www.enca.com Open in urlscan Pro
2606:4700::6810:3b54 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Submission: On July 14 via api (July 14th 2023, 8:13:34 am UTC) from ZA — Scanned from DE

Summary HTTP 334 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 64 IPs in 7 countries across 43 domains to perform 334 HTTP transactions. The main IP is 2606:4700::6810:3b54, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.enca.com. The Cisco Umbrella rank of the primary domain is 609423.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2023. Valid for: a year.

This is the only time www.enca.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2606:4700::68... 2606:4700::6810:3b54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.97.12 18.66.97.12	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:e600:17:2922:12c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
61	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	52.34.43.124 52.34.43.124	16509 (AMAZON-02) (AMAZON-02)
1	63.33.36.239 63.33.36.239	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.212.89.151 23.212.89.151	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.196.134 199.232.196.134	54113 (FASTLY) (FASTLY)
1	34.251.13.38 34.251.13.38	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	54.194.96.60 54.194.96.60	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:780... 2a02:26f0:780::210:a423	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:4e00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	52.0.197.153 52.0.197.153	14618 (AMAZON-AES) (AMAZON-AES)
14	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 11	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:200:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3602:64dc:88e6:e53a:1b23	16509 (AMAZON-02) (AMAZON-02)
6	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
25	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	102.133.181.146 102.133.181.146	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	68.232.35.200 68.232.35.200	15133 (EDGECAST) (EDGECAST)
35	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
6	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	50.31.142.31 50.31.142.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	52.28.152.8 52.28.152.8	16509 (AMAZON-02) (AMAZON-02)
1 1	52.57.153.48 52.57.153.48	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4003:80e::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:62::6	15169 (GOOGLE) (GOOGLE)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
1	216.59.56.193 216.59.56.193	53334 (TUT-AS) (TUT-AS)
2	216.59.56.23 216.59.56.23	53334 (TUT-AS) (TUT-AS)
1	54.77.117.150 54.77.117.150	() ()
334	64

25 2606:4700::6810:3b54 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.enca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.97.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-12.fra56.r.cloudfront.net

cdn.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e600:17:2922:12c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.34.43.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-43-124.us-west-2.compute.amazonaws.com

events.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.36.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-36-239.eu-west-1.compute.amazonaws.com

yield-manager.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.89.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-151.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.134 (United States)

ASN54113 (FASTLY, US)

encacom.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com

ad2.vic-m.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.194.96.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com

demand-engine.browsiprod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a423 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net

8610150.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.197.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-197-153.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:64dc:88e6:e53a:1b23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 102.133.181.146 (Johannesburg, South Africa) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.sd9net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.200 (United States)

ASN15133 (EDGECAST, US)

static.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.31 (Itasca, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.152.8 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-152-8.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.153.48 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-153-48.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4003:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:62::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6nsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.193 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

content.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.59.56.23 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

u.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kwebstat.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.117.150 (None, )

ASN- ()

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 vidstat.taboola.com — Cisco Umbrella Rank: 2607 am-trc-events.taboola.com — Cisco Umbrella Rank: 11890 images.taboola.com — Cisco Umbrella Rank: 1902 imprammp.taboola.com — Cisco Umbrella Rank: 12287 am-match.taboola.com — Cisco Umbrella Rank: 12293 am-vid-events.taboola.com — Cisco Umbrella Rank: 11586 vidstatb.taboola.com — Cisco Umbrella Rank: 5163 pips.taboola.com — Cisco Umbrella Rank: 1578 cds.taboola.com — Cisco Umbrella Rank: 1879 wf.taboola.com — Cisco Umbrella Rank: 2720	2 MB
66	googlesyndication.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	405 KB
39	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 8610150.fls.doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 bid.g.doubleclick.net — Cisco Umbrella Rank: 810	424 KB
25	enca.com 1 redirects www.enca.com — Cisco Umbrella Rank: 609423	639 KB
15	rubiconproject.com 1 redirects eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 652 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199 pixel.rubiconproject.com — Cisco Umbrella Rank: 374	36 KB
15	browsiprod.com cdn.browsiprod.com — Cisco Umbrella Rank: 12027 events.browsiprod.com — Cisco Umbrella Rank: 10307 yield-manager.browsiprod.com — Cisco Umbrella Rank: 11849 demand-engine.browsiprod.com — Cisco Umbrella Rank: 17231	99 KB
13	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113 region1.analytics.google.com — Cisco Umbrella Rank: 2556	2 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	183 KB
7	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4009	29 KB
6	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 325 gcdn.2mdn.net — Cisco Umbrella Rank: 1112 r1---sn-4g5e6nsk.c.2mdn.net	1 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	22 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	281 KB
4	r66net.com static.r66net.com — Cisco Umbrella Rank: 52020	219 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	249 B
4	google.de www.google.de — Cisco Umbrella Rank: 4752	776 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	4 KB
3	videostep.com content.videostep.com — Cisco Umbrella Rank: 200709 u.videostep.com — Cisco Umbrella Rank: 148990 kwebstat.videostep.com — Cisco Umbrella Rank: 301670	1 KB
3	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	242 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	239 KB
2	w55c.net 2 redirects i.w55c.net — Cisco Umbrella Rank: 2590 pm.w55c.net — Cisco Umbrella Rank: 1044	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333	1 KB
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	1 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	6 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1364 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3529	84 KB
2	vic-m.co static.vic-m.co — Cisco Umbrella Rank: 353702 ad2.vic-m.co — Cisco Umbrella Rank: 336020	17 KB
1	adsafeprotected.com pixel.adsafeprotected.com	216 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2276	91 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 573	339 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1995	409 B
1	sd9net.com 1 redirects k.sd9net.com	143 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	376 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 732	395 B
1	t.co t.co — Cisco Umbrella Rank: 511	379 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1242	201 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1447	15 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 405	288 B
1	disqus.com encacom.disqus.com	2 KB
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9915	464 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	6 KB
0	effectivemeasure.net Failed za-ssl.effectivemeasure.net Failed
334	43

	Domain	Requested by
37	images.taboola.com	www.enca.com
35	pagead2.googlesyndication.com	7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com www.enca.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
25	tpc.googlesyndication.com	www.enca.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
25	www.enca.com	1 redirects www.enca.com
15	cdn.taboola.com	www.enca.com cdn.taboola.com
14	securepubads.g.doubleclick.net	cdn.browsiprod.com securepubads.g.doubleclick.net www.enca.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com www.googletagservices.com
11	www.google.com	2 redirects www.enca.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	www.googletagmanager.com www.enca.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com pagead2.googlesyndication.com
9	am-trc-events.taboola.com	www.enca.com
7	www.gstatic.com	www.enca.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
7	static.addtoany.com	www.enca.com static.addtoany.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
6	eus.rubiconproject.com	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
6	7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	www.googletagservices.com	www.enca.com securepubads.g.doubleclick.net 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	demand-engine.browsiprod.com	cdn.browsiprod.com
5	events.browsiprod.com	cdn.browsiprod.com
4	csi.gstatic.com	www.gstatic.com
4	pixel.rubiconproject.com	www.enca.com
4	s0.2mdn.net	7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
4	token.rubiconproject.com	1 redirects eus.rubiconproject.com
4	static.r66net.com	www.enca.com k.sd9net.com static.r66net.com
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com www.enca.com
4	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
4	www.facebook.com	www.enca.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com www.enca.com
4	www.google.de	www.enca.com
4	fonts.googleapis.com	www.enca.com cdn.taboola.com 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
4	cdn.browsiprod.com	www.enca.com cdn.browsiprod.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	am-vid-events.taboola.com	www.enca.com
3	connect.facebook.net	www.enca.com connect.facebook.net
3	trc.taboola.com	cdn.taboola.com
3	www.googletagmanager.com	www.enca.com www.google-analytics.com
2	s.amazon-adsystem.com	1 redirects www.enca.com
2	am-match.taboola.com	vidstat.taboola.com
2	8610150.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
1	pixel.adsafeprotected.com
1	wf.taboola.com	vidstat.taboola.com
1	kwebstat.videostep.com	www.enca.com
1	u.videostep.com	static.r66net.com
1	content.videostep.com	static.r66net.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	r1---sn-4g5e6nsk.c.2mdn.net	www.enca.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	www.gstatic.com
1	tr.blismedia.com	www.enca.com
1	pm.w55c.net	1 redirects
1	i.w55c.net	1 redirects
1	b1sync.zemanta.com	1 redirects
1	s.company-target.com	1 redirects
1	cm.g.doubleclick.net	www.enca.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.enca.com
1	k.sd9net.com	1 redirects
1	imprammp.taboola.com	vidstat.taboola.com
1	region1.analytics.google.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	adservice.google.com	8610150.fls.doubleclick.net
1	px4.ads.linkedin.com	www.enca.com
1	px.ads.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	www.enca.com
1	t.co	www.enca.com
1	ping.chartbeat.net	www.enca.com
1	static.ads-twitter.com	www.enca.com
1	static.chartbeat.com	www.enca.com
1	gum.criteo.com	cdn.taboola.com
1	ad2.vic-m.co	static.vic-m.co
1	encacom.disqus.com	www.enca.com
1	widget-pixels.outbrain.com	www.enca.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cdnjs.cloudflare.com	static.vic-m.co
1	yield-manager.browsiprod.com	cdn.browsiprod.com
1	fonts.gstatic.com	fonts.googleapis.com
1	widgets.outbrain.com	www.enca.com
1	static.vic-m.co	www.enca.com
0	za-ssl.effectivemeasure.net Failed	www.enca.com
334	81

This site contains links to these domains. Also see Links.

Domain
www.addtoany.com
app.goldentree.de
popup.taboola.com
trc.taboola.com
ovemo.de
wait.gesundesleben365.de
shefence-citional.com
wenigerausgeben.com
arnimalconeer.com
bikeheroes.at
bredings-person.com
go.technoinfogadget.com
meine.gesundheit-zuhause.com
etv.mcidirecthire.com
bccsa.co.za
www.youtube.com
twitter.com
www.facebook.com
www.instagram.com
www.openview.co.za
www.etv.co.za
www.iabsa.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.browsiprod.com Amazon RSA 2048 M02	`2023-02-22` - `2024-02-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.vic-m.co Amazon RSA 2048 M01	`2023-07-12` - `2024-08-09`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
ad2.vic-m.co Go Daddy Secure Certificate Authority - G2	`2022-06-25` - `2023-07-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-22` - `2023-07-21`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.r66net.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-11` - `2024-02-11`	a year	crt.sh
content.videostep.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-20` - `2023-11-03`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Frame ID: CA1E03CF0338EFEB3CD60BB9C29337A5
Requests: 189 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: 47B7ED363F850E0B2FCAB73C060BC2BA
Requests: 1 HTTP requests in this frame

Frame: https://www.enca.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
Frame ID: 97DC59C72AF02027986F1EA949FEA801
Requests: 2 HTTP requests in this frame

Frame: https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts
Frame ID: AFAA0D0DE8C61DE7815B117825AC5805
Requests: 2 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 86719D0762656884F1E2C63B4C1402B8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 43AB12D7B810D2A0384835844C52E2EF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8D4F79F640C4F9FB57A87539574B4CAE
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=undefined&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f5739f2-1faa-4633-87d7-8003d22995b2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 5967E5E1578A0E4921F7F71655914304
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 6F267C122FD1FC1BEB08D3C0AD540E3E
Requests: 3 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4927F439CBADB85DDADBAAA1B3F3D8E3
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 4ACA431251EA8A9FCF2E2713D919B439
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: C917709E9F90F9A725F2316DECDCC3D0
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6CE07E2784D05A6A48BBE15424ACB07A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 843A6FAE41A0A0EBEEC091B103992220
Requests: 2 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E387F3E5807EF05FFE545061F5AB3563
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlgFxpcGKTl7AyDv-ynCyorooFl4-wX9TSfGCs38HOS_uugwFbNngjgRc9WmGXhvgx68O8apECQB9v6oqYSkDSmt4o6u7HBbCqgfZf3DLXCIXyj4bzA2rNuPmF1q68-iA-BoRcK97HU8ocBr54IP-5DtQw0GU83WR5cGBnwliBOszoOS4m7jBcC6GzFd4qh_XINl1_wL5s7tloaQUqyN6rl0zB55Ol2nA9Nui2DAeLq6Ot2LzQ7mUsa9yQrFWwVwRugv8bE3FGQNzNjiU7swaHhfBoE8XaSMcPTqkMycr6VYf2TdlFv3qIngOU6vthMaehPg&sai=AMfl-YSpbtZgU7b4Ld_MrFRLJ6i9pxokCt36YoIsyCfyQz5FdohFTC4g-7J-oC-1YE-3aBR5tNwB-rsFN7MuyuiOwVyQ25BmlCTCOD23K14Xmsr60MZ_5cAdh6vh4w622hQ&sig=Cg0ArKJSzNSR7_fsuWM3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6FD715BCDB5FB210D36904BBE10B0FCB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGM-usuQBMAE&v=APEucNVr9zructJDWSIsceSpBnj2A_vA11Lf2uxSbHwWnAQRYmWL4aNL2i6_VpNusQE6ZxTbVwAMjUKWDlvyqpXvngV4zD4_uQ
Frame ID: 9B29D537C441F7B449658E2D7C137543
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 296C008A2EA057445BFBEDAFF96F65AB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F129DB3D301978291685628FE7EDB966
Requests: 3 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2756BD6246C34D6F2970F9C8CDFD171E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js
Frame ID: 6153A76A090EC19BB38BE4E260576706
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQvp3cATAB&v=APEucNUKiIwb6DqPQoswI9Kz_FLjnaEngPN-XknppIUrUC8MObzBqokvUzcop_5BrWo5qCcVQI3J3vDPldMFnfmr7AerPCKzmg
Frame ID: E5865816CAA9D7A39879DC15F166D010
Requests: 1 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 41DCFBB7C7A8E584AB8B938A53289519
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2068D65A29940FC906E48811425760C9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9DCDA33B10347681589B83CE19D4D4A6
Requests: 3 HTTP requests in this frame

Frame: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D3AEE486C7CB877250BF53DFA78EFCB0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 168FC7D0A3B98FEFB3F2994976F778A4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjAhsHjATAB&v=APEucNWVDPrHQ_KvyGQMbcvlIoNi7fmUEQdhjECy3A6mIWLJtlucAB_L4qKe8cogEI1u6MZHVL_YyicMQ0VxysxIQa76HgXbJQ
Frame ID: ED4214B29D5CEB622D2BD9A9733F21CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 81C7A4736EBA0653D9438D52FAA25F3C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2991ECD9DC8920D6A4E195BCC464D807
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C1E3EC567DCF0245F1A33F0DBA4FD43
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banking scams | Consumers warned of mule bank accounts | eNCAGroup 3Group 3Group 3Group 3

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

334
Requests

97 %
HTTPS

47 %
IPv6

43
Domains

81
Subdomains

64
IPs

7
Countries

6623 kB
Transfer

14096 kB
Size

33
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addtoany.com/share#url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&title=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA
Title: Share

Search URL Search Domain Scan URL

URL: https://app.goldentree.de/abt/ageless-ob4
Title: goldentree.de

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=8b58d8e1e38c2e7d97f67f455beabf98&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~437770522546736157~~9BSALmFOc1dW-hw6eHCZ8QnHyJBW3m0gWRyBNrUSZqv6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmHsBFez-4f_NbziU7lJARZxPkwirSfHa4dRhC1s-HfJRo2RZBE-NnmZYuL03jnLljSj9j1ifHi2bHK3X3LoPUGtKsQXDndQ3Be2W3SWYvNYEjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=1452b43de88437a9555211579bedc7baa5f1299a0410&redir=https%3A%2F%2Fapp.goldentree.de%2Fabt%2Fageless-ob4%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B25427894%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ADE%7CProduct%3AAGELESS%7CNote%3Anull%7CDate%3A31.05.2023%7CCampaignID%3A2719%7CAgent%3AJan%7CDevice%3Amixed%7CAbTestSlug%3Aageless-ob4%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4%26refferalid%3D001%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4oxdSQlcOZyL52%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4oxdSQlcOZyL52&vi=1689322407424&p=nativeadsexpertsagency-lizardkingteam-ageless-sc&r=47&lti=deflated&ppb=CNkH&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://ovemo.de/products/happywalk
Title: Ovemo

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=8b58d8e1e38c2e7d97f67f455beabf98&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-3849201395583736013~~1h-UAZ-A47w5ixlH67882pdD3o5WcnHMYoq3KjO2bGL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmBvobvwb6VFdnb1bwB8lrbsZN3vst1GYt2r_t0aFVl9Ay6tFO1vs9oa-nqdFWxvbeP2ROvSjm6Fj-J-ULlMatoAkL0oqnEDCdQD7AV3Hr2tLjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=40c5165e3f08393bbf68741ca3763a2fb026ad9cf77d&redir=https%3A%2F%2Fovemo.de%2Fproducts%2Fhappywalk%3Futm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D25353682%26utm_term%3D1347020%26utm_content%3D3696249572%26tabclid%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18ok6Kcwu2dkNUQ%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18ok6Kcwu2dkNUQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18ok6Kcwu2dkNUQ&vi=1689322407424&p=saschawarbruckonlinehandel-ovemode-sc&r=16&lti=deflated&ppb=CNkH&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://wait.gesundesleben365.de/8fc545d2-479b-497c-8b4a-2b2ccc6e3e00
Title: Slimming Gummies

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=67cf5e279e182481d09b0e4f5db1a05d&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~742516979775999245~~DHP3L6t5S2fKR-Jt1pqsKeZRcBwWkNNx-tlhetiBF4D6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIP5ZnGm2FEG-o7XA_myzMAA6ag4iU9f0aEik-N2Yjn5ZzlXBkqkNuMMWDeIZdvRC0D_Voo7qKC1_OPVFSLbvIfzwBwbVzqx5qDQAj-sfT0Dk6R8vjkFbdSSE8xt4cMJ4w&pt=text&li=rbox-t2v&sig=b0b662125aaf8e23b0192557b5ad773f929bdd5dda22&redir=https%3A%2F%2Fwait.gesundesleben365.de%2F8fc545d2-479b-497c-8b4a-2b2ccc6e3e00%3Ft1%3Desattv-enca%26t2%3D1347020%26t3%3DDeutsche%2BAbnehm-Erfindung%2Bmacht%2BExperten%2Bsprachlos%26t4%3DDesktop%26t5%3D25540892%26t6%3D3699320370%26t7%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Faf046b710cbd8a4eea0e35d054a56798.jpg%26click_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgoj_eRoKib4_BH%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgoj_eRoKib4_BH%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgoj_eRoKib4_BH&vi=1689322407424&p=ley-sc&lti=deflated&ppb=CK0C&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/7e3279c8-3806-4ef7-8ec4-660bde43f231
Title: Nutravia

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%204:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=bc42def9ce5c384d8cca5f976fd935bc&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~2365969727593071754~~Z95-FzAH73cGYa-r-kOX5aa3qIWz44x-LD5N_S1Iam_6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmDGtWoym46jtanYD8yaeBbP18xwoftU5dSDb4yIiFb8I-q9VfJynFjVfjsAgpIDmG4mz4yv7KFtsOuKbBXC0kEQkL0oqnEDCdQD7AV3Hr2tLjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=29b373a73638b581ac54204e5bb45a35a51be5198be7&redir=https%3A%2F%2Fshefence-citional.com%2F7e3279c8-3806-4ef7-8ec4-660bde43f231%3Futm_source%3Dtb%26utm_medium%3Dcpc%26utm_campaign%3DGut_TBDE_dk0623%26utm_term%3Desattv-enca%26utm_content%3D3709672949%26t%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCrrUYovf_Voe2-5Zg0%26a%3Dtb%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCrrUYovf_Voe2-5Zg0%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCrrUYovf_Voe2-5Zg0&vi=1689322407424&p=2mmedia-solutionintestin-sc&r=47&lti=deflated&ppb=CKcE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://wenigerausgeben.com/search/browsing/car-rental-icon-y/
Title: wenigerausgeben.com

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=bc42def9ce5c384d8cca5f976fd935bc&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-8860464085123581081~~tZ7Z7xwNDn_VsfY0PW5gVcKqxRG_4_qPQVhGj8zqZ9z6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQW0OKu3VbaFI1uOBK2OWbXOhlo6TqWritVMGNgX6wrCus8nkvilqDooLAe1HKDwTL8eF7DlpaKqURSZ8EWZlZVwTfYGrgdt89DcQmKRCk85H2fjxRl8kko-htcJLMmzeokL7iGWlzm6lHsottHq7aGKztmEgfwuzs6rMBgnUMeiYuVguSiF4uU_Owid1Lk8lw-8QB7hD-RSAXk0xZfnjgcXdddkQtCuRMRAAjBtDz7YCbEdDoz3kuh7J2D6hgBlQo1iLGx_c5ia-9w9lGViw3h_z366Vc4S9bjpsewCzYjp_hMyb6u9JF1WBpAvc3del4x-yOmoR8NdO9CH6lsNDXMDD0VhHOl9auwdhCqjOYtPNF1uDCUl2erKuhM8RA00Sf8ny---4i-87ciMhUQZ4HNw&pt=text&li=rbox-t2v&sig=ef5e67a7590364069cfec6617a1d9de3c708f62b6b70&redir=https%3A%2F%2Fwenigerausgeben.com%2Fsearch%2Fbrowsing%2Fcar-rental-icon-y%2F%3Fmkt%3Dde%26pid%3D1419549%26utm_source%3Dtb%26utm_medium%3Dppc%26utm_campaign%3D25796092%26utm_term%3Dcar-rental%26utm_content%3Dfa960a8129cd5e64aceea02b41ec33e588e8dcac9f9e4edd476181bb762871166f0a5ac9a15834%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCd0lYo8u-N6ZyJyJsp%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCd0lYo8u-N6ZyJyJsp&vi=1689322407424&p=taptango-germany-sc&r=42&lti=deflated&ppb=CKcE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://arnimalconeer.com/6532ca93-bf5f-4138-9b78-543bd2769aa2
Title: Fettverbrennung

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=e6bcbb594b0d40efef9488ca07c69ffc&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-7495403001161741303~~ECbt4Pm7aPufZnAtPJAyzcBwNiJM6imQUZCfYCU60jX6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmJsABpk1QZwVtK_Z6oIEiK-IEOKBKvQ7325ixkI47K5gTRwvhXeZIyb8yRork6FhIVOZxxxpabvIq-tDmXllK6ZKsQXDndQ3Be2W3SWYvNYEjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=a87ced221b425be6850d6405c669d1ea67078654835c&redir=https%3A%2F%2Farnimalconeer.com%2F6532ca93-bf5f-4138-9b78-543bd2769aa2%3Fsite%3Desattv-enca%26site_id%3D1347020%26title%3DDiese%2BKaugummis%2Bverbrennen%2BFett%2B%25C3%25BCber%2BNacht%2B%25282%2BSt%25C3%25BCck%2Bvor%2Bdem%2BSchlafen%2529%26platform%3DDesktop%26campaign_id%3D25397852%26campaign_item_id%3D3702686998%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Ff483e959519075e9bed26ba5346a144d.jpeg%26click_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0og8Otht6XhPx4%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0og8Otht6XhPx4%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0og8Otht6XhPx4&vi=1689322407424&p=fluxgadgets-ketoxplodegummiesdiet-sc&r=40&lti=deflated&ppb=CPAG&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Jetzt kaufen

Search URL Search Domain Scan URL

URL: https://bikeheroes.at/products/cloudcomfort-pro
Title: BikeHeroes

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=58178d41e612675ca36223ec2bbece5d&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-4546299106687823326~~HR-VsS_JgdBj-8od1h6Us3uNcZeLegoW9FaYVyMV7gz6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmAV_lJ4e8ZnypDkS3dNJVu1Yutg3nsuX-m4Rjjb6py4EiI9EBuJIvR7U1GGxNRV_979Js5rIAp_sPcaMzS3RTtUkL0oqnEDCdQD7AV3Hr2tLjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=1b972384025cefec2da9e0b1fa112f6ff3691cdedf20&redir=https%3A%2F%2Fbikeheroes.at%2Fproducts%2Fcloudcomfort-pro%3Fsl%3DBH%2B-%2BDesktop%2B-%2BDE%2B-%2BPIC%2B%2528CC%2BPro%2529%26htrafficsource%3DTaboola%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCjrl4o_qSq7eLy-ZGyAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCjrl4o_qSq7eLy-ZGyAQ&vi=1689322407424&p=mnmmarketingog-bikeheroes-sc&r=75&lti=deflated&ppb=CP4G&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Jetzt kaufen

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7a9920f4-d67c-4782-9847-08ce4b0b707e
Title: Deutsche Neuro

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%208:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=62acb1df09fb08fc11e1798c7b8e93a7&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-1718096632061084698~~pt0EDY1JaKuOlHh16W6cjbJ5TUXHVpj8OBqa-RMZTEH6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2jiZaVV0tmQ1yUgw8rpSzIVM6ScdzwPU2amAtYGKeWE7lMpwO0fn9ioET4f2-t2m3Typ9Mm1gddZFtXzY_wJjVyyafN3CSC5l9qseQOsVRzhPEff0eMgqAQJGufmzhgmaoiBBlyYNXOEZF-2SkKhbjQH-x5xgq_7L5jykPuHawwzjv_lHxsooJqVzJi121aQaH_Xuyxeh9BACXIU67g9mCGEyGt9EbEWngnq8v_iwRw447gz2H3aM2ZrV20GxIP0nnEW1WPVLaPxS-WzO_1GCbw&pt=text&li=rbox-t2v&sig=00aac907aba60a976d81ced2a1f59fa3fb5f4908ed5d&redir=https%3A%2F%2Fbredings-person.com%2F7a9920f4-d67c-4782-9847-08ce4b0b707e%3Futm_source%3Dtb%26utm_campaign%3Dtb_dk0423%26utm_term%3Desattv-enca%26utm_content%3D3677281779%26t%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiC_sFwoyI7hn87Yn5Ea%26a%3Dtb%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiC_sFwoyI7hn87Yn5Ea%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiC_sFwoyI7hn87Yn5Ea&vi=1689322407424&p=2mmedia-neuro-sc&r=16&lti=deflated&ppb=CAk&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://go.technoinfogadget.com/go/a5ccad48-510e-45e4-9f57-d0433a902b67
Title: MoskitoPro

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=62acb1df09fb08fc11e1798c7b8e93a7&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~3087145173285054687~~sGU5cRuAqrtNLAzcAeMVNabSQrcuhJoE0ggl4OsBolj6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmPz4fjKUKYQT6zqi3CIms3IZN3vst1GYt2r_t0aFVl9AoY_PRBE2pHVu7uGUy0Fa4tDHgB_bUi4Mk0dS3DJ0uENKsQXDndQ3Be2W3SWYvNYEjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=dbf1718a56dea03da81fda5bd4617733e5ca8e4b9a5b&redir=https%3A%2F%2Fgo.technoinfogadget.com%2Fgo%2Fa5ccad48-510e-45e4-9f57-d0433a902b67%3Fclick_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCstUgo44S6_9fJs-SnAQ%26utm_site_id%3D1347020%26utm_site%3Desattv-enca%26utm_campaignid%3D25428464%26utm_thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252F37ef999f153dbe01711c953afdde3361.jpeg%26utm_title%3DDieses%2BAnti-M%25C3%25BCcken-Armband%2Bbricht%2BVerkaufsrekorde%2Bin%2BDeutschland%26utm_campaign_item%3D3697388799%26utm_platform%3DDesktop%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCstUgo44S6_9fJs-SnAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCstUgo44S6_9fJs-SnAQ&vi=1689322407424&p=neepple-bracelet-sc&r=80&lti=deflated&ppb=CAk&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://meine.gesundheit-zuhause.com/43da6bfc-dd4b-4449-a35e-2ae254f5502d
Title: Abnehm Gummis

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%2010:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=c66f8807c5bc98f41eff5ee348f646fe&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~3496916957240564924~~T3y5uvq1jS72pQ4nrf3Q1FeKuwKzPCw2JXWiQZXRg4j6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2jiZaVV0tmQ1yUgw8rpSzIVM6ScdzwPU2amAtYGKeWE46TOF3YoD8S3wtZ1_2b5cDjhQ5_9IhkgPtnntsPUtyUEYTZrGx6CB16waFK_aRKwkdrtuEpZZlQSZdy_Rt73URsOH7F8VUk7JrUIN3jqHX9La8j0MWAENNp8AwFcApkqfmNZCVRtbf6dnm1OXVH0_0CxM1cnNAU4YvM1C97jxUnK3TiUNWl1R2_5TSELSWxClL3gHsJ4XpGy9V4NhBC2NF&pt=text&li=rbox-t2v&sig=6713de69f4d5d31e851ead0deac15efbd01e50505293&redir=https%3A%2F%2Fmeine.gesundheit-zuhause.com%2F43da6bfc-dd4b-4449-a35e-2ae254f5502d%3Futm_campaign%3D23898773%26utm_content%3D3690261887%26utm_medium%3DDesktop%26utm_source%3Desattv-enca%26site_domain%3Denca.com%26site_id%3D1347020%26image%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fd0746f7861db7b53fbab03f2e592bba6.jpg%26title%3DMit%2Bzwei%2BGummib%25C3%25A4rchen%2Bverbrennt%2BIhr%2BBauchfett%2Bdie%2Bganze%2BNacht%2521%26utm_network%3Dtaboola%26click_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDEmF0o5t2W69j6sMct%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDEmF0o5t2W69j6sMct%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDEmF0o5t2W69j6sMct&vi=1689322407424&p=gpmsolutions-keto-sc&r=77&lti=deflated&ppb=CN0C&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://etv.mcidirecthire.com/external/currentopportunities
Title: Careers

Search URL Search Domain Scan URL

URL: https://bccsa.co.za/
Title: Bccsa

Search URL Search Domain Scan URL

URL: https://www.youtube.com/enewschannel

Search URL Search Domain Scan URL

URL: http://twitter.com/eNCA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/eNCAnews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/encanews/

Search URL Search Domain Scan URL

URL: http://www.openview.co.za/

Search URL Search Domain Scan URL

URL: http://www.etv.co.za/

Search URL Search Domain Scan URL

URL: https://www.iabsa.net/

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=d04314775f1dafc35a1ab32de8f622cd&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~437770522546736157~~-PwRY0u6Zj6vNUVamXvRCwnHyJBW3m0gWRyBNrUSZqv6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmAupelCQKxzUCtPuBAbskiRPkwirSfHa4dRhC1s-HfJRo2RZBE-NnmZYuL03jnLljSj9j1ifHi2bHK3X3LoPUGtKsQXDndQ3Be2W3SWYvNYEjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=7af0bf240957a3b85eef2615707c924d34b8648ad667&redir=https%3A%2F%2Fapp.goldentree.de%2Fabt%2Fageless-ob4%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B25427894%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ADE%7CProduct%3AAGELESS%7CNote%3Anull%7CDate%3A31.05.2023%7CCampaignID%3A2719%7CAgent%3AJan%7CDevice%3Amixed%7CAbTestSlug%3Aageless-ob4%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4%26refferalid%3D001%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4oiom3v4C4yMiuAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4oiom3v4C4yMiuAQ&vi=1689322407424&p=nativeadsexpertsagency-lizardkingteam-ageless-sc&r=24&lti=deflated&ppb=CMAC&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=d04314775f1dafc35a1ab32de8f622cd&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-3849201395583736013~~1h-UAZ-A47w5ixlH67882pdD3o5WcnHMYoq3KjO2bGL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmPpWPJYmA_r6Hj1LPfsKYmAZN3vst1GYt2r_t0aFVl9Ay6tFO1vs9oa-nqdFWxvbeP2ROvSjm6Fj-J-ULlMatoAkL0oqnEDCdQD7AV3Hr2tLjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=26b5b0dfdb7baa4cf9f7144d68d7e8ec0e2beda7eb94&redir=https%3A%2F%2Fovemo.de%2Fproducts%2Fhappywalk%3Futm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D25353682%26utm_term%3D1347020%26utm_content%3D3696249572%26tabclid%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opuXg-9mHm8gM%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opuXg-9mHm8gM%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opuXg-9mHm8gM&vi=1689322407424&p=saschawarbruckonlinehandel-ovemode-sc&r=52&lti=deflated&ppb=CMAC&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=85a02710d92ac071692b271894bbb8c8&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~742516979775999245~~Vf_n1OL5KRbWK2yqqPdz2eZRcBwWkNNx-tlhetiBF4D6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKIP5ZnGm2FEG-o7XA_myzMAOrmnfUtnp0135ZmcWb17Q5zlXBkqkNuMMWDeIZdvRC0D_Voo7qKC1_OPVFSLbvIfzwBwbVzqx5qDQAj-sfT0Dk6R8vjkFbdSSE8xt4cMJ4w&pt=text&li=rbox-t2v&sig=d3545cd3511fecf27cf5b8886e848a8bd341a2e36308&redir=https%3A%2F%2Fwait.gesundesleben365.de%2F8fc545d2-479b-497c-8b4a-2b2ccc6e3e00%3Ft1%3Desattv-enca%26t2%3D1347020%26t3%3DDeutsche%2BAbnehm-Erfindung%2Bmacht%2BExperten%2Bsprachlos%26t4%3DDesktop%26t5%3D25540892%26t6%3D3699320370%26t7%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Faf046b710cbd8a4eea0e35d054a56798.jpg%26click_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgo_o3Uh6jao_OtAQ%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgo_o3Uh6jao_OtAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCg_kgo_o3Uh6jao_OtAQ&vi=1689322407424&p=ley-sc&r=90&lti=deflated&ppb=CPgE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=85a02710d92ac071692b271894bbb8c8&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-7495403001161741303~~sY_ekDeOxE4w0E2qss7488BwNiJM6imQUZCfYCU60jX6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmCgI33lvsLt2yNz3cY0RmgiIEOKBKvQ7325ixkI47K5gTRwvhXeZIyb8yRork6FhIVOZxxxpabvIq-tDmXllK6ZKsQXDndQ3Be2W3SWYvNYEjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=3db84711de24eab025262b0cdee699af88e3fd2de7d5&redir=https%3A%2F%2Farnimalconeer.com%2F6532ca93-bf5f-4138-9b78-543bd2769aa2%3Fsite%3Desattv-enca%26site_id%3D1347020%26title%3DDiese%2BKaugummis%2Bverbrennen%2BFett%2B%25C3%25BCber%2BNacht%2B%25282%2BSt%25C3%25BCck%2Bvor%2Bdem%2BSchlafen%2529%26platform%3DDesktop%26campaign_id%3D25397852%26campaign_item_id%3D3702686998%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Ff483e959519075e9bed26ba5346a144d.jpeg%26click_id%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0ouo7ymOj4qPoh%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0ouo7ymOj4qPoh%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCQiF0ouo7ymOj4qPoh&vi=1689322407424&p=fluxgadgets-ketoxplodegummiesdiet-sc&r=7&lti=deflated&ppb=CPgE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Jetzt kaufen

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=esattv-enca&utm_medium=referral&utm_content=next-up-new:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~437770522546736157~~j5cZl_Zf8UqlLAYQGCUsMAnHyJBW3m0gWRyBNrUSZqv6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmE9zzrouczcLgZyvxHmuoOZPkwirSfHa4dRhC1s-HfJRo2RZBE-NnmZYuL03jnLljSj9j1ifHi2bHK3X3LoPUGsZcvCxLd-Ra2kE8DSwsjiijrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=7ba5349c4ff9a15e7585e18ff255957f439180ddb6f1&redir=https%3A%2F%2Fapp.goldentree.de%2Fabt%2Fageless-ob4%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B25427894%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ADE%7CProduct%3AAGELESS%7CNote%3Anull%7CDate%3A31.05.2023%7CCampaignID%3A2719%7CAgent%3AJan%7CDevice%3Amixed%7CAbTestSlug%3Aageless-ob4%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4%26refferalid%3D001%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4or8rChK_xlduJAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiCZ_F4or8rChK_xlduJAQ&vi=1689322407424&p=nativeadsexpertsagency-lizardkingteam-ageless-sc&r=75&lti=deflated&ppb=CMEE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/esattv-enca/log/3/click?pi=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&it=text&ii=~~V1~~-3849201395583736013~~1h-UAZ-A47w5ixlH67882pdD3o5WcnHMYoq3KjO2bGL6nH0OabNJtzzP-ddPU2nvK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQQas41f4COFvufOf52grWNe487k0pvO_9ezrwRupEiSMB7CKWDYR-vkpxcdUUzOgEqMBBvkdfag99mRDkZdH7GZIABZnE6iw0vZgovqPMyoCY6eD5jnG1QLwcl4nkEOHw5CoWLlX1uzG9gUBqYmKqk08KJRZ9mwaEcwcGgiTaJHWsUaZak2AcDXKoRwoERbO2SJxwhdJv3jKN701ohCgWIPvdAwBc-tgcz2_jjECScpI4w8PM6vv5gTX6XQUWwWKICkrQ19BmrwN1DWq7cGECmO2gWiexdY5P9pyUNhnbczoZN3vst1GYt2r_t0aFVl9Ay6tFO1vs9oa-nqdFWxvbeP2ROvSjm6Fj-J-ULlMatoD76LG0EhoQMdQRDjOpAuTcjrOGv-6iDoYLvQ6osB3pEQ&pt=text&li=rbox-t2v&sig=4f2fd0da3492392a958a1e53158a580a9f3defdb841f&redir=https%3A%2F%2Fovemo.de%2Fproducts%2Fhappywalk%3Futm_source%3Dtaboola%26utm_medium%3Dnative%26utm_campaign%3D25353682%26utm_term%3D1347020%26utm_content%3D3696249572%26tabclid%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opOf0rOiT2YCwAQ%26tblci%3DGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opOf0rOiT2YCwAQ%23tblciGiDapPwZZLKvx4kEFTwHN0cZ_CVW2pEq0YVzDZJSB7gjfiDkl18opOf0rOiT2YCwAQ&vi=1689322407424&p=saschawarbruckonlinehandel-ovemode-sc&r=15&lti=deflated&ppb=CMEE&cpb=EhIyMDIzMDcxMy04LVJFTEVBU0UYvMTb0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyNTM4gI78hwVAm-MJSImKEFDK-t4DWP___________wFjCNA3EJ9PGDBkYwizRhCCXRgyZGMI2kQQ91oYE2RjCNcWENUfGCNkYwjXRxDXXhgkZGMI3AoQoBAYFmRjCNIDEOAGGAhkYwiWFBCfHBgYZGMI_0YQ7l0YHWRjCPQUEJ4dGB9kYwiFQhCpVxgPZGMIpCcQijUYL2R4AYABAogBn9Om7QGQARyYAbGM2ZuVMQ&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.enca.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://www.enca.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

Request Chain 60

https://8610150.fls.doubleclick.net/activityi;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts HTTP 302
https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts

Request Chain 81

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&e_ipv6=AQJqDH-JZR4q3wAAAYlTdkiybzUqYIvDwRrCTXCe67T-3C8l5FGVQZnzwu7DAfpF5_GG5K0

Request Chain 193

https://k.sd9net.com/GetLink HTTP 302
https://static.r66net.com/d_s1/gl23.7.3.js

Request Chain 195

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 246

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Request Chain 247

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

Request Chain 249

https://s.company-target.com/s/rp?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=f3ba117f-5e85-4978-8a52-2b39c79b6071

Request Chain 250

https://b1sync.zemanta.com/usersync/rubicon/?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---

Request Chain 251

https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=1&us_privacy=1--- HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=qeGMCQ0X1QkdVD5&expires=30&gdpr=1&us_privacy=1---

Request Chain 292

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 299

https://gcdn.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/5A87C0D76756553891EE15FAAD9FB850AEBA21F.A6A26C378F3BAD3A9982320C0EC8B25BA6CFC736/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/056AD7D573F416AD6DA0EB6A1C18D49EA54370F5.110D1B12FA98A1976E6E6DA4298F056E1129C508/key/cms1/cms_redirect/yes/mh/Qj/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1689321015/mv/u/mvi/1/pl/36/file/file.mp4

334 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request banking-scams-consumers-warned-mule-bank-accounts Show response
www.enca.com/business/ 46 KB
11 KB 422ms
311ms Document
text/html 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

564c64a15991e68abe6d646f638395a1f24c1ae5beb8e0223d32ce61e141dbbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=31536000, public
cf-cache-status: EXPIRED
cf-ray: 7e684e70ea8c2c51-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
date: Fri, 14 Jul 2023 08:13:26 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Fri, 14 Jul 2023 08:13:26 GMT
server: cloudflare
vary: Cookie,Accept-Encoding,Host
via: varnish
x-ah-environment: prod
x-cache: MISS
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: HIT
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-request-id: v-4f1a6984-221e-11ee-8201-632976d598a3
x-ua-compatible: IE=edge

GET
H2 200 bootstrap.js Show response
cdn.browsiprod.com/bootstrap/ 44 KB
12 KB 157ms
43ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 1t9oY5dsI2O5mQBgGHRbvmpc_xaX5j1v
content-encoding: br
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
date: Fri, 14 Jul 2023 07:20:01 GMT
last-modified: Thu, 11 May 2023 07:31:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 3206
x-amz-server-side-encryption: AES256
etag: W/"32453f3d63d4172abe613f1936f6ee5d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=3600
x-amz-cf-id: WMPddez0Wofo2oPursYI6wGU5tR8UQko1uoc6DOCZH8iSndxPr_slQ==

GET
H2 200 google_tag.script.js Show response
www.enca.com/sites/default/files/google_tag/primary/ 347 B
502 B 52ms
51ms Script
application/javascript 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/google_tag/primary/google_tag.script.js?rxgfcu

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b8e9daac6fdd5e2faacc357074102ef46afb6fdbcd59aa885ab9e809e471dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 52
date: Fri, 14 Jul 2023 08:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 540796
x-cache: HIT
x-ah-environment: prod
content-length: 281
x-request-id: v-8b76d388-1d30-11ee-ae5c-df0cf2560586
last-modified: Sat, 08 Jul 2023 01:41:21 GMT
server: cloudflare
vary: Accept-Encoding,Host
content-type: application/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e72fcaa2c51-FRA
expires: Sat, 22 Jul 2023 01:41:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 139ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,700i,800

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69238b8faab0e1e6d59d48d3afa3b33f9496510107741a81b45c8c9c9d101e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:34:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:13:26 GMT

GET
H2 200 css_rg01BJlCmWxxm3gIEfB-IG9q1cKe--q_DCW3YpfTniw.css
www.enca.com/sites/default/files/css/ 17 KB
4 KB 67ms
66ms Stylesheet
text/css 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/css/css_rg01BJlCmWxxm3gIEfB-IG9q1cKe--q_DCW3YpfTniw.css

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae0d35049942996c719b780811f07e206f6ad5c29efbeabf0c25b76297d39e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 772428
x-cache: MISS
x-ah-environment: prod
content-length: 3887
x-request-id: v-be1213f6-0508-11ee-aae8-b3f1ad022989
last-modified: Mon, 05 Jun 2023 19:50:47 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e72fcac2c51-FRA
expires: Wed, 19 Jul 2023 09:39:38 GMT

GET
H2 200 css_wsfAeTYp-gjpjZo8iYl12XX-wnFsMeud2KDRu3tIvl0.css
www.enca.com/sites/default/files/css/ 261 KB
38 KB 53ms
52ms Stylesheet
text/css 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/css/css_wsfAeTYp-gjpjZo8iYl12XX-wnFsMeud2KDRu3tIvl0.css

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c7c0793629fa08e98d9a3c898975d975fec2716c31eb9dd8a0d1bb7b48be5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 8
date: Fri, 14 Jul 2023 08:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 352811
x-cache: HIT
x-ah-environment: prod
content-length: 39075
x-request-id: v-59c8578c-08e3-11ee-904f-9f505588b373
last-modified: Mon, 05 Jun 2023 19:50:47 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/css
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e72fcad2c51-FRA
expires: Mon, 24 Jul 2023 06:04:33 GMT

GET
H2 200 vicinity-head-tag-v1.js Show response
static.vic-m.co/ads/ 45 KB
17 KB 158ms
45ms Script
application/javascript 2600:9000:2057:e600:17:2922:12c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2225
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:e600:17:2922:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbef5864ff31251230e362229fb4de781e6d794efe90e9ade6205d9ae9762488

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:40:12 GMT
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified: Thu, 25 Nov 2021 14:44:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 48796
etag: W/"8056ecdbaa2fdd8cccef5a4758d1af70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Xqo4DFkOB5hATViuvK9_O_0e1puxuhkclcyH9nXliNWM6kxBEdPxXA==

GET
H2 200 js_8ok9jFwv7OXcK0si4okpsCZfQysJz22OgNPx6xG8dpA.js Show response
www.enca.com/sites/default/files/js/ 96 KB
33 KB 91ms
90ms Script
text/javascript 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/js/js_8ok9jFwv7OXcK0si4okpsCZfQysJz22OgNPx6xG8dpA.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2893d8c5c2fece5dc2b4b22e28929b0265f432b09cf6d8e80d3f1eb11bc7690

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 755244
x-cache: MISS
x-ah-environment: prod
content-length: 34011
x-request-id: v-b55def76-053c-11ee-a2c2-271e2f67c679
last-modified: Mon, 05 Jun 2023 19:50:48 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e72fcaf2c51-FRA
expires: Wed, 19 Jul 2023 14:06:58 GMT

GET
H2 200 eNCA_logo.svg
www.enca.com/themes/custom/enca/images/ 6 KB
2 KB 172ms
171ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/eNCA_logo.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59be8f74a7d9c4672577e576568abd53aa1a4e5d71731425ee8407880d28cd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 36
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfc80860-1531-11ee-ada2-1b90758d81d4
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd32c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 144ms
52ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5edf4f2675338b776f8a3808f691baf84f14a4e4d958ce49472e3ab7e7acebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 110331
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 01:33:48 GMT
server: cloudflare
etag: W/"c09-5ffdb9fda5dcc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7e684e748c24365f-FRA

GET
H2 200 youtube.svg
www.enca.com/themes/custom/enca/images/icons/ 869 B
633 B 168ms
167ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/icons/youtube.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa48fd3a2ac4e33d022422bd91edd7638d71bac2bab6c42fd9d9ec11bf2bebd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 34
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfe852e6-1531-11ee-9aa2-23d2571fb74c
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd42c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 twitter.svg
www.enca.com/themes/custom/enca/images/icons/ 1 KB
718 B 186ms
185ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/icons/twitter.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79630c55da453745bc30cc65ec37c4f24648821fea8a4b0dac4280d2f196879

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 36
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfe91c44-1531-11ee-84b6-9739cf7fb7da
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd52c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 FB.svg
www.enca.com/themes/custom/enca/images/icons/ 743 B
600 B 169ms
167ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/icons/FB.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79a0634ef0143c04f73eb5853b79116a81a8f3791b6581865eed9c018594348

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 35
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfe74176-1531-11ee-91e0-0b1d852cc793
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd72c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 IG.svg
www.enca.com/themes/custom/enca/images/icons/ 2 KB
1 KB 167ms
166ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/icons/IG.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03328db2c4e906af7abfd8ef77ec125b48dd366309d5c566964c00bd4a450ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 38
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfe73aaa-1531-11ee-afb7-e7abe11d984a
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd82c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 oepn_view.svg
www.enca.com/themes/custom/enca/images/ 3 KB
2 KB 186ms
185ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/oepn_view.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8907ebee28f46bda652c26fb9ed674bdf714f5808c04f94562631e6b2564ca14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 33
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfec0f1c-1531-11ee-b406-07bc3ca5d778
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fdd92c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 e_tv.svg
www.enca.com/themes/custom/enca/images/ 1 KB
884 B 153ms
152ms Image
image/svg+xml 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/themes/custom/enca/images/e_tv.svg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482a218fd165347462affb0d7d3ce6387c893bbad36cbca944933706d0c43fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 36
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: gzip
x-cache: HIT
x-ah-environment: prod
x-request-id: v-cfed21ea-1531-11ee-87a7-d7caadf37879
last-modified: Mon, 05 Jun 2023 19:46:25 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1209600
cf-ray: 7e684e73fddc2c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 ica-southafrica.png
www.enca.com/sites/default/files/2018-06/ 4 KB
4 KB 63ms
62ms Image
image/png 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/2018-06/ica-southafrica.png

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae6b821dbf8e5e893424901ee9f76d9b0fc8d52d66b1634cca18d169b581063b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 555668
cf-polished: origSize=5143, status=vary_header_present
x-cache: HIT
x-ah-environment: prod
content-length: 3803
x-request-id: v-2fe5d9d6-1d0f-11ee-aa60-436846318114
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Jun 2018 09:50:21 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e73fddd2c51-FRA
expires: Fri, 21 Jul 2023 21:42:36 GMT

GET
H2 200 js_w0jFBqZLdc4kopP6F7rZFjGZbWb2asls2gbPnB3AEII.js Show response
www.enca.com/sites/default/files/js/ 179 KB
58 KB 51ms
51ms Script
text/javascript 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/js/js_w0jFBqZLdc4kopP6F7rZFjGZbWb2asls2gbPnB3AEII.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c348c506a64b75ce24a293fa17bad91631996d66f66ac96cda06cf9c1dc01082

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 4
date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 899008
x-cache: HIT
x-ah-environment: prod
content-length: 59296
x-request-id: v-3d7923c2-03e8-11ee-a788-5f877fecc5be
last-modified: Mon, 05 Jun 2023 19:50:47 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e73dd9a2c51-FRA
expires: Mon, 17 Jul 2023 22:01:20 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 230 KB
84 KB 138ms
41ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0764d82f53e12016422a9e9992f8594df7a30ec60d9c1ec875e0596ab7af1a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
last-modified: Sun, 09 Jul 2023 10:16:14 GMT
etag: "17-kjRqfSgLxzATLlqp6eEHuHRj4gY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: a099003b6053e7d7e90cba439b9f47fc
timing-allow-origin: *, *
content-length: 85149
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 js_20-u3owpGgaOapoxf1iiXsDLiD9DDF7x_U3IdpYTccA.js Show response
www.enca.com/sites/default/files/js/ 157 KB
35 KB 54ms
52ms Script
text/javascript 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/sites/default/files/js/js_20-u3owpGgaOapoxf1iiXsDLiD9DDF7x_U3IdpYTccA.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4faede8c291a068e6a9a317f58a25ec0cb883f430c5ef1fd4dc876961371c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
age: 723160
x-cache: HIT
x-ah-environment: prod
content-length: 35688
x-request-id: v-91f747f8-056e-11ee-bb82-cb1075a7ac3f
last-modified: Mon, 05 Jun 2023 19:50:47 GMT
server: cloudflare
vary: Host,Accept-Encoding
content-type: text/javascript
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e73fdd12c51-FRA
expires: Wed, 19 Jul 2023 23:20:47 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/esattv-enca/ 538 KB
54 KB 129ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/sites/default/files/js/js_8ok9jFwv7OXcK0si4okpsCZfQysJz22OgNPx6xG8dpA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0631cf6532f94d9026622c690375b4876bcb97c3aa787aef3065e07b52975448

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Le9UUjQ_.rdHTat9jumAjNxethIkqCmX
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:27 GMT
x-amz-request-id: CB22T8V9PWBDF9YM
age: 9367
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
fastly-restarts: 2
x-amz-id-2: 3++L+Gl04za4VKEmox4ZFW3kK13fzE6I9fgiaGr7cc8rfFWTXIn0OEDTak9ZClYMRzahxrxqdYQ=
x-served-by: cache-fra-eddf8230089-FRA
content-length: 55074
last-modified: Thu, 13 Jul 2023 09:11:39 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322407.125256,VS0,VE0
etag: "d80b478263e12dc65d5221d8a050ed9a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 59 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 810284e7c7165d0055169c2715d5f652c132e2ab7439d40d0936ff0e6ba56c99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 search-icon.png
www.enca.com/modules/custom/enca_search/assets/ 12 KB
13 KB 180ms
180ms Image
image/png 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/modules/custom/enca_search/assets/search-icon.png

Requested by

Host: www.enca.com
URL: https://www.enca.com/sites/default/files/css/css_rg01BJlCmWxxm3gIEfB-IG9q1cKe--q_DCW3YpfTniw.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb23fa0c7050a21f889b8e7a74e23f0c56f7dfefa208eb556594a33ebafb3ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.enca.com/sites/default/files/css/css_rg01BJlCmWxxm3gIEfB-IG9q1cKe--q_DCW3YpfTniw.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 27
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=19919, status=vary_header_present
x-cache: HIT
x-ah-environment: prod
content-length: 12688
x-request-id: v-d4eecdec-1531-11ee-8e09-77836ff03d45
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Jun 2023 19:46:24 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742dff2c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,700i,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 527279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jul 2024 05:45:28 GMT

GET
H2 200 Road%20To%20Literacy%201024x768.jpg
www.enca.com/sites/default/files/styles/desktop_promotion_images/public/2023-06/ 17 KB
17 KB 59ms
59ms Image
image/jpeg 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/desktop_promotion_images/public/2023-06/Road%20To%20Literacy%201024x768.jpg?itok=8ToZi-ZD

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f37fc50d5edfcb84e27a8e5848801fe6050d41f5bb21ef2cd788fde4091e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 29
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 685875
cf-polished: degrade=85, origSize=64408, status=vary_header_present
x-cache: HIT
x-ah-environment: prod
content-length: 17048
x-request-id: v-0968d0e8-10d9-11ee-9004-a7f398a385b2
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jun 2023 08:44:43 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742e012c51-FRA
expires: Thu, 20 Jul 2023 09:31:25 GMT

GET
H2 200 doc-33P29TT-%40photo0.jpg
www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/ 41 KB
42 KB 188ms
187ms Image
image/jpeg 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/doc-33P29TT-%40photo0.jpg?itok=Rc5jO9KN

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a3e7ea485fd97c7e6323e644f2b846cac5337359fdb1cb71b789e9b71337453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 6
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 42453
x-request-id: v-34d6f740-221e-11ee-8728-ffdef6ec0d54
last-modified: Fri, 14 Jul 2023 08:12:41 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742e022c51-FRA
expires: Fri, 28 Jul 2023 08:12:42 GMT

GET
H2 200 doc-33NM96N-%40photo2.jpg
www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/ 56 KB
57 KB 133ms
132ms Image
image/jpeg 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/doc-33NM96N-%40photo2.jpg?itok=1GuHFJ5Q

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c727a22c9a0f06bb0ed75d41be20ffe54f4a6d4058f912ad1f695a64483ee99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 27
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-ah-environment: prod
content-length: 57765
x-request-id: v-7eba2d3e-221c-11ee-874d-f7252ab4d8d8
last-modified: Fri, 14 Jul 2023 07:54:44 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742e042c51-FRA
expires: Fri, 28 Jul 2023 08:00:27 GMT

GET
H2 200 doc-33NV3ZL-%40photo0.jpg
www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/ 13 KB
13 KB 63ms
63ms Image
image/jpeg 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/doc-33NV3ZL-%40photo0.jpg?itok=ELZftFfg

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e279b06afcdc7221fa679d2d785c3b5d6853b6ebe64cd344770023e191443e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 16
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9381
cf-polished: degrade=85, origSize=50934, status=vary_header_present
x-cache: HIT
x-ah-environment: prod
content-length: 12910
x-request-id: v-42a05b0c-2208-11ee-87b6-abf42a3938b2
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 05:35:30 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742e052c51-FRA
expires: Fri, 28 Jul 2023 05:35:36 GMT

GET
H2 200 doc-33NW2RJ-copy-%40photo0.jpg
www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/ 12 KB
12 KB 56ms
56ms Image
image/jpeg 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/desktop_promotion_images/public/afp/2023-07/doc-33NW2RJ-copy-%40photo0.jpg?itok=IuFp8Idu

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697a1623b4a514e5b162909bc1b1eec654d952578d9491db799647181e9811e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 8
date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3472
cf-polished: degrade=85, origSize=48096, status=vary_header_present
x-cache: HIT
x-ah-environment: prod
content-length: 11943
x-request-id: v-595d263e-2214-11ee-ab2f-23237a35945e
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Jul 2023 05:30:49 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e742e062c51-FRA
expires: Fri, 28 Jul 2023 07:02:08 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
100 B 726ms
208ms XHR
text/plain 52.34.43.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=mnf@X
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.43.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-43-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:27 GMT
access-control-allow-credentials: true

GET
H2 200 v5 Show response
yield-manager.browsiprod.com/supply/ 3 KB
2 KB 194ms
68ms XHR
application/json 63.33.36.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yield-manager.browsiprod.com/supply/v5?sk=enca&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&bid=mnf%40X%23iyHP%40WzOvbHiYc&at=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&sw=1600&sh=1200
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.36.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-36-239.eu-west-1.compute.amazonaws.com
Software: akka-http/10.2.1 /
Resource Hash: 590523d061126e0ab8399db4da339da09641844282668e1fee51165502709c59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.1
content-type: application/json

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame 47B7 677 B
538 B 64ms
62ms Document
text/html 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1267352
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7e684e74fced365f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 14 Jul 2023 08:13:27 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.ae8c9494.js Show response
static.addtoany.com/menu/modules/ 69 KB
25 KB 106ms
53ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.ae8c9494.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12e184cdc472fa48e761950148678d41ab9cecea77994f660fff0b1bd3469eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 626623
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Jul 2023 01:33:47 GMT
server: cloudflare
etag: W/"112eb-5ffdb9fd3494c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7e684e753b7f18d2-FRA

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 17 KB
6 KB 140ms
54ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

Requested by

Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5045426
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4996
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-43d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSYe32w8xuAm20WEA3S13Ei%2BRCRoQ8rkvcWqQe9%2BbPZSnmJLS7NAWaZL2WZXAxnFqvv2k3cUdJveQi6nL97t%2FIiieWoY44OTwLQgUOtbxsnTm0VnbCoYU3WHJz25EONIvg6PcI7sibA56yydcdwE1zNt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e684e758fb53a80-FRA
expires: Wed, 03 Jul 2024 08:13:27 GMT

GET
H2 200 impl.20230713-8-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
163 KB 40ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: cd10bf01939d73638d1368a03b4168a9422a40705d7dfe83eace588676e6a3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 94yZqkMV6UptCcxSiiN8F3eRUgMtjoUR
content-encoding: br
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:27 GMT
x-amz-request-id: WC2HCKENEFD1ADJA
age: 26118
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166882
x-amz-id-2: eMPzut6SKy2ypJVfAPgS9xkPbuR7Oiut/tSuUvsUQfbx6JS5Rj0riwUTPJAmryWavXeVawR8JVY=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 08:57:56 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322407.285549,VS0,VE0
etag: "57081e61505f5ba63c39caec98a967bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 17
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 244337

GET
H2 200 PreEngine_desktop_2023-06-28T12:32:49.418.js Show response
cdn.browsiprod.com/static_js/emedia/enca/ 4 KB
2 KB 123ms
41ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/static_js/emedia/enca/PreEngine_desktop_2023-06-28T12:32:49.418.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c28251baca6a91ad276d45280224cea320a22ba839b359ca5a420b259c385b2a

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 13:33:22 GMT
x-amz-version-id: ZjlVy_q2naeg.NQbJY2ERklrXcxsP2ZS
content-encoding: gzip
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1363206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 28 Jun 2023 12:32:50 GMT
server: AmazonS3
etag: W/"9cce44cd4336c55433c0f48b883b2b39"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: YnZs8QoQ-GW24Vdhy02NiVNSzmpincbve7mCuc7P-NyzM_XkRQIiUw==

GET
H/1.1 200
OK d3d3LmVuY2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 179ms
40ms XHR
application/json 23.212.89.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmVuY2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-151.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:27 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=23515
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 7dd9efa31be92246101ab168b2648bdc
Content-Length: 16
Expires: Fri, 14 Jul 2023 14:45:22 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 50ms
42ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 13 Aug 2023 08:13:27 GMT
date: Fri, 14 Jul 2023 08:13:27 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
84 KB 148ms
57ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KRX2KW

Requested by

Host: www.enca.com
URL: https://www.enca.com/sites/default/files/google_tag/primary/google_tag.script.js?rxgfcu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c2b2a138c1338e25efd9e1e575e78e6d9a4bd146687ba8b768a0595608d3e0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85348
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jul 2023 08:13:27 GMT

GET
H/1.1 200
OK count.js Show response
encacom.disqus.com/ 1 KB
2 KB 252ms
40ms Script
application/javascript 199.232.196.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://encacom.disqus.com/count.js?_=1689322407067

Requested by

Host: www.enca.com
URL: https://www.enca.com/sites/default/files/js/js_w0jFBqZLdc4kopP6F7rZFjGZbWb2asls2gbPnB3AEII.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.196.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 225
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 12 Jul 2023 14:06:07 GMT
Server: nginx
ETag: "64aeb34f-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: beYepxuSLS4WR5PAYpVyHwa624hjoq_EddSf_wj5jQvPbSYylEksCw==

GET
H2

200

invisible.js Show response
www.enca.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/ Frame 97DC
Redirect Chain

https://www.enca.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://www.enca.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

7 KB
4 KB

45ms
45ms

Script
application/javascript

2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.enca.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f20f4148399b70e87db6af24e5695344366f9251934d896a589fa6e03e738f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7e684e7689252c51-FRA

Redirect headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/556d0c9f/invisible.js
cache-control: max-age=300, public
cf-ray: 7e684e7618802c51-FRA

GET
H2 200 Screen%20Shot%202019-10-11%20at%2010.37.00%20AM.png
www.enca.com/sites/default/files/styles/media_image/public/2019-10/ 290 KB
290 KB 219ms
218ms Image
image/png 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.enca.com/sites/default/files/styles/media_image/public/2019-10/Screen%20Shot%202019-10-11%20at%2010.37.00%20AM.png?h=10cfd30f&itok=cdsfcBoy

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a6688aaa71ab4182ccd5b15e890cb41ab6f99c26ad6b1a67224259dc34c493

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS
x-ah-environment: prod
content-length: 296714
x-request-id: v-4f9aece4-221e-11ee-a12f-3be43123bf0f
last-modified: Fri, 11 Oct 2019 11:59:33 GMT
server: cloudflare
vary: Host, Accept-Encoding
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7e684e7638a82c51-FRA
expires: Fri, 28 Jul 2023 08:13:27 GMT

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 318 B
483 B 52ms
52ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.ae8c9494.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14091442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"13e-5edb43f5ee978"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7e684e764ced18d2-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
657 B 59ms
58ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.ae8c9494.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14091442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:39 GMT
server: cloudflare
etag: W/"2b7-5edb43f86f378"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7e684e764cf018d2-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 393 B
527 B 52ms
51ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.ae8c9494.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14091442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"189-5edb43f5e5cd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7e684e764cf218d2-FRA

GET
H3 200 a2a.js Show response
static.addtoany.com/menu/svg/icons/ 182 B
398 B 53ms
52ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/a2a.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.ae8c9494.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14088559
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 01:01:36 GMT
server: cloudflare
etag: W/"b6-5edb43f58ee38"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
cf-ray: 7e684e764cf318d2-FRA

GET
H/1.1 204
No Content gtm.php Show response
ad2.vic-m.co/adserver/delivery/ 0
176 B 332ms
56ms Script
text/html 34.251.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.vic-m.co/adserver/delivery/gtm.php?t=7%2F14%2F2023%2C%208%3A13%3A27%20AM&z=2225&m=desktop&l=&r=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&c=0.996&v=7ff57c9d-e208-4847-bc9e-3c6324e6d982&w=1600&h=1200&e=5def2299140ae31d720d9c1c4907b995&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36
Requested by: Host: static.vic-m.co
URL: https://static.vic-m.co/ads/vicinity-head-tag-v1.js?zoneId=2225
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-13-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:27 GMT
Server: nginx/1.18.0
Connection: keep-alive
X-Powered-By: PHP/7.1.33
Content-Type: text/html; charset=UTF-8

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 187ms
46ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 233096
expires: 60

GET
H2 200 json Show response
trc.taboola.com/esattv-enca/trc/3/ 119 KB
31 KB 949ms
933ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esattv-enca/trc/3/json?tim=08%3A13%3A27.427&lti=deflated&data=%7B%22id%22%3A149%2C%22ii%22%3A%22%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1689239495127%2C%22vi%22%3A1689322407424%2C%22cv%22%3A%2220230713-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts%22%2C%22vpi%22%3A%22%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A4000%2C%22dh%22%3A3099%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1442.796875%2C%22mw%22%3A616.65625%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c25d9e768938d776acad3c854459d455eae6ab8439970c245896fffd7de61b1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 892
date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7560
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230089-FRA
server: nginx
x-timer: S1689322407.462518,VS0,VE892
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.enca.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 middy-desktop-4.17.10.js Show response
cdn.browsiprod.com/sd/apps/middy/ 296 KB
79 KB 47ms
47ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 735238af05474ecb9165143ef0124b633697143459f9d1d669387b28f23d00fe

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 08:37:12 GMT
x-amz-version-id: 3fI7jpbdovK6hLBi4EoQfv2HoWx62Tc5
content-encoding: gzip
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 171376
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 12 Jul 2023 07:56:43 GMT
server: AmazonS3
etag: W/"b23d53437e275597a468c7a30a8dbb0f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: ExHAMlvVecBDaBwiYosyQ1al7m-wiA93KTPyTMMyARCxugFQAjtLHA==

POST
H2 200 7e684e70ea8c2c51 Show response
www.enca.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 97DC 0
274 B 95ms
94ms XHR
text/plain 2606:4700::6810:3b54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.enca.com/cdn-cgi/challenge-platform/h/b/cv/result/7e684e70ea8c2c51
Requested by: Host: www.enca.com
URL: https://www.enca.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:3b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 7e684e779a7e2c51-FRA
content-type: text/plain; charset=UTF-8

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
99 B 208ms
208ms XHR
text/plain 52.34.43.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.43.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-43-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:27 GMT
access-control-allow-credentials: true

GET
H2 200 abd.js Show response
cdn.browsiprod.com/ 3 KB
2 KB 40ms
40ms Script
application/javascript 18.66.97.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.browsiprod.com/abd.js
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 01:44:23 GMT
x-amz-version-id: rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
content-encoding: br
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 23345
x-cache: Hit from cloudfront
last-modified: Sun, 08 Jul 2018 12:47:26 GMT
server: AmazonS3
etag: W/"bc70a2c30105ea2f98d83f5ad623fc39"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Lducdmi-3j8dDiWuTjxJsSbZDE21QcDEmNQ7-5cVpi8dhCVrG--X3g==

GET
H/1.1 200
OK desktop Show response
demand-engine.browsiprod.com/sra/ 643 B
582 B 194ms
63ms XHR
application/json 54.194.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/sra/desktop?sk=enca&pk=emedia&pvid=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2&aid=enca_-1930224856_1053819432&sid=2daacbac-0308-4fc1-906e-1112d9270c1d%26false%26false%26DEFAULT%26de%26desktop-4.17.10%26true&mch=-1&uid=anonymous&pu=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&pl=3070&d=false&sh=1200&lid=fb5a41e9-1a85-40d7-bb2a-4dfd02d82689_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=2.3&ais=100%7C%7C101&fs=1%7C%7C1&lls=false%7C%7Cfalse&sts=fixed_top%7C%7Cfixed_top&ets=b%7C%7Cb&als=0%7C%7C0&pts=out%20of%20main%20content%7C%7Cout%20of%20main%20content&ss=div.page%20header%20%3E%20div.container%20%3E%20div%23browsi_leaderboard%7C%7Cdiv.page%20header%20%3E%20div.container%20%3E%20div%23browsi_takeover&dis=0%7C%7C0&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: debe88ca9fee9d115bf57ac3fcb1697f5d46de85e160196d1aab65076f4633d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.enca.com
Date: Fri, 14 Jul 2023 08:13:27 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
99 B 209ms
208ms XHR
text/plain 52.34.43.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.43.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-43-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:27 GMT
access-control-allow-credentials: true

GET
H/1.1 200
OK desktop Show response
demand-engine.browsiprod.com/sra/ 1010 B
635 B 183ms
61ms XHR
application/json 54.194.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/sra/desktop?sk=enca&pk=emedia&pvid=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2&aid=enca_-1930224856_1053819432&sid=2daacbac-0308-4fc1-906e-1112d9270c1d%26false%26false%26DEFAULT%26de%26desktop-4.17.10%26true&mch=1351&uid=anonymous&pu=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&pl=3070&d=false&sh=1200&lid=fb5a41e9-1a85-40d7-bb2a-4dfd02d82689_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=2.3&ais=400%7C%7C401%7C%7C0%7C%7C1&fs=1.08%7C%7C1.42%7C%7C1.85%7C%7C2.07&lls=false%7C%7Cfalse%7C%7Cfalse%7C%7Cfalse&sts=dynamic_left_rail%7C%7Cdynamic_left_rail%7C%7Cdynamic_mc%7C%7Cdynamic_mc&ets=b%7C%7Cb%7C%7Cb%7C%7Cb&als=92%7C%7C508%7C%7C1024%7C%7C1289&pts=left%20rail%7C%7Cleft%20rail%7C%7Cin-line%2Cwithin%20main%20content%7C%7Cin-line%2Cwithin%20main%20content&ss=%7C%7C%7C%7C%7C%7C&dis=0%7C%7C1%7C%7C0%7C%7C1&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: db4eb85ff77f1b6645b4cb0b3d6e0ece633f7554b31f2046aa74741ba4a2bc1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.enca.com
Date: Fri, 14 Jul 2023 08:13:27 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked
Content-Type: application/json

GET
H/1.1 204
No Content desktop Show response
demand-engine.browsiprod.com/single/ 0
155 B 178ms
59ms XHR
text/plain 54.194.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=false&ai=500&f=1.8&rc=0&ll=false&st=api&et=b&al=955&di=0&pt=in-line%2Cwithin%20main%20content&div=browsi_nearMe&au=undefined&sk=enca&pk=emedia&pvid=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2&aid=enca_-1930224856_1053819432&sid=2daacbac-0308-4fc1-906e-1112d9270c1d%26false%26false%26DEFAULT%26de%26desktop-4.17.10%26true&mch=1351&uid=anonymous&pu=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&pl=3070&d=false&sh=1200&lid=fb5a41e9-1a85-40d7-bb2a-4dfd02d82689_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=2.3&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.enca.com
Date: Fri, 14 Jul 2023 08:13:27 GMT
Access-Control-Allow-Credentials: true

GET
H/1.1 204
No Content desktop Show response
demand-engine.browsiprod.com/single/ 0
155 B 180ms
59ms XHR
text/plain 54.194.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=false&ai=501&f=1.8&rc=0&ll=false&st=api&et=b&al=955&di=1&pt=in-line%2Cwithin%20main%20content&div=browsi_fixed&au=undefined&sk=enca&pk=emedia&pvid=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2&aid=enca_-1930224856_1053819432&sid=2daacbac-0308-4fc1-906e-1112d9270c1d%26false%26false%26DEFAULT%26de%26desktop-4.17.10%26true&mch=1351&uid=anonymous&pu=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&pl=3070&d=false&sh=1200&lid=fb5a41e9-1a85-40d7-bb2a-4dfd02d82689_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=2.3&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.enca.com
Date: Fri, 14 Jul 2023 08:13:27 GMT
Access-Control-Allow-Credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRX2KW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jul 2023 07:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4130
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 14 Jul 2023 09:04:37 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/527334157/ 3 KB
2 KB 166ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/527334157/?random=1689322407701&cv=11&fst=1689322407701&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&hn=www.googleadservices.com&frm=0&tiba=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&auid=474255205.1689322408&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRX2KW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de8e07b99039e1ec873e57f5ba20a14ca273d977508ac4910e8f1424f39ac407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
703 B 183ms
53ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRX2KW

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a224dfc1e1af0259dd16f2fbc3033f2d43c30eb02ce760a3333d86c01dc1e942

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Jul 2023 13:42:35 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=19791
accept-ranges: bytes
content-length: 491

GET
H2

200

activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~... Show response
8610150.fls.doubleclick.net/ Frame AFAA
Redirect Chain

https://8610150.fls.doubleclick.net/activityi;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2...
https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;ua...

508 B
634 B

85ms
85ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KRX2KW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f6.1e100.net

Software

cafe /

Resource Hash

a65a529f3ef72edb29c82c55a7c0f3a54b1bd2ba8a3e780f19bde9174539713b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:27 GMT
expires: Fri, 14 Jul 2023 08:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:27 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET em.js
za-ssl.effectivemeasure.net/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 127ms
39ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jul 2023 08:13:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: AYmcY/MGVrMNrtxjmDnAOty8sjGNpYSyQTbE0ko4wHgjo/9lSnh5Fx8Ek2sBr/WcXEpMP+YZ9HhweFsrQP1aIA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 141ms
45ms Script
application/x-javascript 2600:9000:2057:4e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:38:42 GMT
content-encoding: gzip
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 00:35:23 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 48885
etag: W/"649b804b-9482"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: lAz8NNERr9Ie7Mi-qRlkbaPJDPJUk-fXFVirR9DbscACPGvoDDnSPg==
expires: Fri, 14 Jul 2023 18:38:42 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 138ms
39ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230125-FRA

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jul 2023 09:03:53 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 366ms
118ms Image
image/gif 52.0.197.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=enca.com&p=%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&u=B7ub3KByAMfTDVKf9F&d=enca.com&g=47186&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3070&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&b=1447&t=9WN0VDYEOo4B16cVeDPSCWlCCt_Nr&V=140&i=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&tz=0&sn=1&sv=PHD4y6PpHjj2gsLC9A2k9j5Gws&sd=1&im=062b0f3f&_
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.197.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-197-153.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 176ms
87ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48685149b0af8c3da9349714409115ba8da61195e246d027f4c706b7049aee20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27634
x-xss-protection: 0
server: cafe
etag: 241 / 19552 / 31076084 / config-hash: 7996658803364552228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:27 GMT

GET
H2 200 adsct
t.co/i/ 43 B
379 B 331ms
229ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=462ba6af-d9a1-4acf-b6c4-4ac3624d0114&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf0f9f92-31d2-4f34-866e-53acf2ffeb75&tw_document_href=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4t7l&type=javascript&version=2.3.29

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 189
date: Fri, 14 Jul 2023 08:13:27 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cdd67c0c13b34f97
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: dc38b7cb5d289586a265d13424d15ef8dbae3513c06784b7eb39f0bf0ee74f49
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 304ms
216ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=462ba6af-d9a1-4acf-b6c4-4ac3624d0114&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bf0f9f92-31d2-4f34-866e-53acf2ffeb75&tw_document_href=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4t7l&type=javascript&version=2.3.29

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 176
date: Fri, 14 Jul 2023 08:13:27 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d2698e2a9c40698f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 8dde518d9a357d9bbac8c135dee1075adb708ac5d6781416ee6a0499350a9e5a
content-length: 43

GET
H2 200 /
www.google.com/pagead/1p-user-list/527334157/ 42 B
455 B 144ms
52ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/527334157/?random=1689322407701&cv=11&fst=1689321600000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=0&tiba=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&fmt=3&is_vtc=1&random=1463791590&rmt_tld=0&ipr=y

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/527334157/ 42 B
455 B 145ms
53ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/527334157/?random=1689322407701&cv=11&fst=1689321600000&bg=ffffff&guid=ON&async=1&gtm=45He37c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=0&tiba=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&fmt=3&is_vtc=1&random=1463791590&rmt_tld=1&ipr=y

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 46ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1328207316&t=pageview&_s=1&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ul=en-us&de=UTF-8&dt=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAjAAAAAC~&jid=325359103&gjid=1947191528&cid=1980003793.1689322408&tid=UA-34090326-1&_gid=1399055125.1689322408&_slc=1&gtm=45He37c0n71KRX2KW&z=1813130803

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7a01c12297a7ae9e1034fa2b0dc3388739bd2bdff534f578aa094ec92ea95e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 145ms
47ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-34090326-1&cid=1980003793.1689322408&jid=325359103&gjid=1947191528&_gid=1399055125.1689322408&_u=aGBAgAAjAAAAAG~&z=1108993866

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
84 B 48ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1328207316&t=pageview&_s=1&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&ul=en-us&de=UTF-8&dt=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEAjAAAAAGAAI~&jid=57401038&gjid=446008188&cid=1980003793.1689322408&tid=UA-180905438-1&_gid=1399055125.1689322408&_r=1&_slc=1&gtm=45He37c0n71KRX2KW&z=1435699681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2106feb364ba8e1bea6d4d5f144769cf7e3b11e4240a8ebd179ddf0e5491ebba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 56ms
56ms Script
application/x-javascript 2a02:26f0:780::210:a423
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a423 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 Jul 2023 13:00:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=63913
accept-ranges: bytes
content-length: 4807

GET
H2 200 1237764646247844 Show response
connect.facebook.net/signals/config/ 382 KB
109 KB 98ms
97ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1237764646247844?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c92b03c43f1e2494f985361bc880f9d0e5b5bace1976a0df34c6611b9756cbc3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jul 2023 08:13:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9eU1ejIqLJDZ3fprTYiZiPjgRDp7JHtH4ejVF5Jn8BDSklV82tv43VaanidU5SYSCtx6X3G643+c+3gkiClTcw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BWWYH36YER&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d46a19ce7ae1617b330b2bc8e3741c531432f96af35a37596f236bdfbed44766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:13:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 93ms
48ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-180905438-1&cid=1980003793.1689322408&jid=57401038&gjid=446008188&_gid=1399055125.1689322408&_u=aGDAAEAjAAAAAGAAI~&z=1533867652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y9HVJJ63SE&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8a32d0b7eba81a313f683b7d55195a52aa4939fa19a8a1edc45991f408a46be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jul 2023 08:13:27 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/2864769/domain/enca.com/ 36 B
376 B 126ms
42ms XHR
application/json 2600:9000:20eb:200:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/2864769/domain/enca.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:10:19 GMT
content-encoding: gzip
via: 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 189
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 2z2WgQwhtIXKAigylEqmuwqpyIzZXsFBtlwpA54NpsNrEJBQNHu4EQ==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&e_ipv6=AQJqDH-JZR4q3wAAA...

0
265 B

233ms
137ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&e_ipv6=AQJqDH-JZR4q3wAAAYlTdkiybzUqYIvDwRrCTXCe67T-3C8l5FGVQZnzwu7DAfpF5_GG5K0
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1968752AB5BB48DB86C605D55877D432 Ref B: FRAEDGE2018 Ref C: 2023-07-14T08:13:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAbgYPbFmQ0hsyZZPkDA==

Redirect headers

date: Fri, 14 Jul 2023 08:13:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 00B13A525AE84A37BFC4347504E05CA6 Ref B: DUS30EDGE0310 Ref C: 2023-07-14T08:13:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2864769&time=1689322407951&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&e_ipv6=AQJqDH-JZR4q3wAAAYlTdkiybzUqYIvDwRrCTXCe67T-3C8l5FGVQZnzwu7DAfpF5_GG5K0
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAbgYL4NpHlNYglGWalQ==

GET
H2 200 dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=*;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.c...
adservice.google.com/ddm/fls/z/ Frame AFAA 42 B
401 B 171ms
83ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=*;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts

Requested by

Host: 8610150.fls.doubleclick.net
URL: https://8610150.fls.doubleclick.net/activityi;dc_pre=CPyJoLDgjYADFQbAOwIdrQ4Bfw;src=8610150;type=invmedia;cat=enca_002;ord=4725122427091;auiddc=474255205.1689322408;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8610150.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 65ms
63ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-34090326-1&cid=1980003793.1689322408&jid=325359103&_u=aGBAgAAjAAAAAG~&z=665436195

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 66ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-34090326-1&cid=1980003793.1689322408&jid=325359103&_u=aGBAgAAjAAAAAG~&z=665436195

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
52ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180905438-1&cid=1980003793.1689322408&jid=57401038&_u=aGDAAEAjAAAAAGAAI~&z=1085247234

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 64ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-180905438-1&cid=1980003793.1689322408&jid=57401038&_u=aGDAAEAjAAAAAGAAI~&z=1085247234

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 140ms
50ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BWWYH36YER&gtm=45je37c0&_p=1328207316&ul=en-us&sr=1600x1200&cid=1980003793.1689322408&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&dt=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&sid=1689322408&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BWWYH36YER&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 141ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y9HVJJ63SE&_ono=1&gtm=45je37c0&_p=1328207316&_gaz=1&ul=en-us&sr=1600x1200&cid=1980003793.1689322408&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&dt=Banking%20scams%20%7C%20Consumers%20warned%20of%20mule%20bank%20accounts%20%7C%20eNCA&sid=1689322408&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9HVJJ63SE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 50ms
49ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-Y9HVJJ63SE&cid=1980003793.1689322408&gtm=45je37c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y9HVJJ63SE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-Y9HVJJ63SE&cid=1980003793.1689322408&gtm=45je37c0&aip=1&z=2005656102

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/ 392 KB
125 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b31d53d69faa979838ddc7b0a429905aa68ae17b959feed09d07659fbb32988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 12:44:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70167
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127593
x-xss-protection: 0
server: cafe
etag: 15549820257717213848
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 12 Jul 2024 12:44:01 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
75 B 156ms
73ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.enca.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c45caa4e3d434a32ad3c46ba4f38f72fc8e1fe7a11b9fdc090b2a3648385902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:13:28 GMT

GET
H3 200 703795557219891 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/703795557219891?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c43149092fa152af5b168002912a06574c4f62395fd6255a383524a6eabb061b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jul 2023 08:13:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: GnuIXIxxD0PPSzDMbr2GZO9vlH9bqh/sxGlB4SM540ckv2hVGMn/i2IVpdIMQA2/cnsXu8Mzcz04xZTnFmyk6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 133ms
39ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1237764646247844&ev=PageView&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&rl=&if=false&ts=1689322408112&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689322408111.2028892814&cs_est=true&it=1689322407933&coo=false&exp=a1&rqm=GET

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Jul 2023 08:13:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 178 KB
49 KB 534ms
533ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82054b408dbd466342fa1b87be6352e996443fb09384496c715ad8fa874c6f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50430
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8671 6 KB
3 KB 159ms
47ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/ 37 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl_page_level_ads.js?cb=31076084

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

692a83221617b74acc8198b565bbdfa0365248f5df89578d6115382cc9508260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13144
x-xss-protection: 0
server: cafe
etag: 214775750626095190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 12 Jul 2024 18:36:12 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 712ms
712ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=2&adks=1605840349&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3D0.80%26browsiId%3Denca&sc=1&cookie_enabled=1&abxe=1&dt=1689322408295&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=300x0&msz=0x0&fws=1152&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e378497ea2905ba493354ac745de990a818a6db98b5899531b740738e943df83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9387
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 715ms
715ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C320x50%7C300x250&ifi=3&adks=461748825&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3D0.80%26browsiId%3Denca%26pos%3Dtop-mpu&sc=1&cookie_enabled=1&abxe=1&dt=1689322408299&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=320x0&msz=0x0&fws=1152&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d24404a662b990b500cc46eef84694e5e2441827c656291f15844f27cd4b10b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11722
x-xss-protection: 0
google-lineitem-id: 6031745271
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138393742098
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 966ms
965ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C320x50%7C300x250&ifi=4&adks=4282540082&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3D0.70%26browsiId%3Denca%26pos%3Dmid&sc=1&cookie_enabled=1&abxe=1&dt=1689322408302&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=320x0&msz=0x0&fws=1152&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a116e0286ab0749c9bf3eda862681c698bda3fcd453accac8f7c65a33399af5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9437
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
42 KB 1204ms
1204ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&ifi=5&adks=3734954326&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3D0.90%26browsiId%3Denca&sc=1&cookie_enabled=1&abxe=1&dt=1689322408306&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=300x0&msz=0x0&fws=1152&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5c8f13aa4074c2504e7fda1c12e2c9aeeed8d470cdb4102399f19ea134bb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42930
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1444ms
1444ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250&ifi=6&adks=2163721317&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3D0.70%26browsiId%3Denca%26pos%3Dtop-ldr&sc=1&cookie_enabled=1&abxe=1&dt=1689322408309&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=728x0&msz=0x0&fws=1152&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b15268ea79ca54c51001ebd1da2f77d07996e08b77ff0842b60470789d643094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9451
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 532 B
290 B 1526ms
1526ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=274256971693811&correlator=115165648911835&eid=31072020%2C31076084%2C31075593&output=ldjh&gdfp_req=1&vrg=202307120202&ptt=17&impl=fif&npa=1&iu_parts=8372%2CeNCA-V2%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&adks=1551192810&sfv=1-0-40&prev_scp=node_tags%3D%252C%2520%252C%26articleid%3Dhttps%253A%252F%252Fwww.enca.com%252Fbusiness%252Fbanking-scams-consumers-warned-mule-bank-accounts%26node_title%3DBanking%2520scams%2520%257C%2520Consumers%2520warned%2520of%2520mule%2520bank%2520accounts%26node_channel%3DBusiness%26node_id%3D1191136%26browsiViewability%3DNA%26browsiId%3Denca%26pos%3Dtop-ldr&sc=1&cookie_enabled=1&abxe=1&dt=1689322408312&lmt=1689322406&dlt=1689322406848&idt=1375&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=1664&ohw=0&ga_vid=1980003793.1689322408&ga_sid=1689322408&ga_hid=1328207316&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08cfbcc5fd8060bc287c3fa793b4cdef5cc877d14bde22873614d8f9fcc7b50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 40ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=703795557219891&ev=PageView&dl=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&rl=&if=false&ts=1689322408324&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689322408111.2028892814&it=1689322407933&coo=false&exp=a1&rqm=GET

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Jul 2023 08:13:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 floating-unit.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 40ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b58740d00ed71e4d0cd3a7745d446781f15fbda1f6b396e120daef3ff29201b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: CF0nu_cUQ5e7cz96XmWlw4Cx2oj_e_Ce
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: BGTBPHH90A8CMC4Z
age: 82224
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: XjXvhKpmmQ7GVIKdwcxh3Lq+mscWCxdO0DA5Jp/dPf5qJG0k6fDM3NQ9UtqZ8PYTFKaaekTc7yM=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:23:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.413094,VS0,VE0
etag: "9a8b99eb5796283851e3f764750ee2f2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 49
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 19157

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.8/ 122 KB
34 KB 40ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f021e91510890a23deac116f0b103d5218fd528fa1d78dd9382debd5fe5de9ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 0417d84194afd22a7063549fff594596.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: WAW51-P3
age: 515137
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 34897
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Sat, 08 Jul 2023 09:07:28 GMT
server: AmazonS3
x-timer: S1689322408.414746,VS0,VE0
etag: "35a7d2cf6b6ba7ce9c046b4d08ca0d0a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: hU8yXHIIzIgVM7eKvd-9CSuYZV-Xq0YO7UVEehTQxURgjTBzas6SgQ==
x-cache-hits: 67309

GET
H2 200 feed-card-placeholder.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc2b1926e9ada92623da74f032c3979c12c1192a753d2e3f60f9a8469386ada5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: URrAJGSVKJ8gnAiVhcPWeu0xCEbW165F
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: AX4AV6M7EW1Y653W
age: 82230
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: QKij8TT0Y/hmdN5LflsnzwHLDn5J69P5HEdmshIkupboBlYBZr0dp0vjDBa7q24xGwoEAT1LK54=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:22:59 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.415303,VS0,VE0
etag: "1c1e2afcae525e65b7dcbeb1f6cf4445"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 152638

GET
H2 200 distance-from-article.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 42ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a87da6d7e7ae52f27af98c69383baca01068e3610ea0c4442fd27b80a76de60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: sr.vvUHB.jUejZ2VlzaOP0iSZgGu9LBb
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: 04JQ9MXSWTZ994S4
age: 82235
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: QuQkyOeyj/vq3rw9MZaXjk4+jSPcFTQQ6s3wfEYmo31agCTmbYU8lPQ57D7Y2A1rvH9LzUnCkkY=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:22:54 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.420694,VS0,VE0
etag: "f34a332ada37b3a44a4544221108144b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 39
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 164961

GET
H2 200 article-detection.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 42ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 482c37ef0d6cba94183ee8efb97c46d6da479cd1dc67f7d89a491b0acd48a346

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: kle1Pg7N9ikl7ynQgqkeQO3KmqH1JDDn
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: GEQK8RBNH7E57Q6X
age: 82241
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: Bgn1Vq1TK4Z+YxVg2NaZHMv5jKISKYo28lzuRzSzsEnSJonvGXbbCkPlnig2n5ZDcb2+2R1i9lg=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:22:48 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.420356,VS0,VE0
etag: "106daf779253385d9febf3f7f64a905f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 164894

GET
H2 200 userx.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 40ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 053aa9004679f9e211c03e084581996c6a2474ef0786a9ea931cd6e96df3864a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: g.VzvfMiAsYRe.fL77zuGP7Uqc0RxnC8
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: FFCEJD3FWQXNM9RE
age: 82202
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: zwAyOtHpDgw5LUE2yGHUgVtS1TBj8rzL4tG534i3XALOWePYA91crDBFFew/ugrriBONcopaVYk=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:23:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.429013,VS0,VE0
etag: "acd85bc785a00f6811c3d05d9ff560e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 3
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 35991

GET
H2 200 explore-more.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 29 KB
9 KB 41ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfe687f827d33e76d3b73e57242783ecf6a0045e12153c2c25ef7cf1148b309d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 5ezFPAUYz5XXMwgn3DpHk6oxuFnoleb0
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: CNY36NPXZEXYWDB3
age: 82231
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8489
x-amz-id-2: ONRi4bw82Szo5n5Ey9V4wzjyVsb6eIvxLLmHDb4rULZz3IEM4glPayStexSqTguUNT+YCAW0a6A=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:22:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.441802,VS0,VE0
etag: "5bf908ced25431fe3a99906f16b94294"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 83490

GET
H2 204 supply-feature
am-trc-events.taboola.com/esattv-enca/log/3/ 0
231 B 151ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=08%3A13%3A28.393&id=7482&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 152ms
46ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1689322408405%7D&tim=08%3A13%3A28.405&id=3229&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 151ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A13%3A28.423&id=1768&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 40ms
40ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.enca.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: KH3H54SRP4YPB9PB
age: 19
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: mP0nZ+4KDBKHVDyhuUEzb3LuG90df21M5809hL3yrjZ20OaHTMiCTGdDl6kK0Ov0/jyat3qi0Ao=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.470013,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 97
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 29

GET
H2 200 50a087a7140fead542c7df09ce6c6e35.png
cdn.taboola.com/libtrc/static/thumbnails/ 120 KB
121 KB 41ms
41ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/50a087a7140fead542c7df09ce6c6e35.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 367b2fce0d26c324f1453d9817ca9eaee79b5a54b006928c92e017b4d45926db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.enca.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: VMOTyNYEgguhj4xwqnovw__NEkFFre6d
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish
x-amz-request-id: 5W56G940GRJTYA05
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 123179
x-amz-id-2: drh0xp0uzlg/i005+qvTBb3eYxdB/4SEaYzVkGAUGyaHb5YSr0ECy2FulBQvofyAqS4gblZzS+U=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 12 Jul 2023 10:56:18 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.470294,VS0,VE2
etag: "bc41d3bdcbaac6e44be7b63428c15a9f"
content-type: image/png
abp: 68
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 5747a090f4c84b38b3608993cb944011.png
cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
31 KB 150ms
150ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/5747a090f4c84b38b3608993cb944011.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a74c2f5b4222de41a49f8aa7157bb6aa9658d4d9c5807225441501b28a359ffc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.enca.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: yvAtO_reiDX_EpfS0bwZYcTYgElHClvf
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish
x-amz-request-id: R21CMVMVEHEWZ6GY
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 31792
x-amz-id-2: oOuxbyJoTdAMn9T1Hd7ouI15+RayW/uH02+0l4orbsCwtiPt+muqX05uBALujKwDT3x+zJjsmM0=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Fri, 04 Dec 2020 16:54:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322408.470678,VS0,VE106
etag: "33f0a969128d656487549787bec374cb"
content-type: image/png
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 abtests
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 104ms
46ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1689322408492%7D&tim=08%3A13%3A28.492&id=570&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/ 4 KB
5 KB 42ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40cd3e2a9b178dceff438cdbf851df46995b1923e200e2f4a074c63e2a3231e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
age: 701550
edge-cache-tag: 576116754086093478918709760354596645961,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 576116754086093478918709760354596645961,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1335
content-length: 4488
x-request-id: 76f341eedfbfd16b59da9323b65c9c6f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100110-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100065-CHI, cache-iad-kjyo7100062-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 06 Jul 2023 04:48:36 GMT
server: nginx
x-timer: S1689322409.522507,VS0,VE1
etag: "601f6045fd9d7b873f8e1484b3f43c33"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 22, 1

GET
H2 200 GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 7 KB
8 KB 56ms
56ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8647eba2437fa68d394ebb1e56912f08fc23283a0a6c91ec88948fd464f56602

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
age: 611853
edge-cache-tag: 322215529121878998432636701986310063625,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322215529121878998432636701986310063625,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 434
content-length: 7314
x-request-id: 0e645da7e467681d5a87c81da4c6251a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100077-IAD, cache-iad-kiad7000162-IAD, cache-lax10642-LGB, cache-iad-kiad7000170-IAD, cache-fra-eddf8230089-FRA
last-modified: Fri, 07 Jul 2023 04:35:15 GMT
server: nginx
x-timer: S1689322409.524691,VS0,VE3
etag: "327ae039571323f2caad36e33e447c20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 1

GET
H2 200 616cd7108fb347f39192502ed0ae8f01.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 11 KB
12 KB 39ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f4afb4d6894fc67a4e76d6a4ed4ef8493d81caa0e5f1bfd26a60f00d7ffa1dec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
age: 2670686
edge-cache-tag: 557574256279457859471185083566234244132,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 557574256279457859471185083566234244132,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 117
expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.t-online.de/
content-length: 11078
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100095-IAD, cache-iad-kcgs7200124-IAD, cache-chi-klot8100115-CHI, cache-iad-kiad7000028-IAD, cache-fra-eddf8230089-FRA
last-modified: Tue, 30 May 2023 11:51:32 GMT
server: nginx
x-timer: S1689322409.525010,VS0,VE0
etag: "ed7190d8f143771a865a0d0739b3d2a2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1584, 46

GET
H2 200 dd679d767d551a4d9f60e6c23a1620ea.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 43ms
43ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fd9f922cbc03301de80c845f90b8a4023e24a8c0de2327546381d73ae5b5ed2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
age: 2429005
edge-cache-tag: 587794673812137273169956456012098456393,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587794673812137273169956456012098456393,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 84
expiration: expiry-date="Sun, 02 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://kannada.oneindia.com/
content-length: 14100
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200083-IAD, cache-iad-kcgs7200085-IAD, cache-chi-kigq8000076-CHI, cache-iad-kjyo7100104-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 01 Jun 2023 14:19:24 GMT
server: nginx
x-timer: S1689322409.526574,VS0,VE0
etag: "574392bd187c6da7e9e43cdee4a1ae29"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 393, 2

GET
H2 200 af046b710cbd8a4eea0e35d054a56798.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 77 KB
77 KB 45ms
44ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af046b710cbd8a4eea0e35d054a56798.jpg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5cd397677e5d50d8b0cb05df19242e3dfcc6bb02bfe0faebd73d7ca11950fa0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af046b710cbd8a4eea0e35d054a56798.jpg
age: 4639660
edge-cache-tag: 583155224673500753957082676460120765320,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583155224673500753957082676460120765320,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 235
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.cbsnews.com/
content-length: 78462
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200168-IAD, cache-iad-kiad7000171-IAD, cache-lga21968-LGA, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 11 May 2023 19:43:54 GMT
server: nginx
x-timer: S1689322409.526639,VS0,VE0
etag: "67381a9848c83fa688f809d432e84e22"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1199, 6

GET
H2 200 ee7c63ee-373e-4f10-958e-85466b5a5b5e__OnX1BEtw.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 4 KB
5 KB 55ms
55ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ee7c63ee-373e-4f10-958e-85466b5a5b5e__OnX1BEtw.jpg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 35dfd75fddc56de433ba56cab31a5a0edee0f627d3ccfc2e28cc2fc019f5db6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ee7c63ee-373e-4f10-958e-85466b5a5b5e__OnX1BEtw.jpg
age: 290458
edge-cache-tag: 630177207156671575540749944116754483659,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 630177207156671575540749944116754483659,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 361
req-referer: https://rp-online.de/
content-length: 4352
x-request-id: 8b7bef6df14f3dd7163419e71893efc8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200042-IAD, cache-iad-kiad7000053-IAD, cache-chi-klot8100102-CHI, cache-iad-kcgs7200104-IAD, cache-fra-eddf8230089-FRA
last-modified: Mon, 10 Jul 2023 23:29:18 GMT
server: nginx
x-timer: S1689322409.527586,VS0,VE1
etag: "44c40cd0d9906b75e6857fd9daae84fd"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 1371333667__R0Fm1Yx5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 17 KB
18 KB 42ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1371333667__R0Fm1Yx5.jpg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 359ebbfe334ead2a09e06bf39ee89d9adb4277fea605732f40d6d34689680782

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1371333667__R0Fm1Yx5.jpg
age: 3090636
edge-cache-tag: 294072677418735809846776019467764800946,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294072677418735809846776019467764800946,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 79
req-referer: https://www.index.hr/mobile/sport/clanak/gvardiol-je-odabrao-klub-romano-leipzig-trazi-rekordan-iznos/2470917.aspx
content-length: 17308
x-request-id: d287ca885b7b8ff73b5cb00f20ab5a7d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200138-IAD, cache-iad-kcgs7200128-IAD, cache-chi-klot8100023-CHI, cache-iad-kiad7000027-IAD, cache-fra-eddf8230089-FRA
last-modified: Mon, 22 May 2023 21:40:53 GMT
server: nginx
x-timer: S1689322409.564550,VS0,VE1
etag: "94d888ca773859ca11e4eee021a44425"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 43, 1

GET
H2 200 f483e959519075e9bed26ba5346a144d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 68 KB
69 KB 42ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f483e959519075e9bed26ba5346a144d.jpeg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3ab76e016aef544c6bd1110335fd898ba6030e79cd15bfcab5c768a7d20a179c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f483e959519075e9bed26ba5346a144d.jpeg
age: 2289078
edge-cache-tag: 420097041687089862443945669345360732689,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420097041687089862443945669345360732689,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 237
req-referer: https://www.wunderweib.de/
content-length: 69580
x-request-id: 7f87c6a048abca6778322e8de858566a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100097-IAD, cache-iad-kiad7000058-IAD, cache-sna10740-LGB, cache-iad-kiad7000029-IAD, cache-fra-eddf8230089-FRA
last-modified: Sat, 17 Jun 2023 20:21:35 GMT
server: nginx
x-timer: S1689322409.566563,VS0,VE2
etag: "c775e4aa608b2ff8f806b29b98ba8fa3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 6, 1

GET
H2 200 screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/ 17 KB
17 KB 50ms
50ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b890b2458d00f21a6a6a7da502571b15900436b8aa9835e9349d12e09bd36535

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
age: 692169
edge-cache-tag: 576116754086093478918709760354596645961,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 576116754086093478918709760354596645961,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 442
content-length: 16928
x-request-id: 1fea1d9614a92aa483af3606c3f9e176
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100084-IAD, cache-iad-kjyo7100113-IAD, cache-sna10725-LGB, cache-iad-kcgs7200137-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 06 Jul 2023 04:48:36 GMT
server: nginx
x-timer: S1689322409.568885,VS0,VE1
etag: "eb9a3e68de043c7d9fbe447c6fda14d3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 1

GET
H2 200 GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 28 KB
29 KB 128ms
128ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 792c313ca6492ef04d0d6a6c0eccd7d75fc25a75bf584a84ba4158743bf41996

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
age: 612227
edge-cache-tag: 322215529121878998432636701986310063625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322215529121878998432636701986310063625,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 722
content-length: 28442
x-request-id: bd5d0191e87f92f97dbf86c7a4a1911e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100023-IAD, cache-iad-kiad7000149-IAD, cache-lga21974-LGA, cache-iad-kiad7000156-IAD, cache-fra-eddf8230089-FRA
last-modified: Fri, 07 Jul 2023 04:35:15 GMT
server: nginx
x-timer: S1689322409.580451,VS0,VE87
etag: "9d385f735e857c7a0f65dc8afd0706bb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 23, 0

GET
H2 200 bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 50 KB
51 KB 60ms
60ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75f332ab70cd95968ad30744dc4c87d03ac4d5f68c1db5c1feef81ba04d5fb95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 6
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
age: 1038737
edge-cache-tag: 345538751998270109590106590529079733335,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 345538751998270109590106590529079733335,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 374
req-referer: https://www.enca.com/
content-length: 51268
x-request-id: 8242be2042e9caf9af2dcf64fce91674
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200142-IAD, cache-iad-kiad7000136-IAD, cache-sna10746-LGB, cache-iad-kjyo7100163-IAD, cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2023 05:53:07 GMT
server: nginx
x-timer: S1689322409.581650,VS0,VE6
etag: "c59706a2a29f18de6db033352b0eedf2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 9, 1

GET
H2 200 web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/ 126 KB
127 KB 42ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c48f8ddd40f7734ed4828adfaf6d87d490542052ae6017d81c1a54e5522e5740

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
age: 181333
edge-cache-tag: 365288282345445323941621795917332309574,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 365288282345445323941621795917332309574,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 814
req-referer: https://www.enca.com/
content-length: 128708
x-request-id: 7d67f22beddf0fd291455c6c174164b2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100047-IAD, cache-sna10738-LGB, cache-iad-kiad7000057-IAD, cache-fra-eddf8230089-FRA
last-modified: Wed, 12 Jul 2023 04:23:29 GMT
server: nginx
x-timer: S1689322409.581947,VS0,VE2
etag: "f767ed775b6636c252f3a720c901a641"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 6, 1

GET
H2 200 Borksburg%2520gas%2520leak.jpeg%3Fh%3D6b5c5318%26itok%3DpykZi3lB
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 39 KB
40 KB 42ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/Borksburg%2520gas%2520leak.jpeg%3Fh%3D6b5c5318%26itok%3DpykZi3lB
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ae57a5bf045d8910e8135b771b16dde67fb9fa78c873f9968cec31a2c97f381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_750%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/Borksburg%2520gas%2520leak.jpeg%3Fh%3D6b5c5318%26itok%3DpykZi3lB
age: 701749
edge-cache-tag: 609805426932293115290493854539365021841,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609805426932293115290493854539365021841,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 389
content-length: 40344
x-request-id: 16101fa7fbaeb52ed3a9a3531aa2ecfa
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200075-IAD, cache-iad-kjyo7100074-IAD, cache-sna10735-LGB, cache-iad-kiad7000166-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 06 Jul 2023 04:30:12 GMT
server: nginx
x-timer: S1689322409.607631,VS0,VE1
etag: "531fdd1a04587279c603838a33b562e8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 10, 1

GET
H2 200 616cd7108fb347f39192502ed0ae8f01.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 56 KB
57 KB 41ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b7509332b7438dc81e22f99246dca6869664742e48cb449aace433e5dd78509

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
age: 1449944
edge-cache-tag: 557574256279457859471185083566234244132,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 557574256279457859471185083566234244132,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 658
expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://fabcrunch.com/
content-length: 57144
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000086-IAD, cache-iad-kiad7000151-IAD, cache-chi-klot8100109-CHI, cache-iad-kcgs7200076-IAD, cache-fra-eddf8230089-FRA
last-modified: Tue, 30 May 2023 10:34:14 GMT
server: nginx
x-timer: S1689322409.618195,VS0,VE0
etag: "02f2c52cc8bf8c7538917afd8b41588b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 779, 5

GET
H2 200 dd679d767d551a4d9f60e6c23a1620ea.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 116 KB
117 KB 45ms
45ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cb359becda45907cd7684daadfb2c272ee8ec3a109f6d6323a3164e8d95d3d37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
age: 2500229
edge-cache-tag: 587794673812137273169956456012098456393,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587794673812137273169956456012098456393,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 728
expiration: expiry-date="Sun, 02 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.promiflash.de/
content-length: 118706
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100038-IAD, cache-iad-kcgs7200171-IAD, cache-chi-klot8100111-CHI, cache-iad-kjyo7100132-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 01 Jun 2023 14:25:44 GMT
server: nginx
x-timer: S1689322409.619784,VS0,VE0
etag: "cf2d5ab431a3d37a0576afe2602cc3e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 117, 2

GET
H2 200 anc_nec.jpeg%3Fh%3D8abcec71%26itok%3DpJcYSOz_
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 90 KB
91 KB 130ms
130ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/anc_nec.jpeg%3Fh%3D8abcec71%26itok%3DpJcYSOz_
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 23c5461bdfa232f2e3a3228c65e511eef3e1e1849cfac54036edfc192828fae9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/anc_nec.jpeg%3Fh%3D8abcec71%26itok%3DpJcYSOz_
age: 524354
edge-cache-tag: 374954552677330560153149155654944043790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 374954552677330560153149155654944043790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 577
content-length: 92388
x-request-id: a169ea2fac03a872fa0c5b2e24d5366c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100127-IAD, cache-iad-kiad7000060-IAD, cache-chi-kigq8000088-CHI, cache-iad-kiad7000066-IAD, cache-fra-eddf8230089-FRA
last-modified: Sat, 08 Jul 2023 06:10:33 GMT
server: nginx
x-timer: S1689322409.640693,VS0,VE89
etag: "780fad3bf19342ead77c8b7fae6c4eb0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 0

GET
H2 200 thumbnail_eNCA_LIVESTREAM%25281920%2520x%25201080%2529.jpg%3Fh%3Dc673cd1c%26itok%3D_oxIGSsq
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/ 11 KB
12 KB 43ms
43ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/thumbnail_eNCA_LIVESTREAM%25281920%2520x%25201080%2529.jpg%3Fh%3Dc673cd1c%26itok%3D_oxIGSsq
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 34501daf01cd6b29587d0710ba49442d7ccdba2e95ba61b76cb229650ae2d3d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/thumbnail_eNCA_LIVESTREAM%25281920%2520x%25201080%2529.jpg%3Fh%3Dc673cd1c%26itok%3D_oxIGSsq
age: 2064920
edge-cache-tag: 463768703847521850662562071768448672488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 463768703847521850662562071768448672488,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 466
expiration: expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.enca.com/
content-length: 11608
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200104-IAD, cache-iad-kcgs7200139-IAD, cache-lga21976-LGA, cache-iad-kjyo7100174-IAD, cache-fra-eddf8230089-FRA
last-modified: Mon, 12 Jun 2023 20:33:08 GMT
server: nginx
x-timer: S1689322409.648322,VS0,VE3
etag: "ed4c709e32bdd91cbd53eae0cac6592d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 34, 1

GET
H2 200 doc-33LW7F9-copy-%2540photo2.jpg%3Fh%3D4bf1c8f5%26itok%3Dt_EQIC6X
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2023-07/ 37 KB
38 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2023-07/doc-33LW7F9-copy-%2540photo2.jpg%3Fh%3D4bf1c8f5%26itok%3Dt_EQIC6X
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: afc2a4522c1595534e45743001f8d6ace573052aa466b3f9dc9232d4cbf3d3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2023-07/doc-33LW7F9-copy-%2540photo2.jpg%3Fh%3D4bf1c8f5%26itok%3Dt_EQIC6X
age: 1032937
edge-cache-tag: 532292928926281546104460901728527379345,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 532292928926281546104460901728527379345,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 603
req-referer: https://www.enca.com/
content-length: 38254
x-request-id: 1543845f33edc8e2a3630d7eaeb344e6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kcgs7200167-IAD, cache-lga21938-LGA, cache-iad-kjyo7100024-IAD, cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2023 08:56:58 GMT
server: nginx
x-timer: S1689322409.652255,VS0,VE2
etag: "ab0736687ac91ef47723ae35d68cf7d5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 9, 1

GET
H2 200 Checkpoint%2520endframe%2520new.jpg%3Fh%3Dddb1ad0c%26itok%3Dv8cV1GXO
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/ 88 KB
88 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/Checkpoint%2520endframe%2520new.jpg%3Fh%3Dddb1ad0c%26itok%3Dv8cV1GXO
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6ee270a65ffd28f98a0b1c6fba3d61d1b1a45d38ca69c2cf0ccd2eafe9b425a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/Checkpoint%2520endframe%2520new.jpg%3Fh%3Dddb1ad0c%26itok%3Dv8cV1GXO
age: 2426767
edge-cache-tag: 467776030306892316424747006397237022256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 467776030306892316424747006397237022256,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 641
expiration: expiry-date="Mon, 26 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length: 89878
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kiad7000031-IAD, cache-lga21978-LGA, cache-iad-kjyo7100112-IAD, cache-fra-eddf8230089-FRA
last-modified: Fri, 26 May 2023 10:36:53 GMT
server: nginx
x-timer: S1689322409.663544,VS0,VE2
etag: "082052f6bc0afbabe0b575bc1846aa18"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 5, 1

GET
H2 200 doc-329W79E-%2540photo0.jpg%3Fh%3D426933fc%26itok%3Dco_lOP43
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2022-05/ 18 KB
19 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2022-05/doc-329W79E-%2540photo0.jpg%3Fh%3D426933fc%26itok%3Dco_lOP43
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4995726a1e82c5e753c961383e1e73733107f00f92cd37e0830faedaac0fdf38

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/afp/2022-05/doc-329W79E-%2540photo0.jpg%3Fh%3D426933fc%26itok%3Dco_lOP43
age: 1190438
edge-cache-tag: 609742556342892492440726714591879714299,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 609742556342892492440726714591879714299,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 415
content-length: 18710
x-request-id: ddf3019ec6707acec65ead42ef42c7a8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100153-IAD, cache-iad-kjyo7100080-IAD, cache-sna10736-LGB, cache-iad-kjyo7100042-IAD, cache-fra-eddf8230089-FRA
last-modified: Fri, 30 Jun 2023 13:32:51 GMT
server: nginx
x-timer: S1689322409.674699,VS0,VE1
etag: "c5166954bd2accee188ecb99ea9f3e2c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 9, 1

GET
H2 200 af046b710cbd8a4eea0e35d054a56798.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 173 KB
174 KB 42ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af046b710cbd8a4eea0e35d054a56798.jpg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 802439339303df33f49c43fb743eb3da7974356eda255a02796b1c88bafa5a81

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/af046b710cbd8a4eea0e35d054a56798.jpg
age: 3195065
edge-cache-tag: 583155224673500753957082676460120765320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 583155224673500753957082676460120765320,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 604
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.newsauto.gr/
content-length: 177002
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100109-IAD, cache-chi-klot8100124-CHI, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 11 May 2023 14:41:41 GMT
server: nginx
x-timer: S1689322409.692183,VS0,VE2
etag: "8742d3fab5eab505c9763e66930f9d76"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 2888, 1

GET
H2 200 f483e959519075e9bed26ba5346a144d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 151 KB
152 KB 47ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f483e959519075e9bed26ba5346a144d.jpeg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e5c9c41384b940256f120641481aa1d06e69c7e60ae7af217ca502fddd4cba5e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f483e959519075e9bed26ba5346a144d.jpeg
age: 1376071
edge-cache-tag: 420097041687089862443945669345360732689,308584267801082320679967464701618537544,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420097041687089862443945669345360732689,308584267801082320679967464701618537544,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 579
expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.dailykos.com/
content-length: 154838
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000034-IAD, cache-iad-kjyo7100163-IAD, cache-lax10679-LGB, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230089-FRA
last-modified: Mon, 19 Jun 2023 10:18:51 GMT
server: nginx
x-timer: S1689322409.694892,VS0,VE1
etag: "292ae93aab06dd1b79c0cdc841a95eb2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 21, 1

GET
H2 200 essop%2520pahad.jpeg%3Fh%3Daa5f3720%26itok%3DkY51SDS_
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 25 KB
26 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/essop%2520pahad.jpeg%3Fh%3Daa5f3720%26itok%3DkY51SDS_
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a73bb0d75544e1b20a3de55758c5d92ee322c80ec5b4c57444db77c884efe62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/essop%2520pahad.jpeg%3Fh%3Daa5f3720%26itok%3DkY51SDS_
age: 701741
edge-cache-tag: 293743065725089466308669197223049327164,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 293743065725089466308669197223049327164,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 1972
content-length: 25942
x-request-id: fb0918877f81b288090ad69db108a8ab
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000157-IAD, cache-iad-kcgs7200131-IAD, cache-sna10723-LGB, cache-iad-kcgs7200150-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 06 Jul 2023 05:17:47 GMT
server: nginx
x-timer: S1689322409.708803,VS0,VE1
etag: "d5f7a0926feb423b8a584d37d6d7d7a7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 ramaphosa.png%3Fh%3D7a042119%26itok%3DsuF9HPXG
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/ 34 KB
35 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/ramaphosa.png%3Fh%3D7a042119%26itok%3DsuF9HPXG
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d92af92fa444d7fa85e940101ed8dc44af985ad85813185442e61cbcf21b44ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_834%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-05/ramaphosa.png%3Fh%3D7a042119%26itok%3DsuF9HPXG
age: 1042814
edge-cache-tag: 336787267856707352302670941621606418942,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 336787267856707352302670941621606418942,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 1436
content-length: 34748
x-request-id: 23abd685a85bd21673788fdca1dcfe96
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200058-IAD, cache-iad-kcgs7200116-IAD, cache-chi-kigq8000071-CHI, cache-iad-kiad7000155-IAD, cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2023 06:33:14 GMT
server: nginx
x-timer: S1689322409.709626,VS0,VE1
etag: "1d3f610bb2128150f437645f8f7fbd84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 1, 1

GET
H2 200 bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 11 KB
12 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17449c216cd087927dbe618b63bce7d30033315245db165cfa4f63665829f463

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
age: 1040678
edge-cache-tag: 345538751998270109590106590529079733335,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 345538751998270109590106590529079733335,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 439
req-referer: https://www.enca.com/
content-length: 11056
x-request-id: 9266e782997de6ae432cc0fb8b026ffa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000032-IAD, cache-iad-kiad7000054-IAD, cache-lga21964-LGA, cache-iad-kiad7000058-IAD, cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2023 05:53:07 GMT
server: nginx
x-timer: S1689322409.717345,VS0,VE2
etag: "bad3b6831f99a5d4bc17f149e8b5818b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 16, 1

GET
H2 200 web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/ 17 KB
18 KB 48ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e063159d935829727670ebeaa4998d3234f024e7e865928eb8e56858e34b5483

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 8
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2019-08/web_photo_grave_290819.jpg%3Fh%3Db3660f0d%26itok%3D-3ofJkaT
age: 181535
edge-cache-tag: 365288282345445323941621795917332309574,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 365288282345445323941621795917332309574,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1073
content-length: 17382
x-request-id: ed65740aa70a956b910ca21f91672d68
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100172-IAD, cache-iad-kiad7000142-IAD, cache-chi-klot8100111-CHI, cache-iad-kjyo7100175-IAD, cache-fra-eddf8230089-FRA
last-modified: Wed, 12 Jul 2023 04:23:29 GMT
server: nginx
x-timer: S1689322409.740941,VS0,VE8
etag: "d19d1ce8a40cda31ed3a7b4e8aa9f736"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5, 1

GET
H2 200 a51cbd6ee0226e603d39cc195768f3ef.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 35 KB
35 KB 40ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a51cbd6ee0226e603d39cc195768f3ef.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d63921429c5f219ace5cd282868e032f11aab1e0f675c43a58c5b8825536d83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a51cbd6ee0226e603d39cc195768f3ef.png
age: 2769036
edge-cache-tag: 471447950437044369058725928636629586595,502250709876806482643090542352982362838,29ecf9b93bbf306179626feeda1fab70
cache-tag: 471447950437044369058725928636629586595,502250709876806482643090542352982362838,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 288
req-referer: https://www.oe24.at/
content-length: 35328
x-request-id: 4be1d6a421392a582276ec1aa42073ac
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000128-IAD, cache-iad-kjyo7100027-IAD, cache-lax10641-LGB, cache-iad-kjyo7100083-IAD, cache-fra-eddf8230089-FRA
last-modified: Sat, 10 Jun 2023 14:50:17 GMT
server: nginx
x-timer: S1689322409.747711,VS0,VE1
etag: "d3b5239f3bd05448be9efc809f74b338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1004, 1

GET
H2 200 0b1e24e306f43002c5792f73b69eece9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b1e24e306f43002c5792f73b69eece9.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4d6d2cd12e2762c88eeb786dd6e085a1fb85aea017700ed0030586128850771a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b1e24e306f43002c5792f73b69eece9.png
age: 2569934
edge-cache-tag: 443459513820140683904881721843419629205,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 443459513820140683904881721843419629205,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 113
req-referer: https://www.t-online.de/
content-length: 8978
x-request-id: 2c419b3f3e88933b9a0ca4ecbafc54c9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200057-IAD, cache-iad-kjyo7100027-IAD, cache-lga21921-LGA, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230089-FRA
last-modified: Mon, 29 May 2023 18:57:10 GMT
server: nginx
x-timer: S1689322409.750190,VS0,VE2
etag: "95e7fea91354ec780ce4ac72e8e766fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 314, 1

GET
H2 200 37ef999f153dbe01711c953afdde3361.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37ef999f153dbe01711c953afdde3361.jpeg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89824dd47e95493cc0f8a34e71a1b88050880b5ed8c1012805f47e6339a2f763

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/37ef999f153dbe01711c953afdde3361.jpeg
age: 2151294
edge-cache-tag: 485510313380797861466267358334918110328,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 485510313380797861466267358334918110328,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 61
expiration: expiry-date="Fri, 30 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.huffpost.com/
content-length: 17664
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000164-IAD, cache-iad-kcgs7200083-IAD, cache-chi-klot8100062-CHI, cache-iad-kiad7000138-IAD, cache-fra-eddf8230089-FRA
last-modified: Tue, 30 May 2023 05:20:51 GMT
server: nginx
x-timer: S1689322409.752457,VS0,VE0
etag: "f02ec22678799eb781fc5e34d09faff3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 23, 4

GET
H2 200 Lebogang%2520Maile.PNG%3Fh%3D573dbba6%26itok%3Dld1GkAXG
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-10/ 8 KB
9 KB 41ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-10/Lebogang%2520Maile.PNG%3Fh%3D573dbba6%26itok%3Dld1GkAXG
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fb7ca9439ab8001a9b7cefd61823ddcc53115b017308f9d2514320ac04564b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-10/Lebogang%2520Maile.PNG%3Fh%3D573dbba6%26itok%3Dld1GkAXG
age: 30559
edge-cache-tag: 477945219939370220963262097480424801169,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 477945219939370220963262097480424801169,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 904
content-length: 8006
x-request-id: 2ed96477c93b4d6aa2561a0d739db28a
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100176-IAD, cache-iad-kiad7000059-IAD, cache-lga21943-LGA, cache-iad-kiad7000173-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 20:37:36 GMT
server: nginx
x-timer: S1689322409.759072,VS0,VE1
etag: "6a704b82d4758651a4241e676428c98a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 credit_cards.jpg%3Fh%3Dc12e0b96%26itok%3DhgKHhdEB
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/ 12 KB
12 KB 45ms
44ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/credit_cards.jpg%3Fh%3Dc12e0b96%26itok%3DhgKHhdEB
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4bccbbcd01a783a35fac8d155270930e0274f27042c384a9c6e76816a255ede4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/credit_cards.jpg%3Fh%3Dc12e0b96%26itok%3DhgKHhdEB
age: 48692
edge-cache-tag: 603371181404765363440079234771695668109,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
cache-tag: 603371181404765363440079234771695668109,309727233042263395173288000816347086757,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 105
content-length: 12116
x-request-id: 45d777123d8370fd0b670527896b99b0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kjyo7100064-IAD, cache-chi-klot8100104-CHI, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 15:53:23 GMT
server: nginx
x-timer: S1689322409.777385,VS0,VE2
etag: "fc9284f32afbb12991b39263c0c3bcd5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 3, 1

GET
H2 200 d0746f7861db7b53fbab03f2e592bba6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 60ms
60ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0746f7861db7b53fbab03f2e592bba6.jpg
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccf8944f85fac81446e1d7dd2de935dc94033c0dd48e535ee91dbaafb848f947

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 20
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_380%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d0746f7861db7b53fbab03f2e592bba6.jpg
age: 2593591
edge-cache-tag: 291404030958687795376986399244656432467,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
cache-tag: 291404030958687795376986399244656432467,575325974753229111106645491868203992126,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 111
req-referer: https://www.suedkurier.de/
content-length: 27008
x-request-id: c14a0230821374d7c757472bb4281824
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000051-IAD, cache-iad-kiad7000132-IAD, cache-chi-kigq8000164-CHI, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 08 Jun 2023 17:34:18 GMT
server: nginx
x-timer: S1689322409.790266,VS0,VE20
etag: "003aeb440b9c61f9a5aa47444591d031"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 56, 1

GET
H2 200 next-up-widget.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 41ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 634e5e68aa74d1935d1286e0f10a7c66304d53925e31a1504770750143dfd517

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 1NMyxNpO82LVobTQeA7nYfGJekleBY10
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: YP7KR67VN7W9X23C
age: 82222
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: x/3boxuf/jX8rKR1tTnYWEw3fWIvHSjjVQPfcHMV3JR8pLax7OI6LmtuM0dbk03Oz2AFplgU76U=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:23:07 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322409.560411,VS0,VE0
etag: "a871c15bbfebf4dcc9e981a070c24b02"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 18705

GET
H2 204 abtests
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%2295.84375%22%2C%22eventTime%22%3A1689322408560%7D&tim=08%3A13%3A28.560&id=3861&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1011 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:12:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:13:28 GMT

GET
H2 200 spa-detector.20230713-8-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 51ms
51ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230713-8-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/esattv-enca/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6945487f28c4ccdea5b9adf779658ac7796c3d2256f4dc0422c07a20a953ed9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: bBRQFCMgEbRQeOlOUNk4YzwrQROzS5rO
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:28 GMT
x-amz-request-id: 37ZSNTF1QV5MMF7H
age: 82215
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: fZcpw4JFLym/VL7KCOzwElHNZ4zvPbDkTnvmiLxLSwn+LhvF8xxGzeu03KjHjB9lc2zylXnW2Ok=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Thu, 13 Jul 2023 09:23:13 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689322409.597162,VS0,VE0
etag: "7a8b01b6671b4f0acc75982c19bb2744"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 85401

GET
H2 204 supply-feature
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A13%3A28.567&id=4274&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 46ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1689322408574%7D&tim=08%3A13%3A28.574&id=7713&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 45ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%2C%20%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=08%3A13%3A28.575&id=8517&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/esattv-enca/log/3/ 0
230 B 63ms
63ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/esattv-enca/log/3/abtests?route=AM:AM:V&lti=deflated&ri=ea1123b122639387a4f1bad0b2fed7f4&sd=v2_981150c175befd4938438a44b4e4e157_bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927_1689322407_1689322407_CNawjgYQzJtSGICM2ZuVMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABogPmc5Ofr1_j2AXAA&ui=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&pi=/business/banking-scams-consumers-warned-mule-bank-accounts&wi=4158049055083930604&pt=text&vi=1689322407424&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1689322408577%7D&tim=08%3A13%3A28.577&id=9950&llvl=2&cv=20230713-8-RELEASE&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:28 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/ 3 KB
3 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 979de68aebb3e046cd7d4a5a2b1da91ee235a7dc62049636a0bfe62c2e956b4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2021-09/screen_shot_2021-09-15_at_2.28.14_pm.png%3Fh%3D7ad4d2f1%26itok%3DXbIHIVYZ
age: 695459
edge-cache-tag: 576116754086093478918709760354596645961,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 576116754086093478918709760354596645961,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 428
content-length: 2640
x-request-id: 32dbfc7700092db73eac954253eb1961
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100083-IAD, cache-iad-kcgs7200073-IAD, cache-lga21921-LGA, cache-iad-kjyo7100026-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 06 Jul 2023 04:48:36 GMT
server: nginx
x-timer: S1689322409.790255,VS0,VE1
etag: "9152ee7e5f1fb30b7e5918f2652849b5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5, 1

GET
H2 200 616cd7108fb347f39192502ed0ae8f01.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 40ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 89b375fafa20e292c9444fea6bb53171d6700aaaa84303a8534bd17ab4c7ccc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/616cd7108fb347f39192502ed0ae8f01.png
age: 2915471
edge-cache-tag: 557574256279457859471185083566234244132,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 557574256279457859471185083566234244132,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 435
req-referer: https://news.livedoor.com/
content-length: 5802
x-request-id: 0de0655af815b566d9ebc5168113ab9e
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200123-IAD, cache-iad-kjyo7100121-IAD, cache-sna10742-LGB, cache-iad-kjyo7100114-IAD, cache-fra-eddf8230089-FRA
last-modified: Tue, 30 May 2023 08:34:53 GMT
server: nginx
x-timer: S1689322409.792003,VS0,VE0
etag: "2f3bd062a7c0da0b54ddd22d47e61c4a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 15, 12

GET
H2 200 GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 3 KB
4 KB 137ms
136ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d65e555a2ac24f0219db6c29a65518eaf51819a5dab0765440ff1d133f69a505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/GAS.jpeg%3Fh%3Dfdf5970e%26itok%3DV2J9uv_K
age: 600367
edge-cache-tag: 322215529121878998432636701986310063625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 322215529121878998432636701986310063625,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 344
content-length: 3350
x-request-id: dad92dc75226b4c9307f2a6cfbf9f0ee
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000058-IAD, cache-iad-kcgs7200057-IAD, cache-lax10668-LGB, cache-iad-kiad7000084-IAD, cache-fra-eddf8230089-FRA
last-modified: Fri, 07 Jul 2023 04:35:15 GMT
server: nginx
x-timer: S1689322409.795738,VS0,VE87
etag: "a7dbf95d45f5966e520797e1129d542f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 20, 0

GET
H2 200 dd679d767d551a4d9f60e6c23a1620ea.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 41ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b96f8cfa9b6e9392cafe2a918a09f12d0a6bd8d62b21cc5a90314eb19f5f07b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd679d767d551a4d9f60e6c23a1620ea.png
age: 1387482
edge-cache-tag: 587794673812137273169956456012098456393,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587794673812137273169956456012098456393,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 168
expiration: expiry-date="Sun, 02 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://guineenews.org/
content-length: 6156
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100086-IAD, cache-iad-kiad7000091-IAD, cache-sna10745-LGB, cache-iad-kjyo7100096-IAD, cache-fra-eddf8230089-FRA
last-modified: Thu, 01 Jun 2023 14:41:12 GMT
server: nginx
x-timer: S1689322409.800190,VS0,VE1
etag: "b9782d2274720f87a6b50b38e818236a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 51, 1

GET
H2 200 bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/ 3 KB
4 KB 43ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a641ee7ba713c76a66ccef2ea30ad837f6075f91c3fd139a6008e3e7b77ad6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.enca.com/sites/default/files/styles/facebook/public/2023-07/bester.jpeg%3Fh%3Dd4560ec8%26itok%3DY27kn6s6
age: 1039512
edge-cache-tag: 345538751998270109590106590529079733335,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 345538751998270109590106590529079733335,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 432
content-length: 2854
x-request-id: 3b57d03ef7973e3c9f2fbf3513f62009
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000047-IAD, cache-iad-kcgs7200146-IAD, cache-lax10649-LGB, cache-iad-kjyo7100128-IAD, cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2023 05:53:07 GMT
server: nginx
x-timer: S1689322409.819350,VS0,VE3
etag: "67f99758abe9351be57cc69beedffa15"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 1

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 43AB 0
18 B 40ms
40ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8D4F 0
15 B 40ms
40ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: null
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 5967 577 B
465 B 51ms
49ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=undefined&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f5739f2-1faa-4633-87d7-8003d22995b2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e1a576de5ede817cf192d0e386e839277923de334af7f56bcaee80df136635b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 14 Jul 2023 08:13:28 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230089-FRA
x-timer: S1689322409.863703,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6F26 577 B
662 B 55ms
48ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5e1a576de5ede817cf192d0e386e839277923de334af7f56bcaee80df136635b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 14 Jul 2023 08:13:28 GMT
machineid: 3401
server: nginx

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_1/infra/ 889 KB
148 KB 123ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_1/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3ed4f4b716ab842f94bbecefdac523b93ebd80af5fb414818ff5cd2b8431e699

Request headers

Referer
Origin: https://www.enca.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1689152893
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: MHEESDEDJM3CNZRG
age: 169389
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689152894
x-amz-meta-mode: 33188
content-length: 150728
x-amz-id-2: WGFjmbm/sWhs8uVztPqMZy/PL8G3x1pex01cC3u3ZsbLBSBY+aZeVhHAOhaGl1PNUoYOcweg52g=
x-served-by: cache-fra-eddf8230070-FRA
last-modified: Wed, 12 Jul 2023 09:08:15 GMT
server: AmazonS3-br
x-timer: S1689322409.948972,VS0,VE0
etag: "84986041ee604848aea92f9cd1cf59e8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 73550

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_1/assets/css/ 61 KB
8 KB 40ms
39ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_1/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1689152912
date: Fri, 14 Jul 2023 08:13:28 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: QWXXT1WX42R142A4
age: 169391
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689152913
x-amz-meta-mode: 33188
content-length: 7934
x-amz-id-2: GNRCB1MifjK1jvHywbjG/Hkr623h/mdSDJ7TL/jZwQLtPS1gYbVfDMC+2tiuePU53Q3XazkE9Iw=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 12 Jul 2023 09:08:34 GMT
server: AmazonS3-br
x-timer: S1689322409.866139,VS0,VE0
etag: "7d5846b7fa6c83e210775caa76d96cb7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 107831

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 55ms
49ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=31589837&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1689322406418.6!ts:1689322408841&mntl=1
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:28 GMT
content-length: 0
server: nginx

GET
H2 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4927 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 5967 70 B
265 B 179ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=undefined&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f5739f2-1faa-4633-87d7-8003d22995b2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5967 43 B
426 B 185ms
58ms Image
image/gif 2a05:d018:d29:3602:64dc:88e6:e53a:1b23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=undefined&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f5739f2-1faa-4633-87d7-8003d22995b2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:64dc:88e6:e53a:1b23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6F26 70 B
264 B 174ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6F26 43 B
425 B 180ms
58ms Image
image/gif 2a05:d018:d29:3602:64dc:88e6:e53a:1b23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:64dc:88e6:e53a:1b23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4ACA 281 B
554 B 149ms
40ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&pix=undefined&cb=1689322408841&uv=3301&tms=1689322408841&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=4f5739f2-1faa-4633-87d7-8003d22995b2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jul 2023 08:13:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C917 281 B
554 B 148ms
40ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jul 2023 08:13:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 css2
fonts.googleapis.com/ Frame 4927 4 KB
671 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:11:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:13:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6CE0 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jul 2023 08:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 07:10:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jul 2023 08:13:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 6CE0 2 KB
946 B 180ms
80ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 6CE0 23 KB
9 KB 180ms
81ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 843A 143 B
247 B 40ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 07:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 6CE0 3 KB
1 KB 187ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 6CE0 20 KB
9 KB 137ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6CE0 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkDjgp5HRQws14FsJelZqKPvchXBUpv0SO4z67kQWQLhEwo2fHg_XzCk2MDwI0630sGaZr
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CE0 179 KB
56 KB 214ms
127ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H2 200 2a76cf1338a212cd33ad52adb05195b7.js Show response
www.gstatic.com/mysidia/ Frame 6CE0 33 KB
14 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2a76cf1338a212cd33ad52adb05195b7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 14:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14183
x-xss-protection: 0
last-modified: Tue, 11 Jul 2023 07:02:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 Oct 2023 14:02:07 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 4927 20 KB
9 KB 138ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8599
x-xss-protection: 0
server: cafe
etag: 12796843930313450165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:12:42 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4927 205 B
520 B 137ms
49ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 16:18:37 GMT
x-content-type-options: nosniff
age: 57292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 16:18:37 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4927 604 B
696 B 138ms
49ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 17:17:39 GMT
x-content-type-options: nosniff
age: 53750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 17:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 12 Jul 2024 17:17:39 GMT

GET
H3 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E387 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FD7 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlgFxpcGKTl7AyDv-ynCyorooFl4-wX9TSfGCs38HOS_uugwFbNngjgRc9WmGXhvgx68O8apECQB9v6oqYSkDSmt4o6u7HBbCqgfZf3DLXCIXyj4bzA2rNuPmF1q68-iA-BoRcK97HU8ocBr54IP-5DtQw0GU83WR5cGBnwliBOszoOS4m7jBcC6GzFd4qh_XINl1_wL5s7tloaQUqyN6rl0zB55Ol2nA9Nui2DAeLq6Ot2LzQ7mUsa9yQrFWwVwRugv8bE3FGQNzNjiU7swaHhfBoE8XaSMcPTqkMycr6VYf2TdlFv3qIngOU6vthMaehPg&sai=AMfl-YSpbtZgU7b4Ld_MrFRLJ6i9pxokCt36YoIsyCfyQz5FdohFTC4g-7J-oC-1YE-3aBR5tNwB-rsFN7MuyuiOwVyQ25BmlCTCOD23K14Xmsr60MZ_5cAdh6vh4w622hQ&sig=Cg0ArKJSzNSR7_fsuWM3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

gl23.7.3.js Show response
static.r66net.com/d_s1/ Frame 6FD7
Redirect Chain

https://k.sd9net.com/GetLink
https://static.r66net.com/d_s1/gl23.7.3.js

307 KB
103 KB

191ms
41ms

Script
application/javascript

68.232.35.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/d_s1/gl23.7.3.js
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Server: 68.232.35.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 4f0ca68147bbad74c6d8246eaf3dde55c3fd6772ec98abbe582b08464d044073

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 07:21:11 GMT
server: ECS (frb/673A)
age: 89475
etag: W/"64afa5e7-4cb1f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 105533
expires: Fri, 21 Jul 2023 08:13:31 GMT

Redirect headers

location: https://static.r66net.com/d_s1/gl23.7.3.js
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
cache-control: no-cache, no-store, must-revalidate
expires: -1
content-length: 159
content-type: text/html; charset=utf-8

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FD7 179 KB
57 KB 94ms
66ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 843A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
expires: Fri, 14 Jul 2023 08:13:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9B29 0
16 B 80ms
79ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPnsBxCgu8sBGM-usuQBMAE&v=APEucNVr9zructJDWSIsceSpBnj2A_vA11Lf2uxSbHwWnAQRYmWL4aNL2i6_VpNusQE6ZxTbVwAMjUKWDlvyqpXvngV4zD4_uQ

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E387 85 KB
29 KB 238ms
148ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E387 42 B
110 B 164ms
74ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cc38GXsHUZ4LwR6hrhM4PZjc0EkcsoxLymIYVZ1n0xT3Bes8eYNKznyZWRahC3V6MrsyQqy_-mcFttIqSmQdhGI0xhu8FSZhNdLcdWH9gCbLA8kj8

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E387 0
349 B 163ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1342829425395894745&x=1&ct=76

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame E387 3 KB
1 KB 98ms
89ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame E387 20 KB
8 KB 59ms
50ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E387 0
0 49ms
49ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBP_AzmxQnmZVx0Xw6DKSeJeDg3qUrrVBFLpHJc89Wo-HRUl06XpZKBlyZAlyD-4CV8rVq
Requested by: Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E387 179 KB
56 KB 146ms
146ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/ 444 KB
84 KB 40ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_1/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-meta-mtime: 1688806868
date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: K1T3JJ3H7BJSZP00
age: 515469
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688806881
x-amz-meta-mode: 33188
content-length: 84969
x-amz-id-2: kevFHXMmcH9URCKmbHhgtGnZd74HCNlypQT3jcvbyxHStQwQFBKD0ZLGIDzYEsK+79KXL44us9c=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Sat, 08 Jul 2023 09:01:22 GMT
server: AmazonS3-br
x-timer: S1689322409.169874,VS0,VE0
etag: "495314d071af2f9ae6f90cb9bdb64cd6"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 535394

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 296C 577 B
662 B 46ms
46ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_1/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5e1a576de5ede817cf192d0e386e839277923de334af7f56bcaee80df136635b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 14 Jul 2023 08:13:29 GMT
machineid: 3401
server: nginx

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4ACA 34 KB
10 KB 40ms
40ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bfb92c56348cab69ccfc7e45c2a0f883b43df9e501ce94c5b49ca0ed8555c237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2023 13:53:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20342
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 14 Jul 2023 13:52:31 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C917 34 KB
10 KB 40ms
40ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bfb92c56348cab69ccfc7e45c2a0f883b43df9e501ce94c5b49ca0ed8555c237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2023 13:53:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20342
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 14 Jul 2023 13:52:31 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 48ms
40ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 39ab62538ffdeaa07dae29bbaa23912e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: BUD50-C1
age: 2017493
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1689322409.214892,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Y5PeO3Y0Tpu9cajvjxAiHpbNytwecYuggckypqPAK8vFX1mH5GYqSA==
x-cache-hits: 567842

GET
DATA 200
OK truncated
/ Frame 6FD7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f02d7207b5a7489770e9300cc9b52d3d1ba168e8111281c92973e4ecbc04a7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 296C 70 B
264 B 57ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 296C 43 B
425 B 58ms
58ms Image
image/gif 2a05:d018:d29:3602:64dc:88e6:e53a:1b23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:64dc:88e6:e53a:1b23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F129 281 B
554 B 40ms
39ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jul 2023 08:13:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 46ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=172&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&uv=3301&unm=FEED_MANAGER&cb=1689322409267&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&su=6&baseReportD=taboola.com&dataCenter=am&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-length: 0
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 46ms
45ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=173&cisd=convusmp&cipid=66361655&crid=-1&dast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&cmcv=&uv=3301&unm=FEED_MANAGER&cb=1689322409269&abt=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&su=6&baseReportD=taboola.com&dataCenter=am&
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-length: 0
server: nginx

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4ACA 284 B
536 B 177ms
42ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C917 284 B
536 B 170ms
40ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2756 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F129 34 KB
10 KB 45ms
45ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bfb92c56348cab69ccfc7e45c2a0f883b43df9e501ce94c5b49ca0ed8555c237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jul 2023 13:53:21 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=20342
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 14 Jul 2023 13:52:31 GMT

GET
H2 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 6153 37 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 18:08:18 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E387 0
56 B 75ms
75ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3582906995866&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E387 0
56 B 74ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3582906995866&version=m202306200101&ct=76&x=1&cor=1342829425395894800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E387 76 KB
36 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0WuDhgcIwhXwlX2XcmdwVu_QLGRRUVYypPsA2oURpNg20uqw_spfJnxndvRamIkwmjSlTPKIIovw0_l9fBhXSbrlb_A&cry=1&dbm_d=AKAmf-BHEoUIafxygVWcSCpRkf01nL2KMoTC2ibdMsJ-_vrkovqgn_qwQq7ckLu2A18Ds-INnQfdwR2EUEamizoVdBiynn5B9i8F2AZJto4T1dTd5og_3CO4GU7wzDRp5E8IkDzUgQRf8q_2bs_TwU72OKwFJRZbqfIzWlmmVNqFUfC6RdRG-hk1L4TxI2grB5lYk_6WDD4Z8gxVtB6UbnUeTbFT4Z_VxSCAowhFu59hon0HdpylwcyUTgfWMgTq24tHQvrDVgP_WtRS7V59_6voN8L6n1LIykiH-HDrfkFiDr3AZverrAVo695hMMLVIT0fI-oGIOl8PQCD_MDgDwAiyU0VuTcnc6W3KCT5X2iX0Hv71tLXbufkyaEr-1tRlN57Ro0WJngNAl70ZBwrqqkBRfiVCX_-VwOTT2HvpDLmczjcfGkAEnMhAgn1y2PT2rn3WeiWXX9CQHr7z0IX7f4L-p1uP6NZtKoeDeID7AOc3E2Q-mMQuH396DFq5H0QEYl5pfDOsZ8y78CmJJkgW8R0atCvJh4UBFF6hc1JQ6nxl6KwtfEauha0VurQka9aDCNcwzQBqhgguTQohu6DPJ0Yq8IxO9pkOYSyYdDF33Pcj7lthaC9g4LFo3r3Xv70eOFh8szu7uGqtywkOQXWMFMyUJV8GvXaxhNZ0xV8eBJyf9RSrVUFPRmkJPQQDT4b3qdvEQB7syOW9fKdX6vEfAVx7Ydo9SEF1eaaLiD1AYPKtXuv8nzpFLUmtd4tWwHTXvJktm0LG1Okt-bMP2FOYc4D6egxRhN0AR4hi3_vfq8wXSuQSxnPftHgswARs0qAwb2yg0ofRKo7T8l5K7j2Z5-uGK7DRfL9ZjNDN3oMwfjAeZ-hy_g3B9Dwx1SvW1QteEzsQ4urHXjNWLT32cTD1Nq_1dKmM0EqMfP9eQnrFvGmj_XNxrv-NmDu_ruHmDPCxiswLJMNmEMb8lQlc5XOFrZym3oFc2BcCOjG29X6_LWACMfBXdxk8YUucGEiESR4lEUQHIeVGwJkp2As_t1cfM_-fUIj3bRGrM4RNZW6KLs22eZarw_-MB5wBOuEC9tFBie84zMHecTiS3clu8fQxp5MFXa9Z3thNmbesy65SIjQ6e_t7F3KIm5JAgqPSo6JCCuRuPvCU2aYM-4HpbeAwoDSgjLe4BUJ-sF7VY4gHYwslY3YO8eDPc0NJxpTTNLqxfkjZyU2W0KbJ1cDfijpVnqunVlF2rL9Vh6T8tC5isinGs47h6PjvXRSK2CwxKX7DXkkD9mX4sx-aBjhtOylEBwIFeP4fcof2LCOVYRi9a0gWeN98KVhbwqHBxS0k27-EMVQH-zwu48PQLi2zyI0mDceiNfxAxYdzlXeew1xYHyISWpfEtFsQVvFnRF8d-IvznuCdy5cXda70eZeXWErGyy_U56qLMx-vmB6x15mdqH2Tm2rXYqYz4ImnXIdvcoq7-p_ecaoiZqo1ldNNm_ElWjStC-wEEd52GfZ2gcZNNoRliolv8Ldj6IHn2anB1G4rUAkAnpsbSJFc1vXfVDKZ4CkCOrWQkKMyFwU6vEEGPUAFWmiEBWjzk63CAcF2j5v8SV4atn9_-r8WNqicHCAtojincZV23up7UTCVXhoO8JxoInvefO_8ER4-yCkXxkw1I-K-CuWGnH2NVQsC0U2VYM1GQERBoI7CudMRmh70HeYM75sm5jHUEVaSQU19f0kvLiQBlGk6rpO_Fen-x3DPCO0Gax0NUFA8OEU6Pe79VFP7AFj26cju19X-XcehaddzpanRsmjCvgKa81y3u2AIB4VZrMosMmlIi600HI4N7Pni8-NItUzQOqtEDtDjQ1LRxJ0Cyw8CpCbdIyPaHp_0BrIsJGtO6nqYM64e_lvV0CTRWZ3DBP41Bge3TtTbnLLqjW-zrZ0QLp8d4gCtYbql4qpPEw-hyUH3VGAO2gIiWalBlbMSvVfnwjzcDwnzkEVE3y672b1MmUrNu-8UW8CD06jyE2nzGkHWBzeCMmUFIhx1b0UoEquDKWHZAvhdLMSf4_TbPs6cStbit-zyivxLDwRogs8RTeta7yzzJAh3H1HppVwtutxmgwXyxPhcBUbHYkCPQgyIE9DYN96moweSRmxyhK83jVMdT1xuZ3RGB-bRl2bDiYwe0DpxaA24xNVBQ4eiiUJDaOLfjFMYVUA-O99PnDkBQQuwB3Xv9JVDy1xkzuZG5W4RAX2jsH-aEcUcw6fqT-OOw2VgB5cglhyNw_1ZPoISHDxiRaS17pxFiwcPuORKzCsdlME0DpAtEJEFY5Z5Cj_h0YVdvA50RvL0kI3KVWTNmbs8jUzzmwk9iInXTg5X3DKjg9DVKUQZZTNQgg2C-UbV_Sj_dCvkKb7RfKFqfQtipQU1TqQ3d6CW1gxcOCdX0FHPY80XV3LxXPxFs0CPOTevhyYEgQvV4qBmYPayAURAPozWHpXJ7AUhssXYA2TD9ze2_5xd8VlVbg9iJMrKoKP6zJDnyLEJTvfypsNWyn8D1r_msamzxiQCpShxZdknug2NF5Q2vcCLwfQwd8vpFMdNHbRJi543AOxNE0uzp8i2_ShW501qS7VkMKtaeMTId2kIRAICK_AQHCJrgxMD7pYzFL7AKSfPg74mIY4XWAvHkwhp-RYs5AWnFc-ivZKcxYYLw5hT5s_s67UqblpnExUCEob8uTBfew1PuT3mdH_LtyS3n-fy3i9SnlhJGoiw6frxFoeqcYPyfT893eSd3WFONG8Ioqf--OjDDbHKh6Z_akKxtrvIriIql70O9z32Je-f5W1QEg9BhtluXvYRMO97i4UiXEsABe957zJGhfLQwfySUEYa06DS2RspbXPPGCsLaJETA19Zmekic8xByEKG8Fc8PTLtFfhlxg_zoYr4pTIESUZ2e29TPiGefFAj_FpVChsJ9fzHIi6V3XzI4GVIkfPIkdm3rUq9456NQW-RCGCaeUpfc6Pg18W68MCD-123E_iV4yP8hds0pvjiQ4qPTWABUdmEienqF92wzp0RAVKvaQQvcJrKSwL7lwqxaRNleGMVjmr5Bc4LdNy6ZOeCLzFUFKu716KHR-SeUR2LTaY7pS7NQIp-p0gFenL-Owwl66wM5gU83xEKY_KrVh4xV6JZMDhbnwno2u1u7yBtm14gp85Y2-LNvVrjuBa2AnIIECIH_Lbri2GqeT3HPPlVcYr018zCWiEwn1BCyt0ZciEftMASAoXC9z8-z5JTi8MsX6oagxAPXXGsjwBnbsovz6lo5aSg6uP_Xo1stQ0gMxKuPMXIy6dtrCO16LCe2cni6SvDhspwzCyJtmiKs9ZJ6_CHVEyLcmO-YHQMLULWfs27W7fxOGR6cw8cxIkTkpS1lFtsP4eE7tMJrsPUByuFuqOxPyZ519EkTHr3r4e36a8rTiFfdBMXY2P2cOERsDlPUvSeu1lmVWWZi9EZo-Y-M-eIz6DzKL9lv-fr0-VHFI2ulvyWvoV7Md_l142-4wagb8&cid=CAQSPABpAlJWG_TSKBtxnOVtjTtB5u7_Ld7Aco6OZbcVJv5V3TkbzODYHHOdFx3LNqaoSemIQqKjo4inR3W6cBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=1342829425395894800&adk=2086295851&idt=262&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf5b582fe6e7f1a0432041f27b593c16b34ab1676d42583eb4802ced9faffb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36617
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E586 0
16 B 81ms
79ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjQvp3cATAB&v=APEucNUKiIwb6DqPQoswI9Kz_FLjnaEngPN-XknppIUrUC8MObzBqokvUzcop_5BrWo5qCcVQI3J3vDPldMFnfmr7AerPCKzmg

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2756 85 KB
29 KB 107ms
105ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 42 B
107 B 76ms
73ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A9sB1QXgqlaiEMoOPG-N3H0FCuly4V49JDETWGDvypJafotSXNp6_wrZ8IM69MuB5HiTmsbRC7O-QBxyGVqU540FB7nS2ZhS9_JZkO3oVE0r357EY

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 0
56 B 75ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16678129865112860532&x=1&ct=76

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 2756 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 2756 20 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2756 0
0 49ms
48ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQP5rSssvBeoYovJujy7MBGyQU_CgOW31B-T953-KYV7I9S5o5i9CMpDXVat7c_PSBqqC4t
Requested by: Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2756 179 KB
56 KB 1671ms
1669ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:31 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F129 284 B
536 B 117ms
41ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame C917 0
239 B 523ms
121ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 bulk Show response
trc.taboola.com/esattv-enca/log/3/ 0
365 B 92ms
92ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esattv-enca/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=18
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 13
date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7794
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
server: nginx
x-timer: S1689322410.534747,VS0,VE13
content-type: image/gif
access-control-allow-origin: https://www.enca.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame E387 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A0WuDhgcIwhXwlX2XcmdwVu_QLGRRUVYypPsA2oURpNg20uqw_spfJnxndvRamIkwmjSlTPKIIovw0_l9fBhXSbrlb_A&cry=1&dbm_d=AKAmf-BHEoUIafxygVWcSCpRkf01nL2KMoTC2ibdMsJ-_vrkovqgn_qwQq7ckLu2A18Ds-INnQfdwR2EUEamizoVdBiynn5B9i8F2AZJto4T1dTd5og_3CO4GU7wzDRp5E8IkDzUgQRf8q_2bs_TwU72OKwFJRZbqfIzWlmmVNqFUfC6RdRG-hk1L4TxI2grB5lYk_6WDD4Z8gxVtB6UbnUeTbFT4Z_VxSCAowhFu59hon0HdpylwcyUTgfWMgTq24tHQvrDVgP_WtRS7V59_6voN8L6n1LIykiH-HDrfkFiDr3AZverrAVo695hMMLVIT0fI-oGIOl8PQCD_MDgDwAiyU0VuTcnc6W3KCT5X2iX0Hv71tLXbufkyaEr-1tRlN57Ro0WJngNAl70ZBwrqqkBRfiVCX_-VwOTT2HvpDLmczjcfGkAEnMhAgn1y2PT2rn3WeiWXX9CQHr7z0IX7f4L-p1uP6NZtKoeDeID7AOc3E2Q-mMQuH396DFq5H0QEYl5pfDOsZ8y78CmJJkgW8R0atCvJh4UBFF6hc1JQ6nxl6KwtfEauha0VurQka9aDCNcwzQBqhgguTQohu6DPJ0Yq8IxO9pkOYSyYdDF33Pcj7lthaC9g4LFo3r3Xv70eOFh8szu7uGqtywkOQXWMFMyUJV8GvXaxhNZ0xV8eBJyf9RSrVUFPRmkJPQQDT4b3qdvEQB7syOW9fKdX6vEfAVx7Ydo9SEF1eaaLiD1AYPKtXuv8nzpFLUmtd4tWwHTXvJktm0LG1Okt-bMP2FOYc4D6egxRhN0AR4hi3_vfq8wXSuQSxnPftHgswARs0qAwb2yg0ofRKo7T8l5K7j2Z5-uGK7DRfL9ZjNDN3oMwfjAeZ-hy_g3B9Dwx1SvW1QteEzsQ4urHXjNWLT32cTD1Nq_1dKmM0EqMfP9eQnrFvGmj_XNxrv-NmDu_ruHmDPCxiswLJMNmEMb8lQlc5XOFrZym3oFc2BcCOjG29X6_LWACMfBXdxk8YUucGEiESR4lEUQHIeVGwJkp2As_t1cfM_-fUIj3bRGrM4RNZW6KLs22eZarw_-MB5wBOuEC9tFBie84zMHecTiS3clu8fQxp5MFXa9Z3thNmbesy65SIjQ6e_t7F3KIm5JAgqPSo6JCCuRuPvCU2aYM-4HpbeAwoDSgjLe4BUJ-sF7VY4gHYwslY3YO8eDPc0NJxpTTNLqxfkjZyU2W0KbJ1cDfijpVnqunVlF2rL9Vh6T8tC5isinGs47h6PjvXRSK2CwxKX7DXkkD9mX4sx-aBjhtOylEBwIFeP4fcof2LCOVYRi9a0gWeN98KVhbwqHBxS0k27-EMVQH-zwu48PQLi2zyI0mDceiNfxAxYdzlXeew1xYHyISWpfEtFsQVvFnRF8d-IvznuCdy5cXda70eZeXWErGyy_U56qLMx-vmB6x15mdqH2Tm2rXYqYz4ImnXIdvcoq7-p_ecaoiZqo1ldNNm_ElWjStC-wEEd52GfZ2gcZNNoRliolv8Ldj6IHn2anB1G4rUAkAnpsbSJFc1vXfVDKZ4CkCOrWQkKMyFwU6vEEGPUAFWmiEBWjzk63CAcF2j5v8SV4atn9_-r8WNqicHCAtojincZV23up7UTCVXhoO8JxoInvefO_8ER4-yCkXxkw1I-K-CuWGnH2NVQsC0U2VYM1GQERBoI7CudMRmh70HeYM75sm5jHUEVaSQU19f0kvLiQBlGk6rpO_Fen-x3DPCO0Gax0NUFA8OEU6Pe79VFP7AFj26cju19X-XcehaddzpanRsmjCvgKa81y3u2AIB4VZrMosMmlIi600HI4N7Pni8-NItUzQOqtEDtDjQ1LRxJ0Cyw8CpCbdIyPaHp_0BrIsJGtO6nqYM64e_lvV0CTRWZ3DBP41Bge3TtTbnLLqjW-zrZ0QLp8d4gCtYbql4qpPEw-hyUH3VGAO2gIiWalBlbMSvVfnwjzcDwnzkEVE3y672b1MmUrNu-8UW8CD06jyE2nzGkHWBzeCMmUFIhx1b0UoEquDKWHZAvhdLMSf4_TbPs6cStbit-zyivxLDwRogs8RTeta7yzzJAh3H1HppVwtutxmgwXyxPhcBUbHYkCPQgyIE9DYN96moweSRmxyhK83jVMdT1xuZ3RGB-bRl2bDiYwe0DpxaA24xNVBQ4eiiUJDaOLfjFMYVUA-O99PnDkBQQuwB3Xv9JVDy1xkzuZG5W4RAX2jsH-aEcUcw6fqT-OOw2VgB5cglhyNw_1ZPoISHDxiRaS17pxFiwcPuORKzCsdlME0DpAtEJEFY5Z5Cj_h0YVdvA50RvL0kI3KVWTNmbs8jUzzmwk9iInXTg5X3DKjg9DVKUQZZTNQgg2C-UbV_Sj_dCvkKb7RfKFqfQtipQU1TqQ3d6CW1gxcOCdX0FHPY80XV3LxXPxFs0CPOTevhyYEgQvV4qBmYPayAURAPozWHpXJ7AUhssXYA2TD9ze2_5xd8VlVbg9iJMrKoKP6zJDnyLEJTvfypsNWyn8D1r_msamzxiQCpShxZdknug2NF5Q2vcCLwfQwd8vpFMdNHbRJi543AOxNE0uzp8i2_ShW501qS7VkMKtaeMTId2kIRAICK_AQHCJrgxMD7pYzFL7AKSfPg74mIY4XWAvHkwhp-RYs5AWnFc-ivZKcxYYLw5hT5s_s67UqblpnExUCEob8uTBfew1PuT3mdH_LtyS3n-fy3i9SnlhJGoiw6frxFoeqcYPyfT893eSd3WFONG8Ioqf--OjDDbHKh6Z_akKxtrvIriIql70O9z32Je-f5W1QEg9BhtluXvYRMO97i4UiXEsABe957zJGhfLQwfySUEYa06DS2RspbXPPGCsLaJETA19Zmekic8xByEKG8Fc8PTLtFfhlxg_zoYr4pTIESUZ2e29TPiGefFAj_FpVChsJ9fzHIi6V3XzI4GVIkfPIkdm3rUq9456NQW-RCGCaeUpfc6Pg18W68MCD-123E_iV4yP8hds0pvjiQ4qPTWABUdmEienqF92wzp0RAVKvaQQvcJrKSwL7lwqxaRNleGMVjmr5Bc4LdNy6ZOeCLzFUFKu716KHR-SeUR2LTaY7pS7NQIp-p0gFenL-Owwl66wM5gU83xEKY_KrVh4xV6JZMDhbnwno2u1u7yBtm14gp85Y2-LNvVrjuBa2AnIIECIH_Lbri2GqeT3HPPlVcYr018zCWiEwn1BCyt0ZciEftMASAoXC9z8-z5JTi8MsX6oagxAPXXGsjwBnbsovz6lo5aSg6uP_Xo1stQ0gMxKuPMXIy6dtrCO16LCe2cni6SvDhspwzCyJtmiKs9ZJ6_CHVEyLcmO-YHQMLULWfs27W7fxOGR6cw8cxIkTkpS1lFtsP4eE7tMJrsPUByuFuqOxPyZ519EkTHr3r4e36a8rTiFfdBMXY2P2cOERsDlPUvSeu1lmVWWZi9EZo-Y-M-eIz6DzKL9lv-fr0-VHFI2ulvyWvoV7Md_l142-4wagb8&cid=CAQSPABpAlJWG_TSKBtxnOVtjTtB5u7_Ld7Aco6OZbcVJv5V3TkbzODYHHOdFx3LNqaoSemIQqKjo4inR3W6cBgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=1342829425395894800&adk=2086295851&idt=262&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:06:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame E387 11 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:58:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E387 0
0 195ms
83ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMNQjn8sIkpXQURpU6V5-tAOxMR6aI_cz__diwrAPhDIHJbpxWUTye9nHjTEdTOHyxP1sN9yNm39VYcmEpDnxoMu07g16ndrsJuhynpcjbCoHV74EQfSuY5ALBi-pAaOCqLaIu58XypLayHRtohtjfQE2IRTM1AxU9N5INAavqbN3XklZdRMGjS8GXKsykh1s__wFZEkZmjcgkOehNWPt9AriVAe9Q5p6j7QFkV12rTnuiEnVTpDcS4YjUiQz55VluM4Zl3l-dYcLeQdxHFmeOIti1OCITjzq6aK4f7jvYWjOjo5hYjUdDJmK8QN1jAupTyBKuPE2Hp606fVyNVKmDoeU_1NUaDKiw3MTnnbNAVDDtvh_T8Zx3ZeD4N3Abtlm0IxfYoe5_Xjc9GUBPfe1tg7xc7eV85UH7WouNi51uqivTJzi7GXiKRps2s_fEZqeqSniCm30beQGG3zanQbIuF-vdjzpmFcIgkPm8hmOr0yYr2JLwAGKIM_RodYj6P8zvOj4LuV6bt1fbr57OTvebx8W2_YX5yM4XmMkAmW3AyLrYdiBPiO_49tZlDfPX5yZa3pzX19MW6CbX86nTff1FrMFE4Lqo_p9i_BEazTnzR6u266fA4Iv4RCosAvaJrG8frPYb7PfHmJD8bY36346Mp2DHmwiypdo6lGD_PqlJuXQ7pCDCio4fxfJUFwLcEC4mm1tOokj31ksF88LyrkX6rLguyHL8AMkw4C0-3Rg_pqTyof764CiZeWGOsbQEGMAIIleW5qTwvP66hGDFPIR0gMV7XQ5h2qpsy7j0livSKjB7dkNOKliRkBtq58oylXEcmO5lyHIQL9EZt-aeFsPlgG1h-1WMXwYHlMYls0jqH1HyB3TrmLA8bV5gWt3RMkawtDGjjucMvrLsSVMdyqADmjspxO_ybxUWAbqGDKMYRaNR8ovHLabOGGoWpGnb5V4dMmLZO_apsp93lDxHWyOPLgU0Mh4yr2DvlxgFFu-bKGymeZzO-7Bhr6e8CH10wgp2FKZva82gKYERnX1szJke66k88kmNF1NMN88KMhYfbcFcVQBmtCuoMJgnDN61AuRbnWgToArP7ZWxEj5BlM1jx2FZ3ODdyGMKmuXlgXzJL0NbMv8gzCsLitfaI3qlI8zivzYSTTGPjVsMhCGLqG4aWGFCB8SFCEtw5UD1R1JN534d4gzES8ruh7cA3JPlbUE81KRGBzi75Sn_SK_Q7uMHPp0JVphnvR9qbRcat1HxIppFEKmLxpgvr6z65bpzxjAKv3LKibTKCaA&sai=AMfl-YSpBxBWRX4EwdhKO3Gh9Rq2oC_R-As81YtD1yQU5vtLwM6qK9YHdTcwOTm8NjBXLeNiDXArdY_vNdYvojPx073-Gr9XgTogRnDFOiRiTjh5QTwFgAxuYfHVAGiG5BJduR5uh3MhS4hSXIqCVDGhUUvXQ5iIX96n5ANcYIeO1qaHn-uuEyhjBL02rVvondo107VUkbVqNu6femGXksUtIq-XLi_BZOaUeDWRuXvh_h7zxUFlNk7xkSLP8aF5bs8JkG0_FO0&sig=Cg0ArKJSzDGKRsWnvR4EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230711.07213&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E387 41 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:46:58 GMT

GET
H2 200 5906568141309618331
s0.2mdn.net/simgad/ Frame E387 267 KB
267 KB 136ms
43ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5906568141309618331

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace3f32ec46a00398ff15c5ab1d7d0de00ce03797d2adcd537b58f406f9ae7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 07:35:24 GMT
x-content-type-options: nosniff
age: 520685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 273106
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:51:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jul 2024 07:35:24 GMT

GET
DATA 200
OK truncated
/ Frame E387 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61c65746df37547f7178374934d89140c44e7698ed42f73c2ec41d3338faa873

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=453712651162&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=453712651162&version=m202306200101&ct=76&x=1&cor=16678129865112860000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2756 77 KB
36 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzIoMe9PoUHMYj7wqTpvcucKyQObNijj4CctXIje-8NHR9BUFz-WeM9Ge81x4UKDYkIQXIVQrrDJWoG_c1luOvolBpVg&cry=1&dbm_d=AKAmf-CN8hrkwx48W-pbR4lAJ56QXj5WjVaoru3Tw71IHPKe9V-ognF1o1ii7dNhwKiaB98jsZMFPdOhSWaDolfcNLv_cSS4mIqE4woYl0NyA8mkfhtd9LmMI5zyPxj7B4KWiFlTmVPi8yML0QMrjbEpIPJvkKnudrru9M6IHyIC3HfjW6QRaSuJ5JseRVbFMeEd-9HHfxf-VZEI9x_POptpDrh3XN-5I-sc65jKI4aO4tDbwlOyrwoj1IcsYCktoln6qaYtcoC2ED9A79MTMcoBwYUe2S8dSSZwSSJB-9k0SYTHV8mW83W20QMcgJURSh7BTnLlk8sVzR_KN2jgsBs2UrvVGx-uU1PlPWMc3Z_o1pNoG2GQg9_-yI9OoJKFXTiJqHyz5aj_4OcoN_cHyymT2OUe-7yqC-R0R7d_fTh4wiRE_NDlHBBiyHZD7I1Kxtx6XcNLgAM3tIxTf6JwRfVksvZmwmS6wwKeO7wVN5LaIr0Tu2up3YT5N67OBS-A7JRB1CtZi6t70B52XWylJdTUa_mDtb-vjkVpAeGe7pNEvWLzldU1vMKFmcJW5Y0oZD-VNnQVWx4RCSURHyoz-B067JyQHcmm6-zNugDm-qbMokyKLdlf3s3LEBbALUj9n6PrpIonXzbd797h7clN8oNyn8ww-xJ0TFBc2QbLC973JTAEM8FbORdYujMtB5lzl69U5M-mSWb7d20k1t6ndrP08u95RZZU3Fma8PoLwH0jKek2bIU4RwxqK7EmzftPZqFMYy9Mgq-N2O9Lcd5k_qHxYYVGooWiV_L2LPknUAYQij2OWslOtt-9ucxV4ISUvl81NraujlDSIOW-Y_2Fx2TaCkLGiAO6FuqGTWGDv9tNLpuq7w4QRK2gb0DEQeXRPyBr_IL3UTRI2cy0DBe8Cwoy7W8TsG2vCAwzqgDjcTddE-8J-YT56DQsFypofOxEKZgCjWes3DQPVzus2HdBSLzZa7Nh8OoH9qznr_1A2HpMrT5nqVEzgZFtJFn-wCOVVg1021yoITcpQFsR3UOt-E3CMzVTzeiLs75K_WmS6hxgz_FEdeNt6e-yChgx0uhApfCBzNyh1chxba1C6OMNjZskGurbDMXp6OgWgmQUWGBFZkaZHP9HOdCZyMyCtCs9NX7x9IFpic7eLyGlmtfohzJGa7h7iqb6jvX8diW5-LrqfTCd8KM7ZKTwTyc-u9sZpzK86v5jeVgyf86pOEQqCdeZQDfkyWoUkzEti-CndlDxFl8cX_5NqR--WvSa5603Z6jQNiD-z3ojX0z_bK7lB2VAiE-bu_urhgNNljNUD75jdWj11vkFalRJ-_sVS2KevOD8MMwBmqSQ2mjR3es3swfdu2l3q_tJHWcThYVl4TluPE2RpUmcnF6bDyTNz4hZOoA222m4D3KU2VpTJDXN_SXMFEueD7DsahvDziu51otczrgdGTWc7FZUr2QH2UuBZBzXaNhv1zDZdYYrIZhycOD1v5SQCt216D6loKuL3TrgL_4TP6yUYBJ4QYHwdQrC4A3WMfUVCRUZC45gxdSVBYGG3yXULwxI-tz4Dtav1oh-KqZw4CeJmqM97v2YFOqnMQejqkY7zTFhBjnal1q7Uw9pHx3e4yA5U17RckvLx_ZVLDSFDi6FLOTHie1GZxhoFchOq8lplHxKZBSZ0Zb_pEb-RzFz2xr3oIWqRKkMPZRX67-pP9dYkyB8ZwbrsrcdvKVAJggVNM7_ae-KKUJ-r5jTOJq76zXHQ8nsauV_Vv9mgN6tUs0_kfMPlgOQQx_9VVBJ5t4w2PCOC27_VJ-To1Mu4HIJPlCKSdMZYuTqZyhn8hBu6hazNn_75eKoxhSLf2SrD2MkeDL602urMMgapHaRiR7fI5ROBilcRWB1-ubf-Y48nvuE2aw7WGfL6Berl50gfA8kSYp6MSDY0FxAez7wSAPffK_MHnWjBqdjtMla5WVsRS3O0nI1DPWVrUadkCst1xN7-Kqm7xIId7Ypjx_KYkALa9CHqTGXfInuOAb-jYJ-l-XbmKj4bdQT0wmhIjEovU2c5NsoYJQzRf5SK9x3xryg1iUwaaEVnGqXEC2m1Ccd-_xe4PNsx6m59aGhNsfsXm9R9fXK13r4CmbP8zKJsRw0yZ5M32QhFw9BXJ5lNzcbDgi4QchNWk1zGj1MTKHiDj31yTr0c3bQ4ZzCzjy8iyzoxqbs5oyLnYc2tplyFaOyPxtsNHkCTpukalmix5Sr-2wrWD5Xfnr5mLSONcO0fNVIVHhbub_oP05kPRslmrvk5_1FpbukhtDndvgoM_StJklDBytqlM__ejlzfPiEQFiN4voaTYmG6zCUSELnq4-h4W5pHC6DfzDui3ra23Fis6YPZ479zL_ikuIhTw9WYPSepwdpPOtcUgfPdF1Pe2RO0KYUJmr-Fr1tTMgyF82wp2kBv_N91Gz8N9vHee0FEAEHtMv5065I4Y_oPV1EYkcv61v2aEuG9lB3RTT56vrExQnui2i27JoPMVL10jML1F2Hyo9WbHQESnXhu8QcfkEr1TdO1RaOn7pcLQFJS57PHOI71sUvjXVmvACAOAkUufbgy2-IAxKKGCf5VTgqcF9P6hWQE5pivo6r8N0FcHo-m1FqvH37YX97fnVcbQ23SNh-BFN3VYmQd6Vpt809tLHBYv2UYxiQtXmQSodQiYyQ9bfutnMWJdSVeIwLpCIJn3LLWuUl-OSglp3QMx8xYOw4XyemCKi03cR65xaEBRwdCOCaXFuj0q-U0MOwLjDOevujC0c7DaiCzxLxdhWT_5D6VQOl7wrHoTYzMu3ds65rpM361NKmQARRb0AaNfULAtz0PL0QQzq-qMH0ETPFHvGaUG7yvuB4KV5kKv1qHgOin2X-g3rGKESKEOF4RrkdtBiwRm4X0zliyPRsjp-IZodDtHaFvxnbvxARXyVVR3_Q2nz-C0JKZUFXZvncyx9-U9ZtheghHfoJDEZ41awFbbyMadCa4PnvxVfXVDjF1NXY7q_F2D04vCl26dBGb1nYGwsBWS9SPIaWkqDgXv3Q2lCiVW7OBfsfilxrrJggG5H5d_90pdieXnUZqNhqmwtej8yA9NDhB5FfJv4-D1LyaDTBpLW_pbO5sF7Yw-D0UlEi_JchHKFkRB7rAUcF50V7bqx91D_xL79k6LQBSlTbfDgPlcFcoodfUalESritXXovbCIeNtMzyzXVmknto-fM823Xf5HxTulx2Hgvx-YVrENNodl3Ph-I0SMVtkJbfBShXXWKT1rI6Mi1rnoLZmJQlAu7ZeJbCnoHAZF3QqyIXntj1Ukf8g1i6oM9hUZDa_d4XNs2x-ju9UpmGSnvim3UdhxGjI1JmxrkUe0iewFxzKx62mizMhiyfn1cI8eeHr7eZwiK7s8Q1pKORP-AaXRfiJdIjQ8tnw_RCUQe1NsUCfHkRshGwY9izTLd_BSXwOjE617Kx_umQHm0T-WnSOsy_aFyfmz_Dz3DbVAuXRbgTC4jXo-V6iMLw9MnEcOx8-QfG6T2FDCPlly9zwpe1Ke17xTZx3826H577GjFlikv4JMmvmFDei4&cid=CAQSOwBpAlJWYnBSlXD2uP9YN1_1eRBfj3C18Y_GVdXDXRJmpvpcJDCC7nlFEqlo4dy43DuTr7JpOxzYlhsdGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=16678129865112860000&adk=1033480531&idt=149&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

787da484df6c5c5c906b32641d85a5853da7935788e54a878d2ecbb50fd5ac4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36539
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 41DC 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2068 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:46:59 GMT
expires: Fri, 12 Jul 2024 13:46:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 4ACA 0
239 B 167ms
42ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=1&us_privacy=1---
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4ACA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

43 B
568 B

121ms
120ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 08:13:30 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X8Q1FXW2DHBQDBFK80RY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 08:13:29 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6MYTJK5W09A4496RY1D9
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4ACA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

170 B
409 B

155ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 4ACA 70 B
264 B 58ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4ACA
Redirect Chain

https://s.company-target.com/s/rp?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=f3ba117f-5e85-4978-8a52-2b39c79b6071

0
239 B

42ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=f3ba117f-5e85-4978-8a52-2b39c79b6071
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.rubiconproject.com
location: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=f3ba117f-5e85-4978-8a52-2b39c79b6071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4ACA
Redirect Chain

https://b1sync.zemanta.com/usersync/rubicon/?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---

0
239 B

42ms
42ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Fri, 14 Jul 2023 08:13:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 140
Content-Type: text/html; charset=utf-8

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 4ACA
Redirect Chain

https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=1&us_privacy=1---
https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=qeGMCQ0X1QkdVD5&expires=30&gdpr=1&us_privacy=1---

0
239 B

41ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=qeGMCQ0X1QkdVD5&expires=30&gdpr=1&us_privacy=1---
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 08:13:29 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0d2a77f9c6d8820ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=qeGMCQ0X1QkdVD5&expires=30&gdpr=1&us_privacy=1---
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 rubicon
tr.blismedia.com/v1/api/sync/ Frame 4ACA 0
91 B 143ms
48ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
711 B 40ms
40ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.enca.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 14 Jul 2023 08:13:29 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 6399
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1689322410.585770,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 4538

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 41DC 34 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:53:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13672
x-xss-protection: 0
server: cafe
etag: 2805512053162071780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:53:50 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 41DC 24 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 19:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 07 Jul 2024 19:05:29 GMT

GET
H2 200 web_video.js Show response
www.gstatic.com/admanager/outstream/ Frame 41DC 329 KB
114 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/admanager/outstream/web_video.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

facf5f0be178fcf46bc483644fe84256e4f0f5c7da5829904a5f53a65cde4469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/drx-mobile-serving
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115876
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 15 Mar 2023 13:49:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="drx-mobile-serving"
vary: Accept-Encoding
report-to: {"group":"drx-mobile-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/drx-mobile-serving"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 41DC 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 41DC 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame 41DC 20 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 41DC 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRsFIIhb3XEQrE3oLVx0bTMOxkcwPNspqTWhp20hNJPGhhoECTCwPT6g93hqq9mCPyuM5Kx
Requested by: Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame 2756 30 KB
11 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AzIoMe9PoUHMYj7wqTpvcucKyQObNijj4CctXIje-8NHR9BUFz-WeM9Ge81x4UKDYkIQXIVQrrDJWoG_c1luOvolBpVg&cry=1&dbm_d=AKAmf-CN8hrkwx48W-pbR4lAJ56QXj5WjVaoru3Tw71IHPKe9V-ognF1o1ii7dNhwKiaB98jsZMFPdOhSWaDolfcNLv_cSS4mIqE4woYl0NyA8mkfhtd9LmMI5zyPxj7B4KWiFlTmVPi8yML0QMrjbEpIPJvkKnudrru9M6IHyIC3HfjW6QRaSuJ5JseRVbFMeEd-9HHfxf-VZEI9x_POptpDrh3XN-5I-sc65jKI4aO4tDbwlOyrwoj1IcsYCktoln6qaYtcoC2ED9A79MTMcoBwYUe2S8dSSZwSSJB-9k0SYTHV8mW83W20QMcgJURSh7BTnLlk8sVzR_KN2jgsBs2UrvVGx-uU1PlPWMc3Z_o1pNoG2GQg9_-yI9OoJKFXTiJqHyz5aj_4OcoN_cHyymT2OUe-7yqC-R0R7d_fTh4wiRE_NDlHBBiyHZD7I1Kxtx6XcNLgAM3tIxTf6JwRfVksvZmwmS6wwKeO7wVN5LaIr0Tu2up3YT5N67OBS-A7JRB1CtZi6t70B52XWylJdTUa_mDtb-vjkVpAeGe7pNEvWLzldU1vMKFmcJW5Y0oZD-VNnQVWx4RCSURHyoz-B067JyQHcmm6-zNugDm-qbMokyKLdlf3s3LEBbALUj9n6PrpIonXzbd797h7clN8oNyn8ww-xJ0TFBc2QbLC973JTAEM8FbORdYujMtB5lzl69U5M-mSWb7d20k1t6ndrP08u95RZZU3Fma8PoLwH0jKek2bIU4RwxqK7EmzftPZqFMYy9Mgq-N2O9Lcd5k_qHxYYVGooWiV_L2LPknUAYQij2OWslOtt-9ucxV4ISUvl81NraujlDSIOW-Y_2Fx2TaCkLGiAO6FuqGTWGDv9tNLpuq7w4QRK2gb0DEQeXRPyBr_IL3UTRI2cy0DBe8Cwoy7W8TsG2vCAwzqgDjcTddE-8J-YT56DQsFypofOxEKZgCjWes3DQPVzus2HdBSLzZa7Nh8OoH9qznr_1A2HpMrT5nqVEzgZFtJFn-wCOVVg1021yoITcpQFsR3UOt-E3CMzVTzeiLs75K_WmS6hxgz_FEdeNt6e-yChgx0uhApfCBzNyh1chxba1C6OMNjZskGurbDMXp6OgWgmQUWGBFZkaZHP9HOdCZyMyCtCs9NX7x9IFpic7eLyGlmtfohzJGa7h7iqb6jvX8diW5-LrqfTCd8KM7ZKTwTyc-u9sZpzK86v5jeVgyf86pOEQqCdeZQDfkyWoUkzEti-CndlDxFl8cX_5NqR--WvSa5603Z6jQNiD-z3ojX0z_bK7lB2VAiE-bu_urhgNNljNUD75jdWj11vkFalRJ-_sVS2KevOD8MMwBmqSQ2mjR3es3swfdu2l3q_tJHWcThYVl4TluPE2RpUmcnF6bDyTNz4hZOoA222m4D3KU2VpTJDXN_SXMFEueD7DsahvDziu51otczrgdGTWc7FZUr2QH2UuBZBzXaNhv1zDZdYYrIZhycOD1v5SQCt216D6loKuL3TrgL_4TP6yUYBJ4QYHwdQrC4A3WMfUVCRUZC45gxdSVBYGG3yXULwxI-tz4Dtav1oh-KqZw4CeJmqM97v2YFOqnMQejqkY7zTFhBjnal1q7Uw9pHx3e4yA5U17RckvLx_ZVLDSFDi6FLOTHie1GZxhoFchOq8lplHxKZBSZ0Zb_pEb-RzFz2xr3oIWqRKkMPZRX67-pP9dYkyB8ZwbrsrcdvKVAJggVNM7_ae-KKUJ-r5jTOJq76zXHQ8nsauV_Vv9mgN6tUs0_kfMPlgOQQx_9VVBJ5t4w2PCOC27_VJ-To1Mu4HIJPlCKSdMZYuTqZyhn8hBu6hazNn_75eKoxhSLf2SrD2MkeDL602urMMgapHaRiR7fI5ROBilcRWB1-ubf-Y48nvuE2aw7WGfL6Berl50gfA8kSYp6MSDY0FxAez7wSAPffK_MHnWjBqdjtMla5WVsRS3O0nI1DPWVrUadkCst1xN7-Kqm7xIId7Ypjx_KYkALa9CHqTGXfInuOAb-jYJ-l-XbmKj4bdQT0wmhIjEovU2c5NsoYJQzRf5SK9x3xryg1iUwaaEVnGqXEC2m1Ccd-_xe4PNsx6m59aGhNsfsXm9R9fXK13r4CmbP8zKJsRw0yZ5M32QhFw9BXJ5lNzcbDgi4QchNWk1zGj1MTKHiDj31yTr0c3bQ4ZzCzjy8iyzoxqbs5oyLnYc2tplyFaOyPxtsNHkCTpukalmix5Sr-2wrWD5Xfnr5mLSONcO0fNVIVHhbub_oP05kPRslmrvk5_1FpbukhtDndvgoM_StJklDBytqlM__ejlzfPiEQFiN4voaTYmG6zCUSELnq4-h4W5pHC6DfzDui3ra23Fis6YPZ479zL_ikuIhTw9WYPSepwdpPOtcUgfPdF1Pe2RO0KYUJmr-Fr1tTMgyF82wp2kBv_N91Gz8N9vHee0FEAEHtMv5065I4Y_oPV1EYkcv61v2aEuG9lB3RTT56vrExQnui2i27JoPMVL10jML1F2Hyo9WbHQESnXhu8QcfkEr1TdO1RaOn7pcLQFJS57PHOI71sUvjXVmvACAOAkUufbgy2-IAxKKGCf5VTgqcF9P6hWQE5pivo6r8N0FcHo-m1FqvH37YX97fnVcbQ23SNh-BFN3VYmQd6Vpt809tLHBYv2UYxiQtXmQSodQiYyQ9bfutnMWJdSVeIwLpCIJn3LLWuUl-OSglp3QMx8xYOw4XyemCKi03cR65xaEBRwdCOCaXFuj0q-U0MOwLjDOevujC0c7DaiCzxLxdhWT_5D6VQOl7wrHoTYzMu3ds65rpM361NKmQARRb0AaNfULAtz0PL0QQzq-qMH0ETPFHvGaUG7yvuB4KV5kKv1qHgOin2X-g3rGKESKEOF4RrkdtBiwRm4X0zliyPRsjp-IZodDtHaFvxnbvxARXyVVR3_Q2nz-C0JKZUFXZvncyx9-U9ZtheghHfoJDEZ41awFbbyMadCa4PnvxVfXVDjF1NXY7q_F2D04vCl26dBGb1nYGwsBWS9SPIaWkqDgXv3Q2lCiVW7OBfsfilxrrJggG5H5d_90pdieXnUZqNhqmwtej8yA9NDhB5FfJv4-D1LyaDTBpLW_pbO5sF7Yw-D0UlEi_JchHKFkRB7rAUcF50V7bqx91D_xL79k6LQBSlTbfDgPlcFcoodfUalESritXXovbCIeNtMzyzXVmknto-fM823Xf5HxTulx2Hgvx-YVrENNodl3Ph-I0SMVtkJbfBShXXWKT1rI6Mi1rnoLZmJQlAu7ZeJbCnoHAZF3QqyIXntj1Ukf8g1i6oM9hUZDa_d4XNs2x-ju9UpmGSnvim3UdhxGjI1JmxrkUe0iewFxzKx62mizMhiyfn1cI8eeHr7eZwiK7s8Q1pKORP-AaXRfiJdIjQ8tnw_RCUQe1NsUCfHkRshGwY9izTLd_BSXwOjE617Kx_umQHm0T-WnSOsy_aFyfmz_Dz3DbVAuXRbgTC4jXo-V6iMLw9MnEcOx8-QfG6T2FDCPlly9zwpe1Ke17xTZx3826H577GjFlikv4JMmvmFDei4&cid=CAQSOwBpAlJWYnBSlXD2uP9YN1_1eRBfj3C18Y_GVdXDXRJmpvpcJDCC7nlFEqlo4dy43DuTr7JpOxzYlhsdGAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=16678129865112860000&adk=1033480531&idt=149&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:06:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame 2756 11 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:58:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2756 0
0 85ms
85ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3bI-7mZwQEPfkyItcYFJ92v86njWCVk5-4z_jTCyoo37xJ-hpLvOQFBnBwhwHTF0LvWTjJLBUjgM857FmMgu320HBqcnzWS2OohefZt5PzJHsNcRucyHvDP33d26d3xLs5k-FayEOLTmVXY3w2JM9IkPAgLdGDMwkpniWXFQfmQSRCa-RshC30WccErHJ4CzK5xQi1FlX4Dbxdu1csMit5N3VGjywGQIJRSAVE65JTr3HMBdrzHvLRDk78x2Pnl191yWQnOeiG3TpRD817YVTHCiBtqRGZhRMs9HRmtWsaOq8K0tGOj8dOaNOTZmhtaw-woSFe-ZwPTH3Qo8WqXvd6M8S7HhTlDgnbMjkZfBMvydAF2lwvf0U_YAedSKiuJJoucEQ3LzZz8TRi4df4F4HYVEvrRQ52TEfP5JMuxb6dwRtM2ZKwsSjm_KJXGgYVSwO72LMSd-WuXAFOcb0CYB6nFcHXsexScXiyeZqJthv-eZiDRGqyzmzEgZ7ZomT1nIzXNtXL6UmqQ6zLTAcg2PuVwQqiRu9jH4qC6_5mf7ek3NJb2dVf9HvKTq3j8pLU4wdcLWg_V6BTXVfmpQTCQL591VzGqjEaJgyr67Vpe5g7oQsC3jU3RtI1yMkv09FLhecepgseoH8E_4O4-AO_IgrCiejYo_dgDX8k9K5iHuQUQDTml1D_MNw-zlWdsx7kGk18VNC4Q1PSxRLyoSXy3AMF9yvnolDNYSZbs-NyamiPnfNSv6EuhmXA06H0S1_jFUixjvdAaQdcPt7N02lSPNZG2sGbOqYxHKoLYJOrikoHG1eql6HVLwIpC6y8SXAgjJL7Md7K6aKfbfh8h6tKdBleKdZ9Z-zWnUnXB6wIUJoTbIVfFII4NniCQfhhiSaQ7ikBzxiodo7XJ0UQXqADNO9NSrltSEQLf1EfTgBOjlWbfkcLHYDl57QmAdEY8yePtwSDMg_BOZZdmAvcebGtJ3jToWhWOJH3FFpSmZ-eZNZR4xm9NxLrusAXwJs4bWMvZxbKNA8jn52wM3MH9cdFZyC9Rg_ZSLuq8WxHtJ8Mh2j51vjwdBHgx_A19Ihgv3-cghoWrLXQzssaIDM-ZbDqOITlaBG_LkQWTmVZSi52nWWCX8c4D3x3L56dlDmZic8CnAdllTVhojdFIpZdT17BJuImZK39n94d_b7l51OP8tjq7hIMTlFmSk-vKlfIan2Zet88N_Y9BNJA90vhVPV-C9Jvw9T795n0FzulJs&sai=AMfl-YQyJAi3P5soZqKWBN3bnBoZ8wt-rQXNxGxPvN0SXf0kMOk4dO5dM7lYMAIzmFRrP04NREdzNcSOuu1nGf22rXHI72lKGYZq4XLNPWznaCcJI899_o1AriCcV_LQhfH91CFYlHY1_LbxKEMsmZ4BgLOc665KjDxYxYwFrueexxOpqBYrJxzvwJ3JYJXr4xKtTuor8ZxfgRNgig00mnjmahChkYQC1edoeiWTnrQ_36DWtX6LN0BKB1Slfx7Ozq1GGuPy&sig=Cg0ArKJSzFa6lkRBM_qrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230711.23737&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2756 41 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:46:58 GMT

GET
H2 200 14573283701871385639
s0.2mdn.net/simgad/ Frame 2756 82 KB
82 KB 128ms
127ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14573283701871385639

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85fa130ad83ab39b398f6f0442d39e903824a6455fca225b445cc1d1365815a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 02:44:20 GMT
x-content-type-options: nosniff
age: 451749
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83929
x-xss-protection: 0
last-modified: Sat, 29 Aug 2020 00:11:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 08 Jul 2024 02:44:20 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2068 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 18:08:18 GMT

GET
DATA 200
OK truncated
/ Frame 2756 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c24907e6474e2ca71798ee12efc54e88da87a8747bdba3ff0efb3261ef00fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9DCD 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:46:59 GMT
expires: Fri, 12 Jul 2024 13:46:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DCD 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 18:08:18 GMT

GET
H3 200 container.html Show response
7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3AE 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:28 GMT
expires: Sat, 13 Jul 2024 08:13:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E387 0
0 77ms
76ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstMNQjn8sIkpXQURpU6V5-tAOxMR6aI_cz__diwrAPhDIHJbpxWUTye9nHjTEdTOHyxP1sN9yNm39VYcmEpDnxoMu07g16ndrsJuhynpcjbCoHV74EQfSuY5ALBi-pAaOCqLaIu58XypLayHRtohtjfQE2IRTM1AxU9N5INAavqbN3XklZdRMGjS8GXKsykh1s__wFZEkZmjcgkOehNWPt9AriVAe9Q5p6j7QFkV12rTnuiEnVTpDcS4YjUiQz55VluM4Zl3l-dYcLeQdxHFmeOIti1OCITjzq6aK4f7jvYWjOjo5hYjUdDJmK8QN1jAupTyBKuPE2Hp606fVyNVKmDoeU_1NUaDKiw3MTnnbNAVDDtvh_T8Zx3ZeD4N3Abtlm0IxfYoe5_Xjc9GUBPfe1tg7xc7eV85UH7WouNi51uqivTJzi7GXiKRps2s_fEZqeqSniCm30beQGG3zanQbIuF-vdjzpmFcIgkPm8hmOr0yYr2JLwAGKIM_RodYj6P8zvOj4LuV6bt1fbr57OTvebx8W2_YX5yM4XmMkAmW3AyLrYdiBPiO_49tZlDfPX5yZa3pzX19MW6CbX86nTff1FrMFE4Lqo_p9i_BEazTnzR6u266fA4Iv4RCosAvaJrG8frPYb7PfHmJD8bY36346Mp2DHmwiypdo6lGD_PqlJuXQ7pCDCio4fxfJUFwLcEC4mm1tOokj31ksF88LyrkX6rLguyHL8AMkw4C0-3Rg_pqTyof764CiZeWGOsbQEGMAIIleW5qTwvP66hGDFPIR0gMV7XQ5h2qpsy7j0livSKjB7dkNOKliRkBtq58oylXEcmO5lyHIQL9EZt-aeFsPlgG1h-1WMXwYHlMYls0jqH1HyB3TrmLA8bV5gWt3RMkawtDGjjucMvrLsSVMdyqADmjspxO_ybxUWAbqGDKMYRaNR8ovHLabOGGoWpGnb5V4dMmLZO_apsp93lDxHWyOPLgU0Mh4yr2DvlxgFFu-bKGymeZzO-7Bhr6e8CH10wgp2FKZva82gKYERnX1szJke66k88kmNF1NMN88KMhYfbcFcVQBmtCuoMJgnDN61AuRbnWgToArP7ZWxEj5BlM1jx2FZ3ODdyGMKmuXlgXzJL0NbMv8gzCsLitfaI3qlI8zivzYSTTGPjVsMhCGLqG4aWGFCB8SFCEtw5UD1R1JN534d4gzES8ruh7cA3JPlbUE81KRGBzi75Sn_SK_Q7uMHPp0JVphnvR9qbRcat1HxIppFEKmLxpgvr6z65bpzxjAKv3LKibTKCaA&sai=AMfl-YSpBxBWRX4EwdhKO3Gh9Rq2oC_R-As81YtD1yQU5vtLwM6qK9YHdTcwOTm8NjBXLeNiDXArdY_vNdYvojPx073-Gr9XgTogRnDFOiRiTjh5QTwFgAxuYfHVAGiG5BJduR5uh3MhS4hSXIqCVDGhUUvXQ5iIX96n5ANcYIeO1qaHn-uuEyhjBL02rVvondo107VUkbVqNu6femGXksUtIq-XLi_BZOaUeDWRuXvh_h7zxUFlNk7xkSLP8aF5bs8JkG0_FO0&sig=Cg0ArKJSzDGKRsWnvR4EEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=302&dett=2&cstd=0&cisv=r20230711.07213&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3 200 7224917493908124202
s0.2mdn.net/simgad/ Frame 41DC 81 KB
81 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7224917493908124202

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b05d396b5347ad8a552973eba56bd5b39b886195b3e6c126a71c96d8eafeb42d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:38:58 GMT
x-content-type-options: nosniff
age: 66871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83218
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 11:55:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jul 2024 13:38:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 168F 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 07:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41DC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2436e75044181e273d035a47e095dc36f5716e64842c96741476ef9e5ea7917

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 41DC 0
54 B 288ms
100ms Ping
image/gif 2a00:1450:4003:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lk2ay1pq&c=2038210896378&slotId=1019105448189&qqid=CNLK9LDgjYADFRI84AodBaMGIw&fb=web_video-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=styleframe_video
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 volume_off.png
www.gstatic.com/dfp/native/ Frame 41DC 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/volume_off.png

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 05:47:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 8774
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Jul 2024 05:47:15 GMT

GET
H3 200 pause.png
www.gstatic.com/dfp/native/ Frame 41DC 763 B
786 B 41ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/pause.png

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 05:03:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
age: 184226
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 763
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Jul 2024 05:03:03 GMT

GET
H3 200 replay.png
www.gstatic.com/dfp/native/ Frame 41DC 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/dfp/native/replay.png

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 12:31:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
age: 157325
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2305
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 11 Jul 2024 12:31:24 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 41DC 0
234 B 280ms
99ms Ping
image/gif 2a00:1450:4003:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lk2ay1r0&c=2038210896378&slotId=1019105448189&qqid=CNLK9LDgjYADFRI84AodBaMGIw&fb=web_video-lima&ulv=1&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 41DC 28 KB
16 KB 219ms
97ms XHR
text/xml 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AvlaLasJq5WlgtxClWI_zIYBDM6Tn-GxtijWYoGNjOwPWa7bEMKfHP8QIRAcApy9Hrk8rcVVfE6ZwiNBazV4G7XGe9Lw&dbm_d=AKAmf-BTploQuu_HskTQutE7j7TddlP8VyQACtv_Kt9vIsa35dlBIz9shOHo4kBV3jomiWgIniuVz7KXL_GxhGcXGGlv8hbKP-nZQclm_mcvBQKUUP4BSSonb24dIgWdn-dSXjM9orxLqgblS7CpYJHPKlAjMPXVrBqfgq6Eo9uCsSjjmUnNgdmdbT1qC-Sf1I-oQx7tSiK6xxzpINmgrlERuNNhOC8MR-Ef4-fWXNdZtkdS5y9TF1-djsR_T4gjZfIFTD1YvhmPWNNzVBgKV0Q06u9Tl4hEjLv1J8w2V9NFRbJfbCQ7xMtw-gCWD4IHUy9vHYjUdcHQWLFNX4A7Ivqhd3CqkPskSrN-juTLj1fTOvOs-BjztxLqbkmEg_h2CzA3unbY29U8VWNfojUZyI0p6y4uqZjG516RAInRtaeGVt8K_ujyc8vuLSOMUaU70VKS32DUB_z3cA0lb4JRSidvjV70iMq26qlSyEcSigEF9Wo9O31gE3SQZhJwXRTj6yo7M9HbdWPz21kbWzrk3-wM4Mf1o58AsjA7HVmsArWeAjvyIa0jrTtVMPDIZwZ8Q8rKjFCzRNwLBSJDeasBrIlC4_JWdx_6HkdUL60guDXNe1k20yw6JM2bNqbyzatqhI_AP8jOGBGUrt3p4u5P3X1nEwp2_XajQVBaX_jPKKDs0OyiQszueYhDiIKiGdyMSAzYd3N78m2mjnVCRwLCCEt1C2ZEIrbG_mgatDVrqZ09raR4B8vehqiuElZ7qmPh_F3Lqox9X6oXJzYdJgHHxJB8Znv1ady1ZVJ3JST5KomefzQ9GSsm0oYbCbzQ6preKEGBAzzdZKuYsK-Ry2s6YUAQ_rkYW0Hspe_MKyS7kB3XiJzqA6Um6FTX1OhdXDqbDqTf63U3R3SfpkMs6O-4L8UDkOCP39UK9HstLQnqfpwTCgqMFjp25B3xWMhm7wOw7NY7xNAamuYSI7BfymdDS-93aoFKP5pui_jUkt87GR_ciSHF7ofHWD8PH17yIfug6AiW-z77tY_eLshet23Mlzzi46SUuo8_IPlyfuaub2MGQaIiW4_OVfpe1ZCLFZm4P02yaOcHbS_OU737Mm3O7b3Qtj8dWyqUKKky-rnckOoBnOHtHfPdyBlq2K2BVUKd2SWactmhvdovhiIn0zFlLPjzF2GT02PRloUhUbIENtGYjFzoa_YRIOCkKkfB3Mqndl2VxuEHym4y_OmOD1N2HJt7VA1HvSDSuYPYDnOFxi1eAWYpA-Li74adjODOuo6-eyKJ781fRfJUHoAcO1KPW3m23i8CXI_GcXBxZTKjRzNw4u3azk3zgYY__hLl3eVxwxzEM5o2hFB3uTpLEGPR1GnskybGwqzVd-fLkR_mjVscuz8Fk3dI_oo-URTQv3Oq3Twf_MJh7KHgtg6VqkJdmmQM5-dsqQ-9WyyDxgVNGSYsW9E3AoTpcMqZeUSKMA2Pz7R-qzm8vTayDRf7mRqrVk-0teQ-Wr-ckJM0h93q2L8pcM22BEwXUCbDZ7Abb4JKQvYK0FkeBCVbgbIwijb8ECg4-LaFw_vJa0LR7s0DaayR2NpEeEZIXhNtvYEtHX85cZZ_bnvWX7EVemCPXHwmj5HAYtJt2KzzjiNvFl6PDaZ-JaXqm-TO1kjUcE_Hc2eAErRxTbWv9SR1WhgZEaRPZi5hC0jmVc8FWo1mwSSMgc3P9Sp6a_xhlWqHp299qSguqZy06E3tqPUD39j55dZRJdKexAJBW8McacMbt9DYvQyJU5MOio9zToIZbFLCpLr1kqhKSmip5z7LmTP0fJKXjUQv5XX0dCDn9OQs2JlGkiFmLX5IL58-5K8RRKE-_bDeZRGZZ-fqQHupeJm-wmHJb2iu9ESICI_VDhKvHdgcD8ijdpIEjWgWw5MA1Gqm9wtw2pXVcm5fF6FZu6EN7sePFJI68hU1zWbphx2vlwmBHS_LwOoSX6tSHHhrm-5_9G4MhlTtfizKG0n6pmcDAcwuq_H95IQStCrvKEwm-aVVJn0OIQNMBc-X1SUJ_hRjWIroo7O84c_6dAKOVojVq5By1mI9GwCcY1pdxD5ji2NfykNrHKMbaknZhKIR7WDyKdYiARTCiix3vTBOX_tZiIws4etcPatJNBI9O_0XJnJVe4Z4SLhemjKpLwPrhg_I7DxRCF43_z3NtK14Nr2e6ADai1KKgAbz3YtRzgprxSg14h16Tvp3nbZZ2giBm54y8hFSwuW7BkhvWgGmavwCil2lh9lJdF8czKAuf5kEOjSzU5d4I3_LWWWI89dfX13-PiTdaxH29bZ8qwXLNCv9zchwwZqbEccLiEVC2bK6VS9GcixLOWvfF4km8HX3f2Y8CAcq7HzLHMImztMEo9R7EYV0kdhq7Z0XKiYSk0ngEqhEmEoJIAbMYXeUZnN8vEeCi46vW4Jyu2g-7uSCyRkPncbm9QC1nCNyb4dkrabDLKeHzKDMNl7ZopXmVfDx18kXov_HOY4_-fzw295hKjfYD6uYKmBb2BwjYQ8Hoy6sntm3r9AvEWzfVKXNqmEEkd5532wiCp3gQSgt-_H9Hh6dSqX4J49FRqXZK8XDKATgMtx6qzb97rHzaSBUFHXJG4own0vPCa58e_bEzCyj_cgrguuOv1F0owXqhQx0bslLKxCZAVG54UbgBK34SAWiMjaWdqfKP