y&nb=2&adurl=https://kayahotels.com/tr/oteller/kaya-izmir-thermal-convention%3Fgclid%3DEAIaIQobChMI-OP78L-n-AIVNIT9Bx0uig8ZEAEYASAAEgL-QPD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=Aa2KcEa3yVhr1GRsv2TDL-xOKPsVlj-QAcUcZj25_bEkrRTZMfqpE5ntb3LH7A-gsoSj_8m9zSdnuNHorWI0k1d4mvKl7pX36YPHHPHSRJjqrFHmS-HwzyRXarIASsSBdrpZuhTGaPwkEOJZGve2sJbqoNtPxbTmxXYYJMTObhRuHGZzSz0ziVsYOUya2Odk9-nwnh5GdfhsAAYNWgI6qeaqypteytwoH7rVQ5Yd1KwyBmsFadwJFQfMyqMr1nXXWXb3NJmY74y2VNthZVAVbYcKmq417Y62psqogwmW3b6pJc4RKbM36LxHPT6tQ5XUO3wcXXprwTNIaEDzcKW4lBiJzXTQjz2ZitqeurPflXY18LUQT_c41wPI52lpQFdIScKQnm1tKgEaRswBxfDxTH1VWVCOCMIIUL-8mcHMV6YLSMgmINUjEouezS4Iw7Z1azQEd3gOzvg-UW5D3Qv-4tll4wEayr9Vfc2uw4dOM7PaWCSl07YnR_r-4DxNyd1Vrv7O-FOA1VPQwRWSwWuYAzfTh9s64pisZh__4v97Abpkp1bZJUVmxP7WwvVm1H8i_vJNLPSJTMCE_qKFja6Xtz5gayp3-PpGBwHrSep1QwtltWTskQ8zz5F1V5ozQtc839h4zYJCOnSX36aCYzp7s2JMqzIpo4SOE2nnF85NvBvLoaRC_yyaKWLm4jLTO0Uz1Tf65klFJaeN-xc9MmbCI_ai_bY_BOqkK3awb-j5Q8mmUz9VjjrNDKOjkjVSlXzfTR67P6LroFuSIVoVJtYoQV1JDJ0nBX25rfudqAFvzm1qkAO22TssPHMlx5nLo5jJ9AKj3vxHsdci_kdU0hJQs77Of2RuExg1D371reVhVXualHK3YXLjtv1lkspqBN0u2qskmSMbdC76gyi-vMmKJmnOMyIMUvqFwt5w73Og_YhlGCvXb08ayw7G91-aPe2n0zZWHblNjxb0IpU-QMt8c0Siv_xnS9MbCAR72oi03k7d-70x1y3PkZa7nJy2LdZriuBx1dEBA8PniANdAqLz9i5hASg34phn6otgSHZ1MUf7cImohkhMj6TMMbNPuKTtWx0c511CsJWYQlacMxgVtUS23_fXdx5XM22MnxeDtntfeeePYgze7akwHFYskTzND6-8gQMaIEkRfBjIkDYX6C0h2XcAcbWnHo0jEh94Jas6EBRVOmGVyV7vDEZcKRkrDiyj7vk06uiue4mJf84D-UOFGu5TWhVp9DFg8JrcpQcmvVvP6APFKhPcgmvjalsIt8mtgNSAl0dJgz-BWwBOhztYonQHUGGmKBebI5tDoSNTSMWX_ufha0wR2p0bCRIQdakV_zXAfNx2MDogxATjSZa9mzvBXfKBbLH70MK4X_JBqUB4pgJSYxn9BmFWUOlSJPEC4vq8F5nEAbhF_2X34mAVtyrhZqSTnENHeL4iD9UdO1to1fSlH8P2m2BEBa18gtzOA3S187rBGKqYYqRT2pMNza4v5hYwkbHvoRaYuYZCnK27cdPh6PJw4s15kvUf7Bq7XijU58BwMcWFsgssMcOuUHOs9fcvuFqtnvFKIIY2wtQYH6h4MAGsBQaQnRbXYTSlWiSwoPrdaayAqggtQP0O4-wy8OwqIp6D_wnfgR7C871hm6B0uBDLub9RyUjZ8dx-2PzLhejGjt8WYJwHQwoATHNQAK7ok0WAMlNk7nYQ8LjImGNKPVI5cE4jMFKiCdn4z2oqHBqnH3JUVCMaPU8Jjpvu9BHS5Lzt1IskybdUCDEx_A

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ensonhaber.com/ HTTP 301
http://www.ensonhaber.com/ HTTP 301
https://www.ensonhaber.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9667.CxLwjpaitaw43cISrBwMThFGZXjp5z5xUxQ-O7lxAFfNBoEHiTedCVxhsbNebxlU.g4dwfdQiKzeUypiveMKn5BXUvao%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9667.9r9D-j9UXjDqGDVBog2AfIEm9MNgcE03U2oDswzYGSmmllVoAU-DUDo_tlZZaLY6S9_dkkUFSqL23ofxkFk4Zg%2C%2C.g1VgP_JGloy-wyv6RK8lA5XiWhE%2C

Request Chain 66

https://mc.yandex.com/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A514387080530%3Ahid%3A499074224%3Az%3A0%3Ai%3A20220612083104%3Aet%3A1655022665%3Ac%3A1%3Arn%3A226135943%3Arqn%3A1%3Au%3A1655022665421627156%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655022663558%3Ads%3A0%2C52%2C74%2C6%2C253%2C0%2C%2C276%2C0%2C%2C%2C%2C663%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655022665%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A514387080530%3Ahid%3A499074224%3Az%3A0%3Ai%3A20220612083104%3Aet%3A1655022665%3Ac%3A1%3Arn%3A226135943%3Arqn%3A1%3Au%3A1655022665421627156%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655022663558%3Ads%3A0%2C52%2C74%2C6%2C253%2C0%2C%2C276%2C0%2C%2C%2C%2C663%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655022665%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

91 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ensonhaber.com/
Redirect Chain

http://ensonhaber.com/
http://www.ensonhaber.com/
https://www.ensonhaber.com/

187 KB
22 KB

128ms
75ms

Document
text/html

2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b34ce7f14eacf5c232be85b21aba80983c794928678e6fd3d78fb4cc95078c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=120, must-revalidate, post-check=0, pre-check=0
cf-cache-status: HIT
cf-ray: 71a13a69a8c29bac-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 12 Jun 2022 08:31:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sun, 12 Jun 2022 08:30:21 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-server-count: cl01

Redirect headers

CF-RAY: 71a13a691d769951-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 12 Jun 2022 08:31:05 GMT
Expires: Sun, 12 Jun 2022 09:31:05 GMT
Location: https://www.ensonhaber.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.min.css
icdn.ensonhaber.com/cdn/desktop/css/ 138 KB
26 KB 47ms
36ms Stylesheet
text/css 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 73742
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 05 Apr 2021 12:53:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
cf-ray: 71a13a6a49cc9bac-FRA
expires: Sat, 11 Jun 2022 12:01:50 GMT

GET
H2 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
34 KB 49ms
37ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 2850
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sat, 09 Apr 2022 08:26:02 GMT
server: cloudflare
etag: W/"6251431a-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 71a13a6a49ce9bac-FRA
cf-bgj: minify

GET
H2 200 home.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 242 KB
68 KB 68ms
58ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/home.js?v=2.0.0.0.5.2.0
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e05b4d98ed4231ac519df0a3e2f34f5cc4f3e5ddb3cb2ae01c69deb66d76497

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 317
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sat, 09 Apr 2022 08:26:02 GMT
server: cloudflare
etag: W/"6251431a-3c60b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 71a13a6a49cf9bac-FRA
cf-bgj: minify

GET
H2 200 sf-r.woff2
icdn.ensonhaber.com/cdn/desktop/fonts/ 28 KB
28 KB 117ms
60ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/sf-r.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4871
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28560
cf-request-id: 0aacc5f9f300004dcaa62d3000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-6f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6a8a3e92b9-FRA

GET
H2 200 h-m.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
89 KB 117ms
61ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-m.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 6013
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 90660
cf-request-id: 0aacc5fa6400004edf5e319000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-16224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6a9a3f92b9-FRA

GET
H2 200 esh-icon.ttf
icdn.ensonhaber.com/cdn/desktop/fonts/ 12 KB
12 KB 118ms
61ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/esh-icon.ttf?v=1.4
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: BYPASS
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11912
cf-request-id: 083224647800002c4a3a37f000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-2e88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6a9a4092b9-FRA

GET
H2 200 h-sb.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
90 KB 87ms
31ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-sb.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d

Request headers

Referer: https://www.ensonhaber.com/
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4871
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91284
cf-request-id: 0aacc5fe9700002bddc6012000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-16494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6a9a4392b9-FRA

GET
H2 200 logo.png
icdn.ensonhaber.com/cdn/desktop/img/ 14 KB
15 KB 44ms
40ms Image
image/png 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/logo.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3318477
x-msg-hkn: /
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14744
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-3998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6a8a3d9bac-FRA
expires: Tue, 21 Dec 2021 18:04:46 GMT

GET
H2 200 gdrgrdf_8222.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/05/22/ 20 KB
21 KB 32ms
29ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/05/22/gdrgrdf_8222.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bb6ba6771b74fc65babcfade3725ce9e347575c18b632330bf86dbbe5b39deb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 20521
cf-polished: origFmt=jpeg, origSize=55360
x-msg-hkn: /
content-length: 20786
content-disposition: inline; filename="gdrgrdf_8222.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 22 May 2022 20:51:06 GMT
server: cloudflare
etag: "628aa23a-d840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Jul 2022 20:50:24 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a6a8a409bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 12-s.png
icdn.ensonhaber.com/cdn/mobil/assets/img/weather/ 6 KB
6 KB 43ms
39ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/mobil/assets/img/weather/12-s.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dda8abc1292262477586481831718a54d5796d0a66a0b8e694a5b120603ac8c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 160069
cf-polished: origFmt=png, origSize=9175
x-msg-hkn: /
content-length: 5844
content-disposition: inline; filename="12-s.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 15 Mar 2020 15:34:41 GMT
server: cloudflare
etag: "5e6e4b11-23d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 01 Aug 2022 23:02:41 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6a8a439bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 kutahya_5388.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/ 123 KB
123 KB 33ms
30ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/kutahya_5388.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c683fa791ae6310ec5d0c3e00c5a821bd4ea839bb66b3bd633e8c72a83174a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 346
cf-polished: origSize=151050, status=webp_bigger
x-msg-hkn: /
content-length: 125890
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 12 Jun 2022 08:21:24 GMT
server: cloudflare
etag: "62a5a204-24e0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 08:20:35 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a6a8a469bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 ph.png
icdn.ensonhaber.com/cdn/desktop/img/ 85 B
238 B 41ms
38ms Image
image/png 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/ph.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda102fdc78e36a46af3c6223b91bf8e0e15ef7ef1debb7567f57fb3b39e97e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3318609
cf-polished: origSize=939
x-msg-hkn: /
content-length: 85
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Thu, 09 Jul 2020 11:18:28 GMT
server: cloudflare
etag: "5f06fd04-3ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 08:08:21 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6a8a489bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 serenay_3495.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/ 76 KB
76 KB 41ms
38ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/serenay_3495.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4bb8517511ff7e750349e6a7c5281bc57561daeda76e259e938d5256ac4bf88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 1237
cf-polished: origFmt=jpeg, origSize=186421
x-msg-hkn: /
content-length: 77836
content-disposition: inline; filename="serenay_3495.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 12 Jun 2022 08:10:44 GMT
server: cloudflare
etag: "62a59f84-2d835"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 08:10:10 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a6a8a499bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 cattop-placeholder.gif
icdn.ensonhaber.com/cdn/desktop/img/ 3 KB
3 KB 40ms
37ms Image
image/gif 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/cattop-placeholder.gif
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 460997
cf-polished: status=not_needed
x-msg-hkn: /
content-length: 3311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 07:29:42 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6a8a4a9bac-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 diyarbakirli-anne_1937.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/06/12/ 7 KB
7 KB 42ms
39ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger/kok/2022/06/12/diyarbakirli-anne_1937.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc3febafa51ce9fc0f634bb6a5398a8dcc06fa5e763bfa8e252fe586b0290079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 49
cf-polished: origSize=7285, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "6efd9d9c0ce4feebbb4671d108e2966b8cde5302"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 08:30:00 GMT
cache-control: max-age=86400,public
content-length: 7093
cf-ray: 71a13a6a8a4b9bac-FRA
x-msg-cdn: 01

GET
H2 200 demet_7628.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/ 7 KB
8 KB 42ms
39ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/demet_7628.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0bf25ce5355afdb343b342249c95e989d8d5b5a06fc32408f90c35b2960ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1079
cf-polished: origSize=7792, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "56f1a423b4ade27f5c56349323be026c8fd7b430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 08:12:54 GMT
cache-control: max-age=86400,public
content-length: 7667
cf-ray: 71a13a6a8a4c9bac-FRA
x-msg-cdn: 02

GET
H2 200 yangin_5270.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/ 6 KB
6 KB 63ms
61ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/yangin_5270.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eeb5e4875c764c87899cdb80cab6da0e08b81988c3368a4e8af255e857f592b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 5032
cf-polished: origSize=6378, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: MISS
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "5e1c0877aa220be593e9ecfe4a6237e19cafb0c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 07:07:13 GMT
cache-control: max-age=86400,public
content-length: 6168
cf-ray: 71a13a6aaa919bac-FRA
x-msg-cdn: 01

GET
H2 200 eren-abluka-16_9050.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/ 9 KB
10 KB 53ms
51ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/eren-abluka-16_9050.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f973e6d0c20ada856bd13b2d2ab0b9b8ea7428d817023c42d6174706f86483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1376
cf-polished: origSize=9820, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "88ee803a5d81ac5429336b953e437495f4339f6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 08:08:05 GMT
cache-control: max-age=86400,public
content-length: 9649
cf-ray: 71a13a6aaa949bac-FRA
x-msg-cdn: 02

GET
H2 200 sehit-omer-yildirim_5636.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/ 7 KB
7 KB 62ms
60ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2022/06/12/sehit-omer-yildirim_5636.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 928376674df661065d1d5593bc207158d32c6775b5f16f2c5049576489b88def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 9474
cf-polished: origSize=7156, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 227
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e67bdad1f3b65c03eb4b4423a779951813435013"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 05:53:08 GMT
cache-control: max-age=86400,public
content-length: 6990
cf-ray: 71a13a6aaa969bac-FRA
x-msg-cdn: 02

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 95ms
37ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd7b4d614ad3495651e2581ce27afb5f5b090561eb1836f134fa2d1e8cbfe22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39742
x-xss-protection: 0
last-modified: Sun, 12 Jun 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Jun 2022 08:31:05 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 107ms
39ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 71a13a6afb218ff5-FRA
date: Sun, 12 Jun 2022 08:31:05 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1862
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 15 Jun 2022 08:31:05 GMT

GET
H2 200 cookieconsent.min.css
icdn.ensonhaber.com/Assets/ 5 KB
1 KB 44ms
40ms Stylesheet
text/css 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.css?v=2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3318612
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 21 Sep 2020 14:19:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000
cf-ray: 71a13a6a8a3a9bac-FRA
expires: Tue, 21 Dec 2021 16:18:21 GMT

GET
H2 200 cookieconsent.min.js Show response
icdn.ensonhaber.com/Assets/ 9 KB
3 KB 60ms
59ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 1727
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
cf-request-id: 077177872900002b4dbc093000000001
last-modified: Mon, 21 Sep 2020 14:11:45 GMT
server: cloudflare
etag: W/"5f68b4a1-226a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 71a13a6aaa989bac-FRA

GET
H2 200 h-r.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 86 KB
86 KB 61ms
60ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-r.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 4050
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87724
cf-request-id: 07710f763400002bdd93944000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-156ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6a9a4492b9-FRA

GET
H2 200 09d.svg
icdn.ensonhaber.com/cdn/desktop/img/ 852 B
626 B 42ms
41ms Image
image/svg+xml 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/09d.svg
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 12669
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: W/"5ea5b1b7-354"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 71a13a6aaa9c9bac-FRA

GET
H2 200 h-l.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 76 KB
76 KB 43ms
42ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-l.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 5075
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77436
cf-request-id: 07710f76360000973cd306c000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-12e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6aba9292b9-FRA

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 203 KB
70 KB 339ms
141ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f571a02b29e475bb29a792e721d9b0aec365d4f0a678101d2a4025afaaa2a164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
content-encoding: br
last-modified: Tue, 07 Jun 2022 10:28:05 GMT
etag: "629efe05-115d6"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71126
expires: Sun, 12 Jun 2022 09:31:05 GMT

GET
H3 200 sprite.png
icdn.ensonhaber.com/cdn/desktop/img/ 3 KB
3 KB 52ms
51ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/sprite.png
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 197237
cf-polished: origFmt=png, origSize=3353
x-msg-hkn: /
content-length: 2838
content-disposition: inline; filename="sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 08:08:22 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6b0be56955-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 telegramicon.png
icdn.ensonhaber.com/cdn/desktop/img/ 198 B
676 B 44ms
44ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/telegramicon.png
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0850d695c89d961eace5283188c73a7517c54bcc151ae5f6d560654fa941e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 200174
cf-polished: origFmt=png, origSize=445
x-msg-hkn: /
content-length: 198
content-disposition: inline; filename="telegramicon.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 05 Apr 2021 12:48:11 GMT
server: cloudflare
etag: "606b070b-1bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 08:08:22 GMT
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 71a13a6b0be86955-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 h-b.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 83 KB
84 KB 32ms
32ms Font
application/octet-stream 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-b.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.5.2.0
Origin: https://www.ensonhaber.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 12527
x-msg-hkn: js
x-vtex-cache-status-nginx-thumbor: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85472
cf-request-id: 0aacc6eac50000d6ed86bd5000000001
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
etag: "5ea5b1b7-14de0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71a13a6af9189a05-FRA

GET
H3 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
35 KB 34ms
32ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.0
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3580
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sat, 09 Apr 2022 08:26:02 GMT
server: cloudflare
etag: W/"6251431a-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 71a13a6bbdc96955-FRA
cf-bgj: minify

GET
H3 200 vignette.js Show response
icdn.ensonhaber.com/cdn/interstitial/ 6 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.2.0
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 2833
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Mon, 17 May 2021 18:42:21 GMT
server: cloudflare
etag: W/"60a2b90d-1732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 71a13a6bbdcc6955-FRA
cf-bgj: minify

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 63ms
38ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 71a13a6bfca690ac-FRA
date: Sun, 12 Jun 2022 08:31:05 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1866
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 15 Jun 2022 08:31:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 717
date: Sun, 12 Jun 2022 08:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 12 Jun 2022 10:19:08 GMT

GET
H3 200 coreupdate.js Show response
icdn.ensonhaber.com/cdn/desktop/core/ 15 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/core/coreupdate.js?version=2.0.0.0.5.2.0
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1bcd1e601687bdc5c2c84ac1616cff05cb81d0710fbd05b99431716a7060c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 2456
x-msg-hkn: js
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Thu, 24 Mar 2022 07:36:49 GMT
server: cloudflare
etag: W/"623c1f91-3d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 71a13a6c8fd86955-FRA
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 111ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8bce086613a84e74f264eeb09c5b6b42e9739da46728a27287b35d48eca0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28073
x-xss-protection: 0
server: sffe
etag: "1242 / 160 of 1000 / last-modified: 1654898807"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Jun 2022 08:31:05 GMT

GET
H3 200 ronaldo_9382.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger//kok/2022/06/12/ 9 KB
10 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger//kok/2022/06/12/ronaldo_9382.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d07c40bf9503ff81735655a5a0eb552757ae6e78115fb20f2885778a1c3d9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1069
cf-polished: origSize=9850, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 287
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e5ac5b8a6b8caa03ae4ab86658a8e163b6f273c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 08:12:57 GMT
cache-control: max-age=86400,public
content-length: 9650
cf-ray: 71a13a6c8fe26955-FRA
x-msg-cdn: 02

GET
H3 200 IMG20220612105050.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger//kok/2022/06/12/ 12 KB
12 KB 29ms
28ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger//kok/2022/06/12/IMG20220612105050.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc687e553eb05d7a2b47e6a251c6c6d2c408448f8b59e7489844f326671ec130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 1275
cf-polished: origSize=12476, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 287
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2247f29ba85c86c92f6db14fa066a1bec730ad76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 08:09:37 GMT
cache-control: max-age=86400,public
content-length: 12277
cf-ray: 71a13a6c8fe56955-FRA
x-msg-cdn: 01

GET
H3 200 instagram_5944.jpg
icdn.ensonhaber.com/crop/189x129-85/resimler/diger//kok/2022/06/09/ 6 KB
6 KB 50ms
50ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/189x129-85/resimler/diger//kok/2022/06/09/instagram_5944.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91aea3d8e5aaa3a4c593387fe2e9441efcbf98085db37dfc47bd3170ca278f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 84053
cf-polished: origSize=5828, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 189
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "e568b975784db05dc02cea54825c43fcf46541c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 10 Jun 2022 09:08:27 GMT
cache-control: max-age=86400,public
content-length: 5692
cf-ray: 71a13a6c8fe86955-FRA
x-msg-cdn: 02

GET
H3 200 recep-tayyip-erdogan_9110.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2022/06/12/ 2 KB
2 KB 51ms
51ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2022/06/12/recep-tayyip-erdogan_9110.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0b3ac0c78fc70d6bab900b613c2dc02e281403d8c4e038d148180e068cb936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 3486
cf-polished: origSize=1780, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 55
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "22e089abe97b5d807379b7ebb13135f87e1ac86d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 07:20:30 GMT
cache-control: max-age=86400,public
content-length: 1642
cf-ray: 71a13a6c8fea6955-FRA
x-msg-cdn: 02

GET
H3 200 IMG20220612065110.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2022/06/12/ 1 KB
2 KB 30ms
30ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2022/06/12/IMG20220612065110.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c467e4b0737cf1db863f4cd4bcefe5c18c9a1b1f1e2e05538a81bc1dc0c03d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 30m
cf-cache-status: HIT
age: 14364
cf-polished: origSize=1574, status=webp_bigger
x-msg-hkn: crop
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
hakan: 55
accept-ranges: bytes
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "91178d35362039b763fcfe6d7adbfe628234ce77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 13 Jun 2022 04:30:30 GMT
cache-control: max-age=86400,public
content-length: 1354
cf-ray: 71a13a6c8fec6955-FRA
x-msg-cdn: 01

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 110ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/interstitial/vignette.js?v=2.0.0.0.5.2.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5026b01731e4adfd89a7941fe90121c186f82969ae7891dbfc8f349ffd1404d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28074
x-xss-protection: 0
server: sffe
etag: "1242 / 730 of 1000 / last-modified: 1654898836"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 Jun 2022 08:31:05 GMT

GET
H3 200 cdtgynynf_7185.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/05/05/ 23 KB
24 KB 42ms
42ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/05/05/cdtgynynf_7185.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fe55ce34812a6ff868729fa8e85b124fb3368980f4254b3415597d7c1ee3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 50845
cf-polished: origFmt=jpeg, origSize=62474
x-msg-hkn: /
content-length: 23714
content-disposition: inline; filename="cdtgynynf_7185.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Thu, 05 May 2022 12:08:01 GMT
server: cloudflare
etag: "6273be21-f40a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 04 Jul 2022 12:35:40 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a6d8add6955-FRA
cf-bgj: imgq:100,h2pri

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 78ms
31ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1011498549&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&ul=en-us&de=UTF-8&dt=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=537875612&gjid=2053197259&cid=2122549960.1655022665&tid=UA-955423-1&_gid=1476441647.1655022665&_r=1&gtm=2ou680&z=144070950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 4 KB
2 KB 42ms
31ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/207ef608-349f-4b57-a7e5-6d1a5521eb06/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edebdffb74b054dc0a260bf1d2177c4fb560d70b1578ea1d96e56cec69a2f66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2475
cf-polished: origSize=4574
status: 200 OK
x-envoy-upstream-service-time: 38
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5202861c-f615-44f5-80c3-1b1861d1346e
x-runtime: 0.035585
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"459263087abee67fd00b326f9647874b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 71a13a6e1f1a8ff5-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 12 Jun 2022 09:31:05 GMT

GET
H3 200 pubads_impl_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 71ms
24ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 06:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127852
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 12 Jun 2023 06:02:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 238 B
163 B 85ms
34ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

619964eecc492261692c39092978fc5351ea685d6e0ab603bd6ee08600c9652f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
expires: Sun, 12 Jun 2022 08:31:06 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9667.CxLwjpaitaw43cISrBwMThFGZXjp5z5xUxQ-O7lxAFfNBoEHiTedCVxhsbNebxlU.g4dwfdQiKzeUypiveMKn5BXUvao%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9667.9r9D-j9UXjDqGDVBog2AfIEm9MNgcE03U2oDswzYGSmmllVoAU-DUDo_tlZZaLY6S9_dkkUFSqL23ofxkFk4Zg%2C%2C.g1VgP_JGloy-wyv6RK8lA5XiWhE%2C

75 B
75 B

75ms
74ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9667.9r9D-j9UXjDqGDVBog2AfIEm9MNgcE03U2oDswzYGSmmllVoAU-DUDo_tlZZaLY6S9_dkkUFSqL23ofxkFk4Zg%2C%2C.g1VgP_JGloy-wyv6RK8lA5XiWhE%2C

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9667.9r9D-j9UXjDqGDVBog2AfIEm9MNgcE03U2oDswzYGSmmllVoAU-DUDo_tlZZaLY6S9_dkkUFSqL23ofxkFk4Zg%2C%2C.g1VgP_JGloy-wyv6RK8lA5XiWhE%2C
date: Sun, 12 Jun 2022 08:31:06 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 81ms
81ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
last-modified: Tue, 07 Jun 2022 10:28:05 GMT
etag: "629efe05-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 12 Jun 2022 09:31:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 99ms
29ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-955423-1&cid=2122549960.1655022665&jid=537875612&gjid=2053197259&_gid=1476441647.1655022665&_u=YEBAAUAAAAAAAC~&z=1833531501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 12 Jun 2022 08:31:06 GMT
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ui Show response
m.ensonhaber.com/api/uye/ 4 KB
772 B 104ms
94ms XHR
text/html 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.ensonhaber.com/api/uye/ui?i=500
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.5.2.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.14
Resource Hash: b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1

Request headers

Accept: */*
Referer: https://www.ensonhaber.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cf-ray: 71a13a6eaa0a92b9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 32ms
32ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 71a13a6eef5290ac-FRA
date: Sun, 12 Jun 2022 08:31:06 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1864
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 12 Jul 2022 08:31:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 95ms
31ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 102ms
32ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 976 B
559 B 174ms
174ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=55574302961182&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2Cinterstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2447352499&sfv=1-0-38&ecs=20220612&ists=1&fas=8&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1655022664844&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d148ac4ee1a168077e9b5d6247c0b220a29710a3d5b49a022b37e83dcf8d4724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 529
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
277 B 169ms
168ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=1639998684880852&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_DETAY%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x250%7C728x90%7C970x250&ifi=2&adks=2454138541&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664851&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

1a20e17309448a6f3964e6592dcecbe228a2113dcc70ab749f58b87878dc88b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
255 B 56ms
56ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=4462552124916506&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2Coop&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&adks=30618056&sfv=1-0-38&ecs=20220612&ists=1&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664854&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=0&adys=8514&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x8513&msz=0x0&fws=128&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

42cd474be28e2f84a731a592f26ec8401b51e56360d2e92f7c9af24a9a201281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3D99 6 KB
4 KB 110ms
30ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 12 Jun 2022 08:31:06 GMT
expires: Mon, 12 Jun 2023 08:31:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 23ms
23ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022060801.js?cb=31067981

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

92245b71c3514c75e468315016a811a400a9ba3a5232a50ec17c87eb0488ce08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 10:57:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250434
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13409
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 09 Jun 2023 10:57:12 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 100ms
47ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-955423-1&cid=2122549960.1655022665&jid=537875612&_u=YEBAAUAAAAAAAC~&z=40828715

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 99ms
46ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-955423-1&cid=2122549960.1655022665&jid=537875612&_u=YEBAAUAAAAAAAC~&z=40828715

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 82 KB
28 KB 247ms
246ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=2732190790107539&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_right_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&ifi=4&adks=1348310005&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664920&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=1404&adys=20&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c09540598b31700e34b52ad0dedc1506f241395e30f82cd45bc53f52890fda99

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXY-_C_p_gCFbaB_Qcdj9YOAQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14577188022949773312/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXY-_C_p_gCFbaB_Qcdj9YOAQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/14577188022949773312/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28305
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 12 Jun 2022 08:31:06 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 268ms
267ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=1810406778232985&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_left_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&ifi=5&adks=4241260832&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664926&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=56&adys=20&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b28b238b3d369ae9390885cdb4d6170a420403c84910a76f5bb11e7d923371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10543
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
12 KB 452ms
451ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=2047590433346311&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Csidebar_top_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C336x280&ifi=6&adks=1104784457&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664931&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=1072&adys=1050&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=336x0&msz=336x0&fws=512&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e7bf300a3eedac412f3f0be4ac56077f7b2abc961f33be02758d353b8a01b297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12520
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
13 KB 274ms
273ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=1725638635796488&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&ifi=7&adks=1004805489&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&cust_params=kategori%3Danasayfa&sc=1&cookie_enabled=1&abxe=1&dt=1655022664936&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=436&adys=961&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

af741c0cff3b83ddf5ae3a85373333a4f219338f76dac8214b8f522be448285a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12804
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 55 KB
12 KB 360ms
359ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051504353787673&correlator=25193362710650&eid=31067981%2C31062931&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&ifi=8&adks=2349374733&sfv=1-0-38&ecs=20220612&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1655022664941&lmt=1655022621&dlt=1655022663947&idt=796&biw=1600&bih=1200&adxs=436&adys=165&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.ensonhaber.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=0&ohw=0&ga_vid=2122549960.1655022665&ga_sid=1655022665&ga_hid=1011498549&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

26ea4b148b625890a301a076b45386e4e1b32dd2b270a1aeb30e633a89c57489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12631
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/24056266/
Redirect Chain

https://mc.yandex.com/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf...

331 B
413 B

78ms
78ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A514387080530%3Ahid%3A499074224%3Az%3A0%3Ai%3A20220612083104%3Aet%3A1655022665%3Ac%3A1%3Arn%3A226135943%3Arqn%3A1%3Au%3A1655022665421627156%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655022663558%3Ads%3A0%2C52%2C74%2C6%2C253%2C0%2C%2C276%2C0%2C%2C%2C%2C663%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655022665%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0bb5515c4ddaa98d31777ba03a13c582b1a2ed3666a0d37e9cb8cfd043817f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 12-Jun-2022 08:31:06 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 12-Jun-2022 08:31:06 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:06 GMT
last-modified: Sun, 12-Jun-2022 08:31:06 GMT
location: /watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1axv6s0ia3io6gzr3q60o%3Afp%3A475%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A815%3Acn%3A1%3Adp%3A0%3Als%3A514387080530%3Ahid%3A499074224%3Az%3A0%3Ai%3A20220612083104%3Aet%3A1655022665%3Ac%3A1%3Arn%3A226135943%3Arqn%3A1%3Au%3A1655022665421627156%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1655022663558%3Ads%3A0%2C52%2C74%2C6%2C253%2C0%2C%2C276%2C0%2C%2C%2C%2C663%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1655022665%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 12-Jun-2022 08:31:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 109ms
39ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

383b831207997668bffc6ce5c7a5b88adbf1c2301b6b41f3baa39dcaef3f7cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 12 Jun 2022 08:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10710
x-xss-protection: 0

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/ 192 B
641 B 86ms
59ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/207ef608-349f-4b57-a7e5-6d1a5521eb06/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 10
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9e42fd66-e213-4ed3-a5f2-60712c7fc6e6
x-runtime: 0.009063
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dbc49bc6ae6902c8dd6950a3fc42196d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 71a13a70fe829195-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
img.onesignal.com/permanent/ 18 KB
18 KB 408ms
394ms Image
image/png 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/d1630880-9e4d-42e6-b76f-4a008b3e9b20.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:06 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 73VV7018MZAEM4MZ
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18279
x-amz-id-2: /OrML1brMnxuK2mmLYZi4Zih0xqUbFsRWFG4BGu9LGXkDK9mPA55IFhOaVpYyWHXiHvXCFgcGnM=
last-modified: Tue, 31 Mar 2020 16:09:33 GMT
server: cloudflare
etag: "0088cf87fd11f035d81a2c095cc58322"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 71a13a717b638ff5-FRA
expires: Wed, 13 Jul 2022 08:31:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1342ms
1279ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 08:31:07 GMT

GET container.html
cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CAF0 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012205232225000/ 220 KB
61 KB 106ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205232225000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f58f3312c76a6f539c52aec847073a1006d926523a05488196a4cbbd65a65e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61365
x-xss-protection: 0
server: sffe
date: Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4579876533dc4005"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Jun 2023 15:59:04 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012205232225000/v0/ 14 KB
5 KB 144ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205232225000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0adf1237c7f4225da0d9caa843c47f93486794e415e4db68a59df3a689041334

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5185
x-xss-protection: 0
server: sffe
date: Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e8b03820359a38cb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Jun 2023 15:59:04 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012205232225000/v0/ 94 KB
28 KB 146ms
63ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205232225000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c9452fde41ea8c1edaeaac061cdbc3e61c14ad4fd3eb1ebb08fd4c2a1b5796

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28839
x-xss-protection: 0
server: sffe
date: Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fea41acf0887ba56"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Jun 2023 15:59:04 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012205232225000/v0/ 5 KB
2 KB 156ms
73ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205232225000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04b9c4e75a95191d5d055f6a0b43ecabbe26a8c0c804e7fbb88b4a7f02d1de1e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1905
x-xss-protection: 0
server: sffe
date: Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "544a564eb1dfeb4f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Jun 2023 15:59:04 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012205232225000/v0/ 40 KB
13 KB 156ms
74ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012205232225000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js?cb=31067981

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66adaa239f3adfca9c0b4dff99152181b29fd61b12cdc990dea1c6f98a3692a4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 491522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
server: sffe
date: Mon, 06 Jun 2022 15:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "52c760a2cdc81e95"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 06 Jun 2023 15:59:04 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cddee75d9b077767bd6cd03ebbe594d8b899686c572129b645ba23c89218f411

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7817963132747035939
tpc.googlesyndication.com/simgad/ 49 KB
49 KB 24ms
22ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7817963132747035939?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnTyyAaVKRQZNTo2I0iOsEqZsw95w

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bdc622aec34779874430175735ff612bf14465823c329347877f8054dfb5820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 07:09:51 GMT
x-content-type-options: nosniff
age: 350475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49685
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 12:07:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 08 Jun 2023 07:09:51 GMT

GET
H2 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ 3 KB
3 KB 59ms
56ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 02:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 20266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9957912877679239782
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Mon, 13 Jun 2022 02:53:20 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ 344 B
574 B 58ms
55ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 55921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 12 Jun 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 78ms
31ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrOvhgH1G5GUhR8Lj736fwTXaIBqpu_I9tqKt4OfzF8RD9ZqKtCDsi0C7Vxicq9Rzi5r74BUDE8IW2QAsZXtlvqzl8bA
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 76ms
74ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnIGySqSlYviWE7SI9u8PrpS-yAHyufvLatH61uTsD9vZHhABINaG2yVglQKgAcvJveMDyAECqQLs2hRnpl5vPuACAKgDAcgDCKoEiwJP0EfWuFUegE4qFvqTLQtD0umLgzmxWguxrS-c2VB855jdvqXIB30s2tSA_jXAfw8yjkiPxhfYwZhexEvy1eTqr2JDHv8EcugPKXQQTFTLSZxDxC-eJqBLJc1jBn2etEFzL_C27xFZwNygWfvAuuPWD5qiw-53d3WJR7euQ1MZ530KbmlzVlItZuQCKu0OIJVb76CRVgOXMMLRU7gf11xXHLjOUqBa0-tY6IN-caQIGMME1k8-QOnpkg7aCeSKNo5SL2oKEJAvH85XSQfGtefM4C2FijQNq1sBJ2S5MZ0Dhw0PjlUYVE5x15IyKje9wyNa0QqrA4ru2GEB2oKEJ7XVnaMX0lYHbokkOfDABN3_5LrzA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAedtsIcqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-LIF0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItODYwMTU4NTUwNTcwMTk0Nxi-lw4&sigh=CMMn3rfJpdA&uach_m=[UACH]
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

125ms
70ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Redirect headers

date: Sun, 12 Jun 2022 08:31:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 109ms
64ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuq6fXRBzqXenSx026Pery9Sb1c-9Vzdq6_zg6fqgRc8Vai-KFcvbOWtGYeQWju_7kxzaIvR6fP3LzS5FmGcL--KBKw_WuaFePvhJ4mQkQYwKTScG4gSYQdDH8ZbUhRULNZJc&sai=AMfl-YQUfGFUGhJltZQH6pQ9djNvJafqNgROjGtNCmHcxkPM_jsMR3iWpp1kabP5dfImRikd_Kg8hTQFu4AVT7TlfpkbXv3aF19d6P-c_XZVx-N7hwnKbwc6q4MP4wI&sig=Cg0ArKJSzDM8rSyFYV_UEAE&cid=CAASF-RouCP8-gfpZyF8UoaUFtcdA7Ilunre&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=1894&tls=2894&g=100&h=100&tt=2895&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=4241260832

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Jun 2022 08:31:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 venezuelada_3670.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/ 124 KB
124 KB 46ms
46ms Image
image/jpeg 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/venezuelada_3670.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7417a86cab6694e8bfbd9700be8fdcee8e017251947c32bb2e4e91a8bf716f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:10 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 3578
cf-polished: origSize=163128, status=webp_bigger
x-msg-hkn: /
content-length: 126500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 12 Jun 2022 07:31:59 GMT
server: cloudflare
etag: "62a5966f-27d38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 07:31:11 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a8c09ac6955-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 esenyurt_6427.jpg
icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/ 74 KB
74 KB 59ms
58ms Image
image/webp 2606:4700:10::6816:48e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2022/06/12/esenyurt_6427.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:48e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18046adbe16fcdc19f965382a28a73e0394bb823079e14191315038871cf8a63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 08:31:10 GMT
x-msg-05: fetch: save cache with 1M
cf-cache-status: HIT
age: 1280
cf-polished: origFmt=jpeg, origSize=187568
x-msg-hkn: /
content-length: 75802
content-disposition: inline; filename="esenyurt_6427.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-vtex-cache-status-nginx-thumbor: HIT
last-modified: Sun, 12 Jun 2022 08:10:08 GMT
server: cloudflare
etag: "62a59f60-2dcb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 11 Aug 2022 08:09:37 GMT
cache-control: max-age=5356800
accept-ranges: bytes
cf-ray: 71a13a8c4a3f6955-FRA
cf-bgj: imgq:100,h2pri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com
URL: https://cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ensonhaber.com/	1970-01-20 21:14:54	Name: _ga Value: GA1.2.2122549960.1655022665
.ensonhaber.com/	1970-01-20 03:45:09	Name: _gid Value: GA1.2.1476441647.1655022665
.ensonhaber.com/	1970-01-20 03:43:42	Name: _gat_gtag_UA_955423_1 Value: 1
.ensonhaber.com/	1970-01-20 12:29:18	Name: _ym_uid Value: 1655022665421627156
.ensonhaber.com/	1970-01-20 12:29:18	Name: _ym_d Value: 1655022665
.mc.yandex.com/	1970-01-20 03:43:43	Name: sync_cookie_csrf Value: 1648114479fake
.ensonhaber.com/	1970-01-20 03:44:54	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 03:43:43	Name: sync_cookie_csrf Value: 110043533fake
.yandex.com/	1970-01-20 12:29:18	Name: yandexuid Value: 2247445521655022666
.yandex.com/	1970-01-20 12:29:18	Name: yuidss Value: 2247445521655022666
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 383533031655022666
.yandex.com/	1970-01-23 19:19:42	Name: i Value: 4BQRUhwHGbznmBCBvmhwj/MD6p3rD/6x055NtVjDMakD6nTDnEvlHD48kisVdP7LjGgvsoB8oKGJ9idlZLex149xlfI=
.yandex.com/	1970-01-20 12:29:18	Name: ymex Value: 1686558666.yrts.1655022666#1686558666.yrtsi.1655022666
.doubleclick.net/	1970-01-20 13:05:18	Name: IDE Value: AHWqTUlstvU9t7VivvSczbPhzQdQ0H71DvNeWWT9d-HWPesNctg0O6efaYfUdZ7INRM
.ensonhaber.com/	1970-01-20 13:05:18	Name: __gads Value: ID=1a03e3682410bb6b:T=1655022666:S=ALNI_MYHF49cAwyNN1Iz-jdYxhUAeHNlqQ
.doubleclick.net/	1970-01-20 03:43:46	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9667.9r9D-j9UXjDqGDVBog2AfIEm9MNgcE03U2oDswzYGSmmllVoAU-DUDo_tlZZaLY6S9_dkkUFSqL23ofxkFk4Zg%2C%2C.g1VgP_JGloy-wyv6RK8lA5XiWhE%2C Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012205232225000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://tpc.googlesyndication.com/ Message: Refused to frame 'https://tpc.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/ Message: Refused to frame 'https://www.google.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security	error	URL: https://tpc.googlesyndication.com/sodar/sodar2.js(Line 34) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('null').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.onesignal.com
ensonhaber.com
googleads.g.doubleclick.net
icdn.ensonhaber.com
img.onesignal.com
m.ensonhaber.com
mc.yandex.com
mc.yandex.ru
onesignal.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.ensonhaber.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cd03a0527999191fd9dcd8695ffbd3f0.safeframe.googlesyndication.com
142.250.184.194
2606:4700:10::6816:48e7
2606:4700:10::6816:49e7
2606:4700::6812:e234
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c07::9d
2a02:6b8::1:119
01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2
04b9c4e75a95191d5d055f6a0b43ecabbe26a8c0c804e7fbb88b4a7f02d1de1e
07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d
0adf1237c7f4225da0d9caa843c47f93486794e415e4db68a59df3a689041334
0bb5515c4ddaa98d31777ba03a13c582b1a2ed3666a0d37e9cb8cfd043817f98
0e05b4d98ed4231ac519df0a3e2f34f5cc4f3e5ddb3cb2ae01c69deb66d76497
15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0
18046adbe16fcdc19f965382a28a73e0394bb823079e14191315038871cf8a63
18fe55ce34812a6ff868729fa8e85b124fb3368980f4254b3415597d7c1ee3e6
1a20e17309448a6f3964e6592dcecbe228a2113dcc70ab749f58b87878dc88b9
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1edebdffb74b054dc0a260bf1d2177c4fb560d70b1578ea1d96e56cec69a2f66
1f1bcd1e601687bdc5c2c84ac1616cff05cb81d0710fbd05b99431716a7060c3
26ea4b148b625890a301a076b45386e4e1b32dd2b270a1aeb30e633a89c57489
27f973e6d0c20ada856bd13b2d2ab0b9b8ea7428d817023c42d6174706f86483
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d
2bb6ba6771b74fc65babcfade3725ce9e347575c18b632330bf86dbbe5b39deb
2d07c40bf9503ff81735655a5a0eb552757ae6e78115fb20f2885778a1c3d9c5
3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093
383b831207997668bffc6ce5c7a5b88adbf1c2301b6b41f3baa39dcaef3f7cae
3b34ce7f14eacf5c232be85b21aba80983c794928678e6fd3d78fb4cc95078c7
42cd474be28e2f84a731a592f26ec8401b51e56360d2e92f7c9af24a9a201281
432ffbacb885781acf24d8cfd0a15fa291516c74e58f2c42455a6be76678bd37
4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c
5026b01731e4adfd89a7941fe90121c186f82969ae7891dbfc8f349ffd1404d9
51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d00402092612e4bd86f42b21488085f96b4535b45529923792a22ff13d15b3
59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0
5c467e4b0737cf1db863f4cd4bcefe5c18c9a1b1f1e2e05538a81bc1dc0c03d4
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e0b3ac0c78fc70d6bab900b613c2dc02e281403d8c4e038d148180e068cb936
619964eecc492261692c39092978fc5351ea685d6e0ab603bd6ee08600c9652f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66adaa239f3adfca9c0b4dff99152181b29fd61b12cdc990dea1c6f98a3692a4
69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6e0bf25ce5355afdb343b342249c95e989d8d5b5a06fc32408f90c35b2960ea5
6e7417a86cab6694e8bfbd9700be8fdcee8e017251947c32bb2e4e91a8bf716f
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893
7eeb5e4875c764c87899cdb80cab6da0e08b81988c3368a4e8af255e857f592b
7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92245b71c3514c75e468315016a811a400a9ba3a5232a50ec17c87eb0488ce08
928376674df661065d1d5593bc207158d32c6775b5f16f2c5049576489b88def
9bdc622aec34779874430175735ff612bf14465823c329347877f8054dfb5820
9c683fa791ae6310ec5d0c3e00c5a821bd4ea839bb66b3bd633e8c72a83174a8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3f58f3312c76a6f539c52aec847073a1006d926523a05488196a4cbbd65a65e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad8bce086613a84e74f264eeb09c5b6b42e9739da46728a27287b35d48eca0fa
af741c0cff3b83ddf5ae3a85373333a4f219338f76dac8214b8f522be448285a
b4bb8517511ff7e750349e6a7c5281bc57561daeda76e259e938d5256ac4bf88
b7c9452fde41ea8c1edaeaac061cdbc3e61c14ad4fd3eb1ebb08fd4c2a1b5796
b94bf4eabebf55ecb48bf39a07ef75f2195ce5a1c7788d2ae1421cbf9a1369a1
bd7b4d614ad3495651e2581ce27afb5f5b090561eb1836f134fa2d1e8cbfe22b
c09540598b31700e34b52ad0dedc1506f241395e30f82cd45bc53f52890fda99
c4b28b238b3d369ae9390885cdb4d6170a420403c84910a76f5bb11e7d923371
c5db6fbcf8cc5022948eb2a5c2e24e897be912cbd0eaa1582b859b674d49c86e
cda102fdc78e36a46af3c6223b91bf8e0e15ef7ef1debb7567f57fb3b39e97e6
cddee75d9b077767bd6cd03ebbe594d8b899686c572129b645ba23c89218f411
d0850d695c89d961eace5283188c73a7517c54bcc151ae5f6d560654fa941e15
d148ac4ee1a168077e9b5d6247c0b220a29710a3d5b49a022b37e83dcf8d4724
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbc49bc6ae6902c8dd6950a3fc42196d2b5b5864bee34963521953e990b36096
dc3febafa51ce9fc0f634bb6a5398a8dcc06fa5e763bfa8e252fe586b0290079
dda8abc1292262477586481831718a54d5796d0a66a0b8e694a5b120603ac8c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bf300a3eedac412f3f0be4ac56077f7b2abc961f33be02758d353b8a01b297
e8b9dedc5630db6f206165bf8636f8c241b29648fbb33bed5f9dcbe8ef5e55f5
e91aea3d8e5aaa3a4c593387fe2e9441efcbf98085db37dfc47bd3170ca278f0
ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea
ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f571a02b29e475bb29a792e721d9b0aec365d4f0a678101d2a4025afaaa2a164
fc687e553eb05d7a2b47e6a251c6c6d2c408448f8b59e7489844f326671ec130

www.ensonhaber.com Open in urlscan Pro 2606:4700:10::6816:48e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

91 %HTTPS

94 %IPv6

12 Domains

23 Subdomains

17 IPs

4 Countries

1888 kBTransfer

3855 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ensonhaber.com Open in urlscan Pro
2606:4700:10::6816:48e7 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

91 %
HTTPS

94 %
IPv6

12
Domains

23
Subdomains

17
IPs

4
Countries

1888 kB
Transfer

3855 kB
Size

16
Cookies

91 HTTP transactions
-3 data transactions