www.ensonhaber.com Open in urlscan Pro
2606:4700:10::6816:49e7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ensonhaber.com/
Submission: On November 11 via api (November 11th 2020, 3:31:08 am UTC) from IL

Summary HTTP 109 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 14 domains to perform 109 HTTP transactions. The main IP is 2606:4700:10::6816:49e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ensonhaber.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2020. Valid for: a year.

This is the only time www.ensonhaber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	2606:4700:10:... 2606:4700:10::6816:49e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.224.93.46 13.224.93.46	16509 (AMAZON-02) (AMAZON-02)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 4	37.187.168.211 37.187.168.211	16276 (OVH) (OVH)
1	13.224.93.26 13.224.93.26	16509 (AMAZON-02) (AMAZON-02)
1	149.202.208.196 149.202.208.196	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
12	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
109	22

41 2606:4700:10::6816:49e7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icdn.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.ensonhaber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-46.zrh50.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.187.168.211 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: tr4.host.hit.gemius.pl

gatr.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.93.26 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-93-26.zrh50.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.208.196 (France)

ASN16276 (OVH, FR)
PTR: ovhfr5.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	ensonhaber.com www.ensonhaber.com icdn.ensonhaber.com m.ensonhaber.com	1 MB
20	googlesyndication.com 5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	375 KB
18	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	158 KB
6	yandex.ru 2 redirects mc.yandex.ru	97 KB
5	ampproject.org cdn.ampproject.org	107 KB
5	gemius.pl 1 redirects gatr.hit.gemius.pl ls.hit.gemius.pl	12 KB
4	google.com 1 redirects www.google.com adservice.google.com	1 KB
3	googletagservices.com www.googletagservices.com	75 KB
2	google.de www.google.de adservice.google.de	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	5 KB
1	googleadservices.com partner.googleadservices.com	469 B
1	onesignal.com cdn.onesignal.com	3 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
109	14

	Domain	Requested by
39	icdn.ensonhaber.com	www.ensonhaber.com icdn.ensonhaber.com
12	securepubads.g.doubleclick.net	icdn.ensonhaber.com www.googletagservices.com securepubads.g.doubleclick.net www.ensonhaber.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.ensonhaber.com cdn.ampproject.org
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net icdn.ensonhaber.com pagead2.googlesyndication.com
6	mc.yandex.ru	2 redirects www.ensonhaber.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	gatr.hit.gemius.pl	1 redirects www.ensonhaber.com gatr.hit.gemius.pl
3	www.google.com	1 redirects www.ensonhaber.com securepubads.g.doubleclick.net
3	www.googletagservices.com	icdn.ensonhaber.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	m.ensonhaber.com	icdn.ensonhaber.com
1	www.google.de	www.ensonhaber.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gatr.hit.gemius.pl
1	certify.alexametrics.com	www.ensonhaber.com
1	certify-js.alexametrics.com	www.ensonhaber.com
1	cdn.onesignal.com	www.ensonhaber.com
1	www.googletagmanager.com	www.ensonhaber.com
1	www.ensonhaber.com
109	24

This site contains links to these domains. Also see Links.

Domain
videonuz.ensonhaber.com
breakingnewsturkey.com
destek.ensonhaber.com
fb.me
twitter.com
instagram.com
www.pefino.com
www.friv.com.tr
ensonhaber.me

Subject Issuer	Validity	Valid
ensonhaber.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.ensonhaber.com/
Frame ID: 63FF9C43F208F74F7C2B97C75E1B6A0C
Requests: 79 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 2027D5FD6D0F5E2B878E79C98ED5E55B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYI4AkQMpQ9WGQkEVjQiSOiPrzXA0KDDE4qrqtr5FZkInU-Swuua5CxPnISh7gzZwFArDJX9jHl3pLbt-tn0V_o6po6X4cYn587_lXsUZfOGy0suOcIZgNEZYF09IB0gfGWOVYhNxd7gCbEuP21RpSjiHDjX8ULaVqT7Xg8CXhO5Et9BMP8MGsoi3Uur1ul79n11c-anN6sDScBPWeb2MAamEYIG4oEDYoRztUNip_ZyTDCM6NKu4mBkMvUnVtr5bvkXAF4TFmD2NWi_T__SP2g75QGmMsKbKSJQ&sai=AMfl-YSXKkXp7CxhUfwkO73KgQgb4YCm0QEDgqCVc9qSCF7T4mujohll16bdKAKvjRcYWIDEB_FV4Ohja0WPiJUdBumLVFY94v3KIsBOQQm2tMt7IZPt19PyP7XkkzdOiIw&sig=Cg0ArKJSzMjTQjiIRvKrEAE&adurl=
Frame ID: DE5632A7EA3B9CFD0F1F7CADBAC17FDF
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E5D71118C30D414121023AE7A6EBA79C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js
Frame ID: 4E4167261E3B4DD1D92473E026AF7F87
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html
Frame ID: 4E3259E9A162D1FD0DF0E72ED592C7DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=250&slotname=4937467496&adk=3930559219&adf=278506678&pi=t.ma~as.4937467496&w=970&lmt=1605065449&psa=0&format=970x250&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448917&bpp=13&bdt=1334&idt=128&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&correlator=6586743889900&frm=20&pv=2&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=1209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=DdF5NVRwDw&p=https%3A//www.ensonhaber.com&dtd=144
Frame ID: 7F7AC0A07413E8A0D5EA916E1226EBDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&adk=1812271804&adf=3025194257&lmt=1605065449&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448930&bpp=3&bdt=1348&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=152
Frame ID: A20D9115D7291A48A8A17AF759B8F9D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=600&slotname=7766810810&adk=3587751653&adf=102127721&pi=t.ma~as.7766810810&w=300&lmt=1605065449&psa=0&format=300x600&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448961&bpp=2&bdt=1379&idt=132&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250%2C0x0&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=KMPJWrxhns&p=https%3A//www.ensonhaber.com&dtd=136
Frame ID: D193B37DA17CE8E21BE783D060BA21CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

109
Requests

98 %
HTTPS

71 %
IPv6

14
Domains

24
Subdomains

22
IPs

5
Countries

2295 kB
Transfer

4310 kB
Size

13
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://videonuz.ensonhaber.com/
Title: Video

Search URL Search Domain Scan URL

URL: https://breakingnewsturkey.com/
Title: ENGLISH

Search URL Search Domain Scan URL

URL: https://destek.ensonhaber.com/
Title: İletişim

Search URL Search Domain Scan URL

URL: https://fb.me/ensonhaber
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/ensonhaber
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/ensonhaber
Title:

Search URL Search Domain Scan URL

URL: https://www.pefino.com/
Title: Bedava Girl Games

Search URL Search Domain Scan URL

URL: https://www.friv.com.tr/oyun/kimmilyonerolmakister
Title: Kim milyoner olmak ister oyna friv

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/eski-askerden-biden-a-oyumu-neden-savas-yanlisi-birine-vereyim
Title: Eski askerden Biden'a: Oyumu neden savaş yanlısı birine vereyim Video Haber 24 dakika önce 1.345

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/hulki-cevizoglu-ataturk-e-bilerek-yanlis-tedavi-uygulandi
Title: Hulki Cevizoğlu: Atatürk'e bilerek yanlış tedavi uygulandı Video Haber 4 saat önce 1.578

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/kayseri-de-sabah-tamirden-cikan-arac-aksam-yanarak-kullanilamaz-hale-geldi
Title: Kayseri'de sabah tamirden çıkan araç, akşam yanarak kullanılamaz hale geldi Video Haber 7 saat önce 1.471

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/izmir-de-binanin-cokus-ani
Title: İzmir'de binanın çöküş anı Video Haber 8 saat önce 1.320

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/izmir-deki-depremden-10-saat-sonra-cikarilan-gunay-o-anlari-anlatti
Title: İzmir'deki depremden 10 saat sonra çıkarılan Günay o anları anlattı Video Haber 8 saat önce 1.420

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/kayseri-de-krantinada-olmasi-gereken-genc-otelde-yakalandi
Title: Kayseri'de krantinada olması gereken genç otelde yakalandı Video Haber 9 saat önce 1.421

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/canakkale-de-koyun-tek-batinda-5-kuzu-dogurdu
Title: Çanakkale'de koyun tek batında 5 kuzu doğurdu Video Haber 10 saat önce 1.462

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/istanbul-da-feto-suphelisi-komur-silolarinda-yakalandi
Title: İstanbul'da FETÖ şüphelisi kömür silolarında yakalandı Video Haber 11 saat önce 1.504

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/kocaeli-de-kardeslerin-alacak-verecek-kavgasi-3-yarali
Title: Kocaeli'de kardeşlerin alacak verecek kavgası: 3 yaralı Video Haber 12 saat önce 1.538

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/erzurum-da-oltulu-kadinlar-karnavas-basortulerini-japonlar-icin-dokuyacak
Title: Erzurum’da Oltulu kadınlar Karnavas başörtülerini Japonlar için dokuyacak Video Haber 12 saat önce 1.421

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/ermenistan-meclis-baskani-ararat-mirzoyan-linc-edildi
Title: Ermenistan Meclis Başkanı Ararat Mirzoyan, linç edildi Video Haber 1 gün önce 8.310

Search URL Search Domain Scan URL

URL: https://videonuz.ensonhaber.com/izle/ermenistan-da-halk-hukumet-binasini-basti
Title: Ermenistan'da halk, hükümet binasını bastı Video Haber 1 gün önce 4.993

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/facebook
Title:

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/twitter
Title:

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/instagram
Title:

Search URL Search Domain Scan URL

URL: https://ensonhaber.me/youtube
Title:

Search URL Search Domain Scan URL

URL: https://destek.ensonhaber.com/index.php?a=add&category=6
Title: Görüş Bildir

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://mc.yandex.ru/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043048%3Aet%3A1605065448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A875217908980%3Arqn%3A1%3Arn%3A881353872%3Ahid%3A363697987%3Ads%3A1%2C14%2C89%2C52%2C1%2C0%2C0%2C210%2C0%2C%2C%2C%2C328%3Afp%3A302%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065448%3Au%3A1605065448976097526%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler HTTP 302
https://mc.yandex.ru/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043048%3Aet%3A1605065448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A875217908980%3Arqn%3A1%3Arn%3A881353872%3Ahid%3A363697987%3Ads%3A1%2C14%2C89%2C52%2C1%2C0%2C0%2C210%2C0%2C%2C%2C%2C328%3Afp%3A302%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065448%3Au%3A1605065448976097526%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler

Request Chain 47

https://gatr.hit.gemius.pl/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ensonhaber.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=320&lsdata=RujB.46B216FVv0JtNopLQhELjqDY8aC4lQJGs.w9Jr.a7cISvtMx_0w2g66Vagtid3O52zNhtXinnKqi6h0XEYBlyp7/U0hWVa0X3sqBs/&fpdata=60pmYHH0SiwLrL82wu05lE.6ZkLVWSC80TobVJagDXj.T7&vis=1 HTTP 301
https://gatr.hit.gemius.pl/__/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ensonhaber.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=320&lsdata=RujB.46B216FVv0JtNopLQhELjqDY8aC4lQJGs.w9Jr.a7cISvtMx_0w2g66Vagtid3O52zNhtXinnKqi6h0XEYBlyp7/U0hWVa0X3sqBs/&fpdata=60pmYHH0SiwLrL82wu05lE.6ZkLVWSC80TobVJagDXj.T7&vis=1

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 107

https://mc.yandex.ru/watch/24056266?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043103%3Aet%3A1605065463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Als%3A875217908980%3Arqn%3A2%3Arn%3A1068725290%3Ahid%3A363697987%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1066%2C1066%2C3%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065463%3Au%3A1605065448976097526 HTTP 302
https://mc.yandex.ru/watch/24056266/1?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043103%3Aet%3A1605065463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Als%3A875217908980%3Arqn%3A2%3Arn%3A1068725290%3Ahid%3A363697987%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1066%2C1066%2C3%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065463%3Au%3A1605065448976097526

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ensonhaber.com/ 180 KB
21 KB 106ms
89ms Document
text/html 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.14
Resource Hash: d8582fa49041c89fb626b438a3596d633611da6a6585c33bb21d078c17e1c7e1

Request headers

:method: GET
:authority: www.ensonhaber.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 11 Nov 2020 03:30:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dfc2973fd8e1ac3a72a142d942c314fb51605065447; expires=Fri, 11-Dec-20 03:30:47 GMT; path=/; domain=.ensonhaber.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/7.2.14
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 0656f4303c0000d72d48265000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f04efc6cf53d72d-FRA
content-encoding: br

GET
H2 200 main.min.css
icdn.ensonhaber.com/cdn/desktop/css/ 137 KB
24 KB 39ms
16ms Stylesheet
text/css 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ddf7be081bff1fbbf36ac60e61cef701f9dd29533517195ec3053bbbb7b3d0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 107295
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430bd0000d72d2b951000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 03 Nov 2020 08:21:42 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fa11316-22561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc79801d72d-FRA
x-gostream-maincache-status: HIT
expires: Sat, 21 Nov 2020 21:42:32 GMT

GET
H2 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
33 KB 42ms
19ms Script
application/javascript 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 170261
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430bf0000d72d161d4000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 27 Oct 2020 10:12:11 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5f97f27b-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 21 Nov 2020 04:13:06 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc79805d72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: minify

GET
H2 200 home.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 238 KB
63 KB 45ms
23ms Script
application/javascript 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/home.js?v=2.0.0.0.4.4.5
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5585879da2f934e8b153abec759c94a1f2e3366fce734474251bb702890f41db

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 107295
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430be0000d72d2c8c4000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Thu, 05 Nov 2020 08:00:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fa3b113-3b662"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 21 Nov 2020 21:42:32 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc79803d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: minify

GET
H2 200 sf-r.woff2
icdn.ensonhaber.com/cdn/desktop/fonts/ 28 KB
28 KB 56ms
21ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/sf-r.woff2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8

Request headers

Origin: https://www.ensonhaber.com
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 264854
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 28560
cf-request-id: 0656f430cb00002c01d92b2000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-6f90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7abae2c01-FRA
x-gostream-maincache-status: HIT
expires: Fri, 20 Nov 2020 01:56:33 GMT

GET
H2 200 h-m.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
89 KB 46ms
12ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-m.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2

Request headers

Origin: https://www.ensonhaber.com
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 513718
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 90660
cf-request-id: 0656f430cb00002c011b89f000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-16224"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7abaf2c01-FRA
x-gostream-maincache-status: HIT
expires: Tue, 17 Nov 2020 04:48:49 GMT

GET
H2 200 esh-icon.ttf
icdn.ensonhaber.com/cdn/desktop/fonts/ 12 KB
12 KB 44ms
10ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/esh-icon.ttf?v=1.4
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c

Request headers

Origin: https://www.ensonhaber.com
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 162181
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 11912
cf-request-id: 0656f430cb00002c0130945000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-2e88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7abb02c01-FRA
x-gostream-maincache-status: HIT
expires: Sat, 21 Nov 2020 06:27:46 GMT

GET
H2 200 h-sb.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 89 KB
89 KB 55ms
21ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-sb.otf
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d

Request headers

Origin: https://www.ensonhaber.com
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 427601
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 91284
cf-request-id: 0656f430cb00002c01f38a5000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-16494"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7abb12c01-FRA
x-gostream-maincache-status: HIT
expires: Wed, 18 Nov 2020 04:44:06 GMT

GET
H2 200 logo.png
icdn.ensonhaber.com/cdn/desktop/img/ 14 KB
15 KB 21ms
15ms Image
image/png 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/logo.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 265240
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 14744
cf-request-id: 0656f430d30000d72d36b57000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-3998"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b81cd72d-FRA
x-gostream-maincache-status: MISS
expires: Fri, 20 Nov 2020 01:50:07 GMT

GET
H2 200 36-s.png
icdn.ensonhaber.com/cdn/mobil/assets/img/weather/ 3 KB
4 KB 20ms
14ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/mobil/assets/img/weather/36-s.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f83acd40c68b9ccf326a2b7e9a9c1ee0b1469669bb3135f97decfd0c4a2b7f76

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 694157
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=png, origSize=5364
status: 200
content-disposition: inline; filename="36-s.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 3310
cf-request-id: 0656f430d40000d72d222fa000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 15 Mar 2020 15:34:41 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5e6e4b11-14f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 15 Nov 2020 02:41:30 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b81dd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 h_9050.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 73 KB
74 KB 23ms
16ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/h_9050.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a78a9b6e5c11cd749e0864d629f4ffbfb548fe4b64828947b600d811ed4547

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 1712
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=78755, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 75046
cf-request-id: 0656f430d40000d72d07338000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Wed, 11 Nov 2020 03:01:48 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab541c-133a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 23 Nov 2020 03:02:15 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc7b820d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 ph.png
icdn.ensonhaber.com/cdn/desktop/img/ 38 B
274 B 19ms
13ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/ph.png
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb5a8c3317c13577fc5fb09faaf465f5e7aca64b4e243a492c2c8981cbdf97a

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 348900
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=png, origSize=939
status: 200
content-disposition: inline; filename="ph.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 38
cf-request-id: 0656f430d50000d72d61a78000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Thu, 09 Jul 2020 11:18:28 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5f06fd04-3ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 19 Nov 2020 02:35:47 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b821d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 h_1420.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 68 KB
69 KB 18ms
11ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/h_1420.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f041edbc13548d602f2cec9e471761d2904ccaef75b7898bfee8e0fdf6abc23b

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 8511
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=72774, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 69825
cf-request-id: 0656f430d50000d72d048ed000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Wed, 11 Nov 2020 01:08:42 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab399a-11c46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 23 Nov 2020 01:08:56 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b822d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 cattop-placeholder.gif
icdn.ensonhaber.com/cdn/desktop/img/ 2 KB
2 KB 19ms
13ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/cattop-placeholder.gif
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4506bb967985d72c1a9c13f07b966e370cd26b0983b1f2eef44c327acf84d281

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 246513
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=gif, origSize=3311
status: 200
content-disposition: inline; filename="cattop-placeholder.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 1784
cf-request-id: 0656f430d60000d72d6e830000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 20 Nov 2020 07:02:14 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b825d72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 j_9087.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/ 13 KB
13 KB 25ms
19ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/j_9087.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c882a48597f6e7371ce843f4ea4051ce39d92e7cbce2f68d87b869c7b4a7c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 17596
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=14089, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 12876
cf-request-id: 0656f430d60000d72d3badc000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 22:36:01 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab15d1-3196d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 22:37:31 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc7b828d72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 d_9150.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/ 5 KB
6 KB 20ms
14ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/d_9150.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b345071bbff7b2c15dcfee2c040334b63195c6e6f5736bd3aac51ed7dddf97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 18746
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=5689, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 5297
cf-request-id: 0656f430d60000d72d6a021000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 22:17:13 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab1169-114f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 22:18:21 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7b82ad72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 j_6484.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/ 9 KB
9 KB 25ms
20ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/j_6484.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16a965a852ded357de8f1045b54c58b81c33f5c43c87071aaf2001961e634636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 19955
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=9887, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 9190
cf-request-id: 0656f430d70000d72d308f5000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 21:57:51 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab0cdf-2292e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 21:58:12 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc7b82bd72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 k_5289.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/ 7 KB
7 KB 24ms
18ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/k_5289.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d65ef50bd5990dc3531e638d95d8e302ab6493b93bb50b90b181fd5b554f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 21781
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=7547, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 7088
cf-request-id: 0656f430d70000d72d73bd7000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 21:27:14 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab05b2-11c9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 21:27:46 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc7b82dd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 n_9666.jpg
icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/ 6 KB
7 KB 25ms
16ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/227x128-85/resimler/diger//kok/2020/11/11/n_9666.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878129ddf1d9b265e17296b8c127c12730d999d1c7fcdf766130bb1ce8565d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 22298
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=7088, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 6607
cf-request-id: 0656f430d80000d72d0fb62000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 21:17:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab035f-132e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 21:19:09 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc7b82fd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 25ms
17ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d775fc71cea365da3e84d00b794937a02eda7324622298b98cc51b8127e0706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38289
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 Nov 2020 03:30:47 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 8 KB
3 KB 40ms
12ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3206
etag: W/"af07e3bccd7885748057bb532c526ac5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 5f04efc7ed8fd6d5-FRA
cf-request-id: 0656f430ec0000d6d581295000000001
expires: Wed, 11 Nov 2020 15:30:47 GMT

GET
H2 200 cookieconsent.min.css
icdn.ensonhaber.com/Assets/ 5 KB
1 KB 20ms
16ms Stylesheet
text/css 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.css?v=2
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 250948
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430da0000d72d2c2d9000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Mon, 21 Sep 2020 14:19:52 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5f68b688-150e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc7c837d72d-FRA
x-gostream-maincache-status: HIT
expires: Fri, 20 Nov 2020 05:48:19 GMT

GET
H2 200 cookieconsent.min.js Show response
icdn.ensonhaber.com/Assets/ 9 KB
3 KB 22ms
18ms Script
application/javascript 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/Assets/cookieconsent.min.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 178941
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430da0000d72d4b225000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Mon, 21 Sep 2020 14:11:45 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5f68b4a1-226a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc7c83bd72d-FRA
x-gostream-maincache-status: MISS
expires: Sat, 21 Nov 2020 01:48:26 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 123ms
40ms Script
text/javascript 13.224.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-46.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 29 Sep 2020 00:34:48 GMT
Via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3725760
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: v05XHqDZT_TlQU1ql1YQA3SqZnIsD7iObnHDhVz0WE0EeAeRs3j9kg==

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 137ms
48ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 08:20:59 GMT
status: 200
etag: "5faa4d6b-17683"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 95875
expires: Wed, 11 Nov 2020 04:30:47 GMT

GET
H2 200 xgemius.js Show response
gatr.hit.gemius.pl/ 41 KB
11 KB 125ms
40ms Script
application/x-javascript 37.187.168.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/xgemius.js
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.187.168.211 , France, ASN16276 (OVH, FR),
Reverse DNS: tr4.host.hit.gemius.pl
Software: GHC /
Resource Hash: f0c4b6b374e131b73d003750d750074f945777359ce76fa5ca180ae1275f73c3

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: gzip
last-modified: Mon, 09 Nov 2020 07:22:45 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 11034
expires: Wed, 11 Nov 2020 15:30:47 GMT

GET
H2 200 09d.svg
icdn.ensonhaber.com/cdn/desktop/img/ 852 B
635 B 16ms
12ms Image
image/svg+xml 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/09d.svg
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 342453
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f430ef0000d72d31bd1000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5ea5b1b7-354"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc7e857d72d-FRA
x-gostream-maincache-status: MISS
expires: Thu, 19 Nov 2020 04:23:14 GMT

GET
H2 200 sprite.png
icdn.ensonhaber.com/cdn/desktop/img/ 3 KB
3 KB 15ms
12ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/cdn/desktop/img/sprite.png
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7

Request headers

Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 379762
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=png, origSize=3353
status: 200
content-disposition: inline; filename="sprite.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 2838
cf-request-id: 0656f430ee0000d72d64280000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 18 Nov 2020 18:01:25 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7e85ad72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 h-r.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 86 KB
86 KB 10ms
10ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-r.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0

Request headers

Origin: https://www.ensonhaber.com
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 430246
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 87724
cf-request-id: 0656f430f200002c010599f000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-156ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7ebfb2c01-FRA
x-gostream-maincache-status: HIT
expires: Wed, 18 Nov 2020 04:00:01 GMT

GET
H2 200 h-l.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 76 KB
76 KB 10ms
10ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-l.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093

Request headers

Origin: https://www.ensonhaber.com
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 697292
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 77436
cf-request-id: 0656f430f300002c010a300000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-12e7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7ebfe2c01-FRA
x-gostream-maincache-status: HIT
expires: Sun, 15 Nov 2020 01:49:15 GMT

GET
H2 200 h-b.otf
icdn.ensonhaber.com/cdn/desktop/fonts/ 83 KB
84 KB 11ms
10ms Font
application/octet-stream 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/fonts/h-b.otf
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8

Request headers

Origin: https://www.ensonhaber.com
Referer: https://icdn.ensonhaber.com/cdn/desktop/css/main.min.css?v=2.0.0.0.4.4.5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 694043
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 85472
cf-request-id: 0656f430f500002c01008bb000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Sun, 26 Apr 2020 16:07:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5ea5b1b7-14de0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc7ec0b2c01-FRA
x-gostream-maincache-status: HIT
expires: Sun, 15 Nov 2020 02:43:24 GMT

GET
H2 200 jquery.js Show response
icdn.ensonhaber.com/cdn/desktop/js/ 94 KB
33 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 107295
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f431720000d72d5cb6c000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Thu, 05 Nov 2020 08:00:19 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fa3b113-17756"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 21 Nov 2020 21:42:32 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc8b8edd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: minify

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 123ms
40ms Image
image/gif 13.224.93.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&time=1605065447840&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.ensonhaber.com%2F&random_number=15576561405&sess_cookie=18860164175b55b199f8fb30f39&sess_cookie_flag=1&user_cookie=18860164175b55b199f8fb30f39&user_cookie_flag=1&dynamic=true&domain=ensonhaber.com&account=DIQbh1acOh00yC&jsv=20130128&user_lang=en-US
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.93.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-93-26.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 04:14:33 GMT
Via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 83775
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: o6rQ60le81AkhIqdUd573lwAQMaXHf56Rp75GijvdcrGr6iN_ErU0w==

GET
H2 200 fpdata.js Show response
gatr.hit.gemius.pl/ 283 B
396 B 39ms
39ms Script
application/x-javascript 37.187.168.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/fpdata.js?href=www.ensonhaber.com
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.187.168.211 , France, ASN16276 (OVH, FR),
Reverse DNS: tr4.host.hit.gemius.pl
Software: GHC /
Resource Hash: 56e6fef237b35bc673d8b002d647459aa573a64755b36f126ddf302c353d55c2

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 283
expires: Fri, 11 Dec 2020 03:30:47 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame 2027 0
0 133ms
39ms Document
text/html 149.202.208.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gatr.hit.gemius.pl
URL: https://gatr.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.208.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr5.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
date: Wed, 11 Nov 2020 03:30:47 GMT
expires: Fri, 11 Dec 2020 03:30:47 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2714
content-encoding: gzip

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-955423-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 899
date: Wed, 11 Nov 2020 03:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 11 Nov 2020 05:15:48 GMT

GET
H2 200 coreupdate.js Show response
icdn.ensonhaber.com/cdn/desktop/core/ 15 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://icdn.ensonhaber.com/cdn/desktop/core/coreupdate.js?version=2.0.0.0.4.4.5
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bcc83e60680090a091f04512733bb4115168399144f2b578eb8c4b0ee709284

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 107294
gostream-cache-ip: cache.gostreamcdn.net
status: 200
gostream-cache-location: 99.gostreamcdn.net
cf-request-id: 0656f431f10000d72d5ea7f000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Mon, 09 Nov 2020 21:42:08 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fa9b7b0-3b37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sat, 21 Nov 2020 21:42:32 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
cf-ray: 5f04efc9898cd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: minify

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

322c21414579a6b7f9a89b8db9b9b48b922176351edea78ea3a996f9cc8188b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "690 / 923 of 1000 / last-modified: 1605049683"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18160
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:47 GMT

GET
H2 200 sanliurfa_543.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2020/11/11/ 9 KB
10 KB 12ms
11ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2020/11/11/sanliurfa_543.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc9b0de101ed029069796700683f819c8ce16e3b26b2a9b30b0ce1b5278e1bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 1640
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=10081, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 9453
cf-request-id: 0656f431f60000d72d6428a000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Wed, 11 Nov 2020 03:02:34 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab544a-22095"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 23 Nov 2020 03:03:27 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc98995d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 esad-kuzen_4369.jpg
icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2020/11/10/ 10 KB
10 KB 13ms
12ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/287x168-85/resimler/diger/kok/2020/11/10/esad-kuzen_4369.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c60388a88c4a105525014e7eb4d5a72d6874260238eb1ff7c1cf2e1b78311664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 23535
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=10689, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 10004
cf-request-id: 0656f431f60000d72d2714b000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 20:53:34 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5faafdce-14365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 20:58:32 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc98996d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 igde-nedir_2802.jpg
icdn.ensonhaber.com/crop/189x129-85/resimler/diger//kok/2020/11/10/ 9 KB
10 KB 14ms
13ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/189x129-85/resimler/diger//kok/2020/11/10/igde-nedir_2802.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab148d17ac712e1ffac1793e87f1b0a9bf6d7412038d166d3adb18885d0cb6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 43163
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=10557, status=webp_bigger
status: 200
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 9565
cf-request-id: 0656f431f70000d72d2c8d1000000001
gostream-edge-ip: cdnde-c.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 15:16:57 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5faaaee9-1bc96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 15:31:24 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc9899ad72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 IMG20201110055649.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2020/11/10/ 3 KB
3 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2020/11/10/IMG20201110055649.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bdce4015b246190915185b2e25cc39349930f2110281251b6720a41494b1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 22298
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=jpeg, origSize=7822
status: 200
content-disposition: inline; filename="IMG20201110055649.webp"
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 2964
cf-request-id: 0656f431f70000d72d161e0000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 14:56:49 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5faaaa31-2a0e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 21:19:09 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04efc9899bd72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 m_6362.jpg
icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2020/11/11/ 3 KB
3 KB 16ms
16ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icdn.ensonhaber.com/crop/55x55-100/resimler/diger//kok/2020/11/11/m_6362.jpg

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee0d4989cc856bb41d6cd4ee9d4be35a450b186bccd4c865e1dc14fe229e0f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:47 GMT
cf-cache-status: HIT
age: 15664
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=jpeg, origSize=6343
status: 200
content-disposition: inline; filename="m_6362.webp"
strict-transport-security: max-age=31536000; includeSubdomains
gostream-cache-location: 99.gostreamcdn.net
content-length: 2860
cf-request-id: 0656f431f80000d72d1e855000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 23:03:34 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: W/"5fab1c46-1fabe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 23:09:43 GMT
cache-control: public, max-age=1036800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efc9899cd72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 frv_5151.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 34 KB
34 KB 11ms
11ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/frv_5151.jpg
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a9f93fbdca3d3778eee2ab25de23dac6d97cfea0c8371d117b77b186b75491

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
cf-cache-status: HIT
age: 16354
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=38344, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 34530
cf-request-id: 0656f4326c0000d72d3aaa0000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 22:56:42 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab1aaa-95c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 22:58:14 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efca4a57d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2

200

1 Show response
mc.yandex.ru/watch/24056266/
Redirect Chain

https://mc.yandex.ru/watch/24056266?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613...
https://mc.yandex.ru/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166...

167 B
249 B

45ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043048%3Aet%3A1605065448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A875217908980%3Arqn%3A1%3Arn%3A881353872%3Ahid%3A363697987%3Ads%3A1%2C14%2C89%2C52%2C1%2C0%2C0%2C210%2C0%2C%2C%2C%2C328%3Afp%3A302%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065448%3Au%3A1605065448976097526%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d8f4e88ac99f262102de3e2680e4ed399e06d077820ab94da6bba41c21ed76a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 11-Nov-2020 03:30:48 GMT
status: 200
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Wed, 11-Nov-2020 03:30:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
last-modified: Wed, 11-Nov-2020 03:30:48 GMT
status: 302
location: /watch/24056266/1?wmode=7&page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043048%3Aet%3A1605065448%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A875217908980%3Arqn%3A1%3Arn%3A881353872%3Ahid%3A363697987%3Ads%3A1%2C14%2C89%2C52%2C1%2C0%2C0%2C210%2C0%2C%2C%2C%2C328%3Afp%3A302%3Agdpr%3A14%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065448%3Au%3A1605065448976097526%3At%3AEn%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11-Nov-2020 03:30:48 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
160 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
last-modified: Mon, 09 Nov 2020 18:48:51 GMT
status: 200
etag: "5fa970eb-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 11 Nov 2020 04:30:48 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 13ms
12ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=759977956&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ensonhaber.com%2F&ul=en-us&de=UTF-8&dt=En%20Son%20Haber%3A%20Son%20Dakika%20Haberler%2C%20G%C3%BCncel%20Haberler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=947374986&gjid=238834230&cid=80774732.1605065448&tid=UA-955423-1&_gid=1483142503.1605065448&_r=1&gtm=2ouas1&z=693018301

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 163ms
55ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/core/coreupdate.js?version=2.0.0.0.4.4.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

49523a1529bd2fc4f227d14c618d0f9a0c187cb289f0dd867cb2730dd091c98c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "690 / 330 of 1000 / last-modified: 1605049738"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18161
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H2

200

rexdot.js Show response
gatr.hit.gemius.pl/__/_1605065448201/
Redirect Chain

https://gatr.hit.gemius.pl/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.enson...
https://gatr.hit.gemius.pl/__/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.en...

169 B
430 B

85ms
85ms

Script
application/x-javascript

37.187.168.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gatr.hit.gemius.pl/__/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ensonhaber.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=320&lsdata=RujB.46B216FVv0JtNopLQhELjqDY8aC4lQJGs.w9Jr.a7cISvtMx_0w2g66Vagtid3O52zNhtXinnKqi6h0XEYBlyp7/U0hWVa0X3sqBs/&fpdata=60pmYHH0SiwLrL82wu05lE.6ZkLVWSC80TobVJagDXj.T7&vis=1
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.187.168.211 , France, ASN16276 (OVH, FR),
Reverse DNS: tr4.host.hit.gemius.pl
Software: GHC /
Resource Hash: c333df748c16c8fd6a9210affe80814b9299bc3769a64281abf6b70c8877421b

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Tue, 10 Nov 2020 03:30:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1605065448201/rexdot.js?l=100&id=bIGaoV.e40Yfb7bDoZTsNpewXhYsA4dSD1tb0l6HWYv.A7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fwww.ensonhaber.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=320&lsdata=RujB.46B216FVv0JtNopLQhELjqDY8aC4lQJGs.w9Jr.a7cISvtMx_0w2g66Vagtid3O52zNhtXinnKqi6h0XEYBlyp7/U0hWVa0X3sqBs/&fpdata=60pmYHH0SiwLrL82wu05lE.6ZkLVWSC80TobVJagDXj.T7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Tue, 10 Nov 2020 03:30:48 GMT

GET
H2 200 pubads_impl_2020110501.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
97 KB 174ms
74ms Script
text/javascript 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

sffe /

Resource Hash

572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99552
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 09:43:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Nov 2020 03:30:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 41ms
15ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-955423-1&cid=80774732.1605065448&jid=947374986&gjid=238834230&_gid=1483142503.1605065448&_u=IEBAAUAAAAAAAC~&z=794329906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Nov 2020 03:30:48 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
292 B 20ms
19ms Image
image/gif 2a00:1450:4001:81f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-955423-1&cid=80774732.1605065448&jid=947374986&_u=IEBAAUAAAAAAAC~&z=1296235480

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
494 B 38ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-955423-1&cid=80774732.1605065448&jid=947374986&_u=IEBAAUAAAAAAAC~&z=1296235480

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 ui Show response
m.ensonhaber.com/api/uye/ 4 KB
961 B 71ms
65ms XHR
text/html 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.ensonhaber.com/api/uye/ui?i=500
Requested by: Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.14
Resource Hash: de9eacf95846bb2b23648fa0b8f87cb6758487552933396cf0a42407df207772

Request headers

Accept: */*
Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
x-powered-by: PHP/7.2.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5f04efcbb84a2c01-FRA
cf-request-id: 0656f4334f00002c01f38c4000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 34ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ensonhaber.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 405ms
352ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=1518367124982678&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_DETAY%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=940x250%7C728x90%7C970x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448481&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=2454138541&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=2&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

5144d36e542a1731ba31c647822a580466813eb94c1e58c4ea87f91d70619cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10528
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
15ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
282 B 432ms
380ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=2440493026908635&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_DETAY%2Csidebar_top_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C300x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448489&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=-9&adys=-9&adks=2331949637&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=2&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

7a1ee963309918dcea34c4302591b5e8673110bf3a60e6557dd8da133e4dae80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 152ms
100ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=2901498607655055&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmasthead_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448492&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=163&adks=1081751012&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x90&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

73e8bd79bf0d1104ed34776125a7e0c5eb63409f9e167d7ec49a240e0da5d746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9377
x-xss-protection: 0
google-lineitem-id: 5533666060
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329947396
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 445 B
288 B 344ms
293ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=544841161402513&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cmansetalti_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C940x250%7C970x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448495&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1049&adks=676929358&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1180x90&msz=1180x90&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

03a2a445ee100f835d7d9db78795d86262905f207da66cfff45ebf3ac57cd2a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
283 B 394ms
343ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=2289291455914627&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_left_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=120x600%7C160x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448498&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=56&adys=20&adks=1683417215&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

170dcf420ef50210e5f6fd3791243374ae0615a453c2a515e02bafcce4dcfdce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 372ms
321ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=1025665415213402&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Cpageskin_right_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C120x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448500&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=1404&adys=20&adks=409632425&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

45aac7c160eb2561207166a9aab7f294aa9f18d851476e61dfed791e47b56c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10475
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 427ms
377ms XHR
text/plain 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1470439923456500&correlator=190483232426248&output=ldjh&impl=fifs&eid=21068602%2C21067448%2C21068030%2C21068418&vrg=2020110501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201111&iu_parts=9170022%2CESH_DESKTOP_ANASAYFA%2Csidebar_top_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250%7C336x280&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1605065448&dt=1605065448503&dlt=1605065447582&idt=854&frm=20&biw=1600&bih=1200&oid=3&adxs=1072&adys=1215&adks=3404140687&ucis=7&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&dssz=22&icsg=10880&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x600&msz=336x600&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&fws=512&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

38467701dade9b77af54b098420ac1cc4cd82c76e2759f471ab17b97add4f56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10509
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ensonhaber.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE56 0
0 58ms
58ms Fetch
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYI4AkQMpQ9WGQkEVjQiSOiPrzXA0KDDE4qrqtr5FZkInU-Swuua5CxPnISh7gzZwFArDJX9jHl3pLbt-tn0V_o6po6X4cYn587_lXsUZfOGy0suOcIZgNEZYF09IB0gfGWOVYhNxd7gCbEuP21RpSjiHDjX8ULaVqT7Xg8CXhO5Et9BMP8MGsoi3Uur1ul79n11c-anN6sDScBPWeb2MAamEYIG4oEDYoRztUNip_ZyTDCM6NKu4mBkMvUnVtr5bvkXAF4TFmD2NWi_T__SP2g75QGmMsKbKSJQ&sai=AMfl-YSXKkXp7CxhUfwkO73KgQgb4YCm0QEDgqCVc9qSCF7T4mujohll16bdKAKvjRcYWIDEB_FV4Ohja0WPiJUdBumLVFY94v3KIsBOQQm2tMt7IZPt19PyP7XkkzdOiIw&sig=Cg0ArKJSzMjTQjiIRvKrEAE&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201104/r20110914/ Frame DE56 17 KB
8 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201104/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d971faef455d9653104c2727df1cc48f8655a26299234963886bd4afe799afe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:14:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7215
x-xss-protection: 0
server: cafe
etag: 6708353294733735086
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Nov 2020 15:14:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201104/r20110914/client/ Frame DE56 3 KB
1 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201104/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 16:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1336
x-xss-protection: 0
server: cafe
etag: 4033927919502905291
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 Nov 2020 16:29:38 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DE56 75 KB
29 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a8c86a3426141c5a1913053e7df222349ee12301e04f5528367270b6ea1283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604940355256220"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29149
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame DE56 0
0 63ms
47ms Image
text/html 2a00:1450:4001:81b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQLxRhRy4oM4cvio5fBmI92m0sBXo5ujrdDA7G99sPDbqv-itf0qTQFHkLuOu2sdKLrgWqc
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 9353102906466941298
tpc.googlesyndication.com/simgad/ Frame DE56 102 KB
102 KB 26ms
7ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9353102906466941298

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d4253a0f72dda4192d5838e69b7218b5eda866d73704a9fa7270c5c9969fba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 21:00:08 GMT
x-content-type-options: nosniff
age: 23440
x-dns-prefetch-control: off
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104676
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 13:24:27 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 21:00:08 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 52ms
42ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604940355256220"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28176
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
20ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020110501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e03003820b2d8b69c96fcbc26433513a665b89937b4768d866b1e0574c3d3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6419
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DE56 0
21 B 56ms
55ms Image
image/gif 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvr94uWeffK7QPyZ83Abi3k60oyjSkM7mamtIThoCY3QsMS_zreavWxWrxTLVIstq7-GfN9SMWqm_XqfjN2qK2QDMadEvUaIor0yMptHlqOY9I5lIxR4pOQZ0PLp5hSOcEQic7nUi1VeP9vzFP7oKprZfwwySYMaGT35Nw61jZgZiJrPqXc1tihmBiUM2LEo4mTaLwayDpCzte6OC-777nB53FbpIVFjJsGZ1kOvgNGAJwzwrH7Va4i-CLCv5Om6e-bSpvXs0UoWjXp_IW6_Ftxn3rrx4L3iYGCDUbT&sai=AMfl-YScDbG4gmPiCydqdoknrJRL713Uob2TiKspKjyfs6lc9K9G0-V2eGWGhaJYIx3d3kmDrvGV0CmW5epe81lk3KNb9i8PS43q2QpvwK7zzP4rFSXJAaz5-5WH7QhGmdQ&sig=Cg0ArKJSzLzLuAAHxVK3EAE&adurl=

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DE56 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f856c5161cc19bc39c89e5f7f5c187882d57b2024d851a3a0d2f26afcf866f7d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E5D7 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 11 Nov 2020 01:08:28 GMT
expires: Thu, 11 Nov 2021 01:08:28 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8540
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
45 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45395
x-xss-protection: 0
server: cafe
etag: 16107326225270191402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 4E41 204 KB
56 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f566d8761b3cdb46344a002ab97bd65b99262bcade6eaac28d42795871b9f97d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38554
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56865
x-xss-protection: 0
server: sffe
date: Tue, 10 Nov 2020 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d9b9e5f0fe1d7d70"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 16:48:14 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4E41 14 KB
6 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1ac3e3dac03cc7b55db95d3e2f6db06359e9f83c31edfe7e8948fe1b005ece

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38508
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5339
x-xss-protection: 0
server: sffe
date: Tue, 10 Nov 2020 16:49:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f32966a1dd31423f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 16:49:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4E41 96 KB
29 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53e860d5c71786683ef080150431ccdef7f285ecc24fea1abf56f8bb41109a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38554
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29532
x-xss-protection: 0
server: sffe
date: Tue, 10 Nov 2020 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e22568992b3e519"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 16:48:14 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4E41 4 KB
2 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a084f9fa314be804daeb5314c0dcf00022a8d8a1319a990b9546860e2ca8753

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38557
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1794
x-xss-protection: 0
server: sffe
date: Tue, 10 Nov 2020 16:48:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "97d72cd21f25600f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 16:48:11 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4E41 45 KB
14 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020110501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8637b0501ace1a66eb37373c3440baf7ac214692ac755d90d901d1c1587f3f6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38519
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
server: sffe
date: Tue, 10 Nov 2020 16:48:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e02eb5bdf732790a"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Nov 2021 16:48:49 GMT

GET
DATA 200
OK truncated
/ Frame 4E41 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d20e478360caaaa56018633c6aba62b870b44b31077682cedb1976c7dfb6a5

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 12994814656908223697
tpc.googlesyndication.com/simgad/ Frame 4E41 34 KB
34 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12994814656908223697?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qksT70Gf6sneVxnH2rEKSVMRlxTgw

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de816b65a33d1fcf414c1e0b0d5de98b8283f497a655b1a4a78ecf4880c15891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 13:45:02 GMT
x-content-type-options: nosniff
age: 395146
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34635
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 11:28:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Nov 2021 13:45:02 GMT

GET
H3-Q050 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E41 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Nov 2020 11:14:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58586
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Wed, 11 Nov 2020 11:14:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E41 344 B
438 B 8ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 57439
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4E41 0
0 65ms
64ms Image
text/html 216.58.207.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIcv96FqrX5-9Jpjc7_UPouW20AKsldSMYNOK2e_3DMDQ54WVHRABINaG2yVg0YG5gtAHoAGKteGlAsgBAuACAKgDAcgDCKoE0QFP0Apib0NJX-k7boV89kpxXZOa9so9tRZdaA90kTecYC78yUI3YRK3iCVDlZDiLoLUaRrxVcAbSNZqIYZEo4cioJ6b-9dj9reHeMXI7y5PveHHfPo_TtVxc_CHHQc-gKNjI_ZfzY-h3NwjaBCY24Pa4Ocjd3TiF6QaFGoEr8J9rF78UbpFsLosmDyqzcUNxdQRPvoZNb4Ze_fcpYTrqmbj6CgW_6FJwaxg9O0qgmzxAjt_RNmR-XVotSFsLXhSQU-9IR3v8YokbDZFxwMjqzHXIsAEmYaSsakD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB__9oNoBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELmwZtIICQiA4YBQEAEYHYAKA8gLAbIMFHB1Yi04NjAxNTg1NTA1NzAxOTQ3wgwCCAHYEww&sigh=JgJpuEtN7H8&tpd=AGWhJmtwPpAo8jAVVGJ6TJvBp4YsYFhtFEddrZUzu9qsRERlEA
Requested by: Host: www.ensonhaber.com
URL: https://www.ensonhaber.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s25-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/ 230 KB
86 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88225
x-xss-protection: 0
server: cafe
etag: 10001109163846534958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/ Frame 4E32 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201104/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmiC_ex4-8_g5m9QlkE43TbvqHbR3jLiFEEHpW9eNec8LxrJz19CVxQmP7N; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 10 Nov 2020 18:54:19 GMT
expires: Tue, 24 Nov 2020 18:54:19 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 30989
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
87 B 23ms
21ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020110501&jk=1470439923456500&bg=!t7SltJTNAAXuKKZk7ljP1KlhcHg4MQIAAABQUgAAAA5oAQcKAXEOzK-Ipbfby_MG1NiHNNe6poXA1EeqmpS4-F87YsFbzkjwBtY-ZgdizaDPVvjqhF09jIU2rCgiYnCBQCPBvNlwzpCXSjKl58Qj1a9EK1yTw5HZvEs6wIGNKwq7Tfdjv3HuPqjgSkdTLkB-cKBa4pPVduCZ9Xl70VRJQwpwUlai0eiXsY9rWBg8nrbG1zfmFTQpU6v5pIgXlfxKST_8Vi8jbFuYaV9d6NQy5RLqI7eqcwrZaVYObujpJ1s3OoLQnvjb79CBb7oTyyqeZnFmKqvHhhd76uOHzIxK9KXjMJRMNxz3XSQYhEJJ8RKVftNllAMo2s8iTgvDmHdqf6BYKCyCL8MqAk0iK_TftQqr4XpLUBgcYqp6nfXjwTxoLYFFljbAF08JKiMbOMDaXfqDK3g0h-gWHAuxy4vBlRS_BKozVpVpqGFcc6i0AC8zXhITRrEnvPBpcK545aeBsVcwDELsMPEQdyFOYZtlRDd6imwLxMWZAbudG3AaELh1oPxkUrRNrJQ7NAcP8abaYLAO30E7IE_MqjH2o_ZAl-anwkfuV7Ghcv_gb1hvtqbT4sqN8WEqLkIMyGj-S6eYPviMIZkUfS41aJZaGQUeLEMHWzxIsLT_RcSVwy_zI3uET2hL35KPrKxDR43alUG8LmdNrXel9TbWy13KV02sw8O9RIzQiNCEdMbe-M3FvZADL2_HEDrzpw83kKZKx4EjbP-65q3vyY18fcA3NyVa27_8FhvCQfgo6XZsQcmL6BMBbEDp61nRcCTq-hHYAsfi3QsmFuXPeF1hnp7kdvZaTcUHLRPGfgAYwVRyrTvViM46xMJ8r-ap_wc8JmnZ9L-O94rZ7EZgNlKz-x0HIkfkkb1Xr_lTnNv2yzfsSvF6ltLynLYwmVvFKDssYuP7-aygK-NQR-wPYEbThMOcwbIqqK5NHcE5ifff0nXj-xeCfbndtGY8CPo9xjLyOQbZmPX1rpz3aFsFAF2k_AJ-k9Sg7wV9RLQCR4SYud7vOSfesvFrdigHKnG0pClq9PeUkBmJeuaSkWS0wmCLfn2IBKn-REHvAQ6JPjosReaAjEixHWMaKd_6RA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 130 KB
44 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: icdn.ensonhaber.com
URL: https://icdn.ensonhaber.com/cdn/desktop/js/jquery.js?v=2.0.0.0.4.4.5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45395
x-xss-protection: 0
server: cafe
etag: 16107326225270191402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Nov 2020 03:30:48 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4E41
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 Nov 2020 03:30:49 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
469 B 146ms
51ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ensonhaber.com&callback=_gfp_s_&client=ca-pub-3240396386341970&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7F7A 0
0 299ms
298ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=250&slotname=4937467496&adk=3930559219&adf=278506678&pi=t.ma~as.4937467496&w=970&lmt=1605065449&psa=0&format=970x250&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448917&bpp=13&bdt=1334&idt=128&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&correlator=6586743889900&frm=20&pv=2&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=1209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=DdF5NVRwDw&p=https%3A//www.ensonhaber.com&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=250&slotname=4937467496&adk=3930559219&adf=278506678&pi=t.ma~as.4937467496&w=970&lmt=1605065449&psa=0&format=970x250&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448917&bpp=13&bdt=1334&idt=128&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&correlator=6586743889900&frm=20&pv=2&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=1209&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=DdF5NVRwDw&p=https%3A//www.ensonhaber.com&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmiC_ex4-8_g5m9QlkE43TbvqHbR3jLiFEEHpW9eNec8LxrJz19CVxQmP7N; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 03:30:49 GMT
server: cafe
content-length: 23564
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.ensonhaber.com%2F&tn=DIV&cls=wpcc-container%20wpcc-banner%20wpcc-corners-round%20wpcc-corners-small%20wpcc-border-thin%20wpcc-bottom%20wpcc-color-custom--943834009%20&ign=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame A20D 0
0 16ms
16ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&adk=1812271804&adf=3025194257&lmt=1605065449&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448930&bpp=3&bdt=1348&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=152

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&adk=1812271804&adf=3025194257&lmt=1605065449&plat=1%3A16809992%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.ensonhaber.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448930&bpp=3&bdt=1348&idt=144&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=8&uci=a!8&fsb=1&dtd=152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmiC_ex4-8_g5m9QlkE43TbvqHbR3jLiFEEHpW9eNec8LxrJz19CVxQmP7N; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 11 Nov 2020 03:30:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 12994814656908223697
tpc.googlesyndication.com/simgad/ Frame 4E41 34 KB
34 KB 6ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12994814656908223697?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qksT70Gf6sneVxnH2rEKSVMRlxTgw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de816b65a33d1fcf414c1e0b0d5de98b8283f497a655b1a4a78ecf4880c15891

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 13:45:02 GMT
x-content-type-options: nosniff
age: 395147
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34635
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 11:28:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Nov 2021 13:45:02 GMT

GET
H3-Q050 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E41 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Nov 2020 11:14:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58587
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Wed, 11 Nov 2020 11:14:22 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4E41 344 B
373 B 7ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 57440
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 11 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D193 0
0 306ms
306ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=600&slotname=7766810810&adk=3587751653&adf=102127721&pi=t.ma~as.7766810810&w=300&lmt=1605065449&psa=0&format=300x600&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448961&bpp=2&bdt=1379&idt=132&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250%2C0x0&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=KMPJWrxhns&p=https%3A//www.ensonhaber.com&dtd=136

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201104/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPq1vt_G-ewCFW3KuwgdEsoPDA&gqi=6VqrX6rDBuXN7_UP5aW82Ao&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3240396386341970&output=html&h=600&slotname=7766810810&adk=3587751653&adf=102127721&pi=t.ma~as.7766810810&w=300&lmt=1605065449&psa=0&format=300x600&url=https%3A%2F%2Fwww.ensonhaber.com%2F&flash=0&wgl=1&adsid=NT&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1605065448961&bpp=2&bdt=1379&idt=132&shv=r20201104&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58d4617794800859-22f10af22cb90002%3AT%3D1605065448%3AS%3DALNI_MYo_YNs-DjQIR7J6c8ivjXPKSx_Fg&prev_fmts=970x250%2C0x0&nras=1&correlator=6586743889900&frm=20&pv=1&ga_vid=80774732.1605065448&ga_sid=1605065448&ga_hid=759977956&ga_fc=0&iag=0&icsg=10737592960&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1072&ady=1538&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067466&oid=3&pvsid=1470439923456500&pem=601&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=9&uci=a!9&btvi=2&fsb=1&xpc=KMPJWrxhns&p=https%3A//www.ensonhaber.com&dtd=136
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ensonhaber.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmiC_ex4-8_g5m9QlkE43TbvqHbR3jLiFEEHpW9eNec8LxrJz19CVxQmP7N; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ensonhaber.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPq1vt_G-ewCFW3KuwgdEsoPDA&gqi=6VqrX6rDBuXN7_UP5aW82Ao&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 11 Nov 2020 03:30:49 GMT
server: cafe
content-length: 34498
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DE56 42 B
70 B 15ms
15ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9T6vcrU68CaRYgY5n1c7naS_U9VFfnAOpCGpkhtmbToTU59CtqWRHsPKn1sf6XRC629gCL021dfk8PGhld-NI384YpPA-SYXwjr6YyCo&sig=Cg0ArKJSzP_IkvHOPR7nEAE&adk=1081751012&tt=-1&bs=1600%2C1200&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&p=163,315,413,1285&mcvt=1050&rs=0&ht=0&tfs=111&tls=1161&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=7&niot_cbk=17&md=2&btr=0&cpmav=0&lm=2&rst=1605065448674&dlt&rpt=117&isd=0&msd=0&xdi=0&postrxl=1&ps=1600%2C9154&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1157&is=970%2C250&iframe_loc=https%3A%2F%2Fwww.ensonhaber.com%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=970x250&itpl=3&v=20201109

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4E41 42 B
194 B 17ms
17ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAQRrj5Kbg7fnH43ALNlNQXilG1domb-4QPJwc2g7tRDTBFtTfqY8ViZNJotzx9JpshWqw3-RDLubbpN--ZjlmyyhX0JA-c7M02NOOyX5VhNv5eVZVjaXn4cituw&sai=AMfl-YSqhWugLoTIof0MatWN22PY1t6SqTppegJ5pbEJvT1PP49tH8k1LRApSsz_7FTMIQPAPNfJYPErZA-UlYEmPkgV-z97ClGOIWecgqC2GyTSdQRAIf6VQhpGO-Qb7p0R&sig=Cg0ArKJSzK5SXtM8j7_1EAE&cid=CAASPeRoPOK4vP8nUN9v0IVeE_hEnt71DsqzaVwOrv4U_egK2AGMr-9CvnncsJv25pShL6WytCO3qw7y8WF4Klw&id=ampim&o=1404,20&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=152&tls=1152&g=100&h=100&tt=1152&r=v&avms=ampa&adk=409632425

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:30:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h_6153.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 134 KB
135 KB 13ms
12ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/h_6153.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e6db5b1d9f487470fa3e6b8cca6e41c5fff6127427cc41bd8d718d50e4b5c75

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:52 GMT
cf-cache-status: HIT
age: 5785
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=142142, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 137408
cf-request-id: 0656f445990000d72d65101000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Wed, 11 Nov 2020 01:51:38 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab43aa-22b3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Mon, 23 Nov 2020 01:54:27 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efe8fadbd72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 l_5784.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 62 KB
62 KB 14ms
13ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/l_5784.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe73bc501c91e1d80ff59596722f0192519aeb2e1510cc47d71e3b2d5c88d033

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:52 GMT
cf-cache-status: HIT
age: 15636
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=66746, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 63290
cf-request-id: 0656f445be0000d72d01a64000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 21:00:49 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5faaff81-104ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 23:10:16 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04efe93b24d72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 h_2075.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 86 KB
87 KB 11ms
11ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/h_2075.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 307d3f8638f9b2e1d956944848abd15caf71112e6f321d7cac870eed8e9efd3d

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:57 GMT
cf-cache-status: HIT
age: 1420
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=jpeg, origSize=105391
status: 200
content-disposition: inline; filename="h_2075.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 88390
cf-request-id: 0656f4591f0000d72d41bb7000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Wed, 11 Nov 2020 03:06:53 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab554d-19baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 23 Nov 2020 03:07:17 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04f0083bc0d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 k_3545.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/10/ 50 KB
50 KB 15ms
15ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/10/k_3545.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96930f372070dcb56d2da6a0b683dffcac045aa06b6beb0888e6f05058e71b1

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:30:57 GMT
cf-cache-status: HIT
age: 19797
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=53910, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 51114
cf-request-id: 0656f459470000d72d1e9a4000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 20:52:50 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5faafda2-d296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 22:01:00 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04f0087be7d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2 200 h_2968.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 79 KB
79 KB 12ms
11ms Image
image/webp 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/h_2968.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40fecf18a64b1188d6a3f4cc16617f84ad628780bc4f768a976cb8007097d6d4

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:31:02 GMT
cf-cache-status: HIT
age: 12764
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origFmt=jpeg, origSize=94351
status: 200
content-disposition: inline; filename="h_2968.webp"
gostream-cache-location: 99.gostreamcdn.net
content-length: 80492
cf-request-id: 0656f46ca70000d72d41857000000001
gostream-edge-ip: cdnde-b.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 23:55:45 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab2881-1708f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 23:58:18 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: HIT
accept-ranges: bytes
cf-ray: 5f04f0277b73d72d-FRA
x-gostream-maincache-status: MISS
cf-bgj: imgq:100,h2pri

GET
H2 200 polonya-kutu_4459.jpg
icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/ 72 KB
72 KB 11ms
11ms Image
image/jpeg 2606:4700:10::6816:49e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icdn.ensonhaber.com/resimler/diger/kok/2020/11/11/polonya-kutu_4459.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:49e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ded6069683c03b1571199fcc38e6bbf5511b7154763122f949ef59baab8a86c

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 03:31:02 GMT
cf-cache-status: HIT
age: 13896
gostream-cache-ip: cache.gostreamcdn.net
cf-polished: origSize=77202, status=webp_bigger
status: 200
gostream-cache-location: 99.gostreamcdn.net
content-length: 73323
cf-request-id: 0656f46ccf0000d72d67154000000001
gostream-edge-ip: cdnde-a.gostreamcdn.net
last-modified: Tue, 10 Nov 2020 23:39:08 GMT
server: cloudflare
gostream-edge-location: icdn.ensonhaber.com
etag: "5fab249c-12d92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 22 Nov 2020 23:39:26 GMT
cache-control: public, max-age=5356800, must-revalidate, proxy-revalidate
x-gostream-cache-status: MISS
accept-ranges: bytes
cf-ray: 5f04f027bbb4d72d-FRA
x-gostream-maincache-status: HIT
cf-bgj: imgq:100,h2pri

GET
H2

200

1
mc.yandex.ru/watch/24056266/
Redirect Chain

https://mc.yandex.ru/watch/24056266?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl...
https://mc.yandex.ru/watch/24056266/1?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ah...

43 B
71 B

48ms
48ms

Other
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/24056266/1?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043103%3Aet%3A1605065463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Als%3A875217908980%3Arqn%3A2%3Arn%3A1068725290%3Ahid%3A363697987%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1066%2C1066%2C3%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065463%3Au%3A1605065448976097526

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ensonhaber.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:31:03 GMT
last-modified: Wed, 11-Nov-2020 03:31:03 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 11-Nov-2020 03:31:03 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Nov 2020 03:31:03 GMT
last-modified: Wed, 11-Nov-2020 03:31:03 GMT
status: 302
location: /watch/24056266/1?page-url=https%3A%2F%2Fwww.ensonhaber.com%2F&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1605065447465%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20201111043103%3Aet%3A1605065463%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A118%3Als%3A875217908980%3Arqn%3A2%3Arn%3A1068725290%3Ahid%3A363697987%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C1066%2C1066%2C3%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1976%3Awv%3A2%3Arqnl%3A1%3Ast%3A1605065463%3Au%3A1605065448976097526
access-control-allow-origin: https://www.ensonhaber.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 11-Nov-2020 03:31:03 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gdyn Value: KlxUPRXGQMQG0lsJ0RQhUqRWssGMXP8c25nSGu22UXn_u6nnGGIXRtGAupKxGsRPIQlGB1RFHQ2xS1sgrlxrG0F6Sssa
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gtest Value: KlGhOMXGQMQG0lsJ0RQhUqRWssGMXP8c25nSGu22UXn_u6nnGGIXRtGAupCxsG..
.ensonhaber.com/	1970-01-19 13:51:05	Name: _gat_gtag_UA_955423_1 Value: 1
.ensonhaber.com/	1970-01-19 13:52:17	Name: _ym_isad Value: 2
.ensonhaber.com/	1970-01-20 07:22:17	Name: _ga Value: GA1.2.80774732.1605065448
.ensonhaber.com/	1970-01-19 22:36:41	Name: _ym_d Value: 1605065448
.ensonhaber.com/	1970-01-19 13:51:07	Name: _ym_visorc_24056266 Value: b
.ensonhaber.com/	1970-01-19 14:34:17	Name: __cfduid Value: dfc2973fd8e1ac3a72a142d942c314fb51605065447
.ensonhaber.com/	1970-01-19 22:36:41	Name: _ym_uid Value: 1605065448976097526
.ensonhaber.com/	1970-01-19 13:52:31	Name: _gid Value: GA1.2.1483142503.1605065448
.ensonhaber.com/	1970-01-19 22:38:07	Name: __auc Value: 18860164175b55b199f8fb30f39
.ensonhaber.com/	1970-01-19 13:51:07	Name: __asc Value: 18860164175b55b199f8fb30f39
.ensonhaber.com/	1970-01-20 13:51:05	Name: __gfp_64b Value: 60pmYHH0SiwLrL82wu05lE.6ZkLVWSC80TobVJagDXj.T7\|1605065447

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	log	URL: https://icdn.ensonhaber.com/cdn/desktop/js/home.js?v=2.0.0.0.4.4.5(Line 1) Message: 0.0.8.6
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.ensonhaber.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5b930f0f283163fe0634c59d6e843c2f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.onesignal.com
certify-js.alexametrics.com
certify.alexametrics.com
gatr.hit.gemius.pl
googleads.g.doubleclick.net
icdn.ensonhaber.com
ls.hit.gemius.pl
m.ensonhaber.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.ensonhaber.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
13.224.93.26
13.224.93.46
149.202.208.196
172.217.22.98
216.58.207.66
2606:4700:10::6816:49e7
2606:4700::6812:e134
2a00:1450:4001:800::2001
2a00:1450:4001:806::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2004
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a00:1450:400c:c08::9a
2a02:6b8::1:119
37.187.168.211
01adbdcdde3d55ba3376328000c9afa1f5c19b2029b29b72d720a704c5342ec2
03a2a445ee100f835d7d9db78795d86262905f207da66cfff45ebf3ac57cd2a9
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07d5087b985f403c77f82394589566967faf7abf28cdc561759f9655fabcb42d
15f7299c5ad2672e52ec8b6cef4b50c0190e89d70269c918fee08b5b971e95b0
16a965a852ded357de8f1045b54c58b81c33f5c43c87071aaf2001961e634636
170dcf420ef50210e5f6fd3791243374ae0615a453c2a515e02bafcce4dcfdce
18e03003820b2d8b69c96fcbc26433513a665b89937b4768d866b1e0574c3d3a
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
1ee0d4989cc856bb41d6cd4ee9d4be35a450b186bccd4c865e1dc14fe229e0f7
22f38713e3cb086adc05ce7b3f126b1a3c18d0bd120bafd17c85117de81741b8
2993d82f2812a961066b08425c5eecaad3ba242c7a48cff1ce8ea0653d7cc91d
2d775fc71cea365da3e84d00b794937a02eda7324622298b98cc51b8127e0706
307d3f8638f9b2e1d956944848abd15caf71112e6f321d7cac870eed8e9efd3d
322c21414579a6b7f9a89b8db9b9b48b922176351edea78ea3a996f9cc8188b5
34d65ef50bd5990dc3531e638d95d8e302ab6493b93bb50b90b181fd5b554f95
3625c3de2c5ff3ae1d390f25c3626c637dff10b1a651c097b45bceee62062093
36a78a9b6e5c11cd749e0864d629f4ffbfb548fe4b64828947b600d811ed4547
38467701dade9b77af54b098420ac1cc4cd82c76e2759f471ab17b97add4f56c
40b9d323173d17d85236d6b1409d40e434ae8788aeb9f3ae0d694096cdf548fb
40fecf18a64b1188d6a3f4cc16617f84ad628780bc4f768a976cb8007097d6d4
4506bb967985d72c1a9c13f07b966e370cd26b0983b1f2eef44c327acf84d281
45aac7c160eb2561207166a9aab7f294aa9f18d851476e61dfed791e47b56c5f
49523a1529bd2fc4f227d14c618d0f9a0c187cb289f0dd867cb2730dd091c98c
4cbaf74147522d4fc0cb8c700cc88727c8ad1bae80b04e640be2fb296879a45c
4d971faef455d9653104c2727df1cc48f8655a26299234963886bd4afe799afe
5144d36e542a1731ba31c647822a580466813eb94c1e58c4ea87f91d70619cda
51b238e76824248990b6afee557335a862af977789109b95fffb871b81cb80f8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5585879da2f934e8b153abec759c94a1f2e3366fce734474251bb702890f41db
56e6fef237b35bc673d8b002d647459aa573a64755b36f126ddf302c353d55c2
572b80b324a4dd4a4178975a04f619f4381e4ebdebd6da2abce7f77f91283630
57bdce4015b246190915185b2e25cc39349930f2110281251b6720a41494b1ab
59f64cdfb1dbf90eeed41b90d8925b78f78887dd3d64b79e93c70241391ce8d0
5b1ac3e3dac03cc7b55db95d3e2f6db06359e9f83c31edfe7e8948fe1b005ece
5e6db5b1d9f487470fa3e6b8cca6e41c5fff6127427cc41bd8d718d50e4b5c75
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69531c551a4db00b2810f3b1c3323b5c7dd8b0869aac0e0596c821702ad941f8
6a084f9fa314be804daeb5314c0dcf00022a8d8a1319a990b9546860e2ca8753
6a168e2ddae4d655f0e9793c98406ed886956b7f54544b88a1b9d279fe8b242f
6b345071bbff7b2c15dcfee2c040334b63195c6e6f5736bd3aac51ed7dddf97c
73e8bd79bf0d1104ed34776125a7e0c5eb63409f9e167d7ec49a240e0da5d746
75e476a54c3dd098c5293651fb50be45f0a1e42bff4ab2628daeafda965fa893
79ddf7be081bff1fbbf36ac60e61cef701f9dd29533517195ec3053bbbb7b3d0
7a1ee963309918dcea34c4302591b5e8673110bf3a60e6557dd8da133e4dae80
7ded6069683c03b1571199fcc38e6bbf5511b7154763122f949ef59baab8a86c
7f5ddd98a572bd9924923bf7500c8ab6b904adfc3808324aa498e3cdca736652
80a8c86a3426141c5a1913053e7df222349ee12301e04f5528367270b6ea1283
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8637b0501ace1a66eb37373c3440baf7ac214692ac755d90d901d1c1587f3f6c
878129ddf1d9b265e17296b8c127c12730d999d1c7fcdf766130bb1ce8565d74
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
9bcc83e60680090a091f04512733bb4115168399144f2b578eb8c4b0ee709284
9c8c5ae8437903bcd9d8737d4c119c14492373d06e719215ba9ef065bc5e1186
9d4253a0f72dda4192d5838e69b7218b5eda866d73704a9fa7270c5c9969fba4
ab148d17ac712e1ffac1793e87f1b0a9bf6d7412038d166d3adb18885d0cb6f7
b2a9f93fbdca3d3778eee2ab25de23dac6d97cfea0c8371d117b77b186b75491
b3d20e478360caaaa56018633c6aba62b870b44b31077682cedb1976c7dfb6a5
b53e860d5c71786683ef080150431ccdef7f285ecc24fea1abf56f8bb41109a5
b890c68ff8bd5d94cba364f4bf535c981905c011e66b911cfadcf25b0a34ebbb
bc9b0de101ed029069796700683f819c8ce16e3b26b2a9b30b0ce1b5278e1bf2
c333df748c16c8fd6a9210affe80814b9299bc3769a64281abf6b70c8877421b
c60388a88c4a105525014e7eb4d5a72d6874260238eb1ff7c1cf2e1b78311664
c882a48597f6e7371ce843f4ea4051ce39d92e7cbce2f68d87b869c7b4a7c095
d278533e8015b48285df852d82d9d8497168e963f5fdf50c0b018b01b1e2e2a1
d8582fa49041c89fb626b438a3596d633611da6a6585c33bb21d078c17e1c7e1
d8f4e88ac99f262102de3e2680e4ed399e06d077820ab94da6bba41c21ed76a0
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de816b65a33d1fcf414c1e0b0d5de98b8283f497a655b1a4a78ecf4880c15891
de9eacf95846bb2b23648fa0b8f87cb6758487552933396cf0a42407df207772
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e96930f372070dcb56d2da6a0b683dffcac045aa06b6beb0888e6f05058e71b1
ee20eb48288fcf809f705ad644a562134e640748ed00fa72e884d36405a171f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f041edbc13548d602f2cec9e471761d2904ccaef75b7898bfee8e0fdf6abc23b
f0c4b6b374e131b73d003750d750074f945777359ce76fa5ca180ae1275f73c3
f566d8761b3cdb46344a002ab97bd65b99262bcade6eaac28d42795871b9f97d
f83acd40c68b9ccf326a2b7e9a9c1ee0b1469669bb3135f97decfd0c4a2b7f76
f856c5161cc19bc39c89e5f7f5c187882d57b2024d851a3a0d2f26afcf866f7d
fe73bc501c91e1d80ff59596722f0192519aeb2e1510cc47d71e3b2d5c88d033
feb5a8c3317c13577fc5fb09faaf465f5e7aca64b4e243a492c2c8981cbdf97a
ffb110318b55e8d7acaeaa7816d495e33a5000643327241099565537973ed051

www.ensonhaber.com Open in urlscan Pro 2606:4700:10::6816:49e7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

98 %HTTPS

71 %IPv6

14 Domains

24 Subdomains

22 IPs

5 Countries

2295 kBTransfer

4310 kBSize

13 Cookies

25 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ensonhaber.com Open in urlscan Pro
2606:4700:10::6816:49e7 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

98 %
HTTPS

71 %
IPv6

14
Domains

24
Subdomains

22
IPs

5
Countries

2295 kB
Transfer

4310 kB
Size

13
Cookies

109 HTTP transactions
0 data transactions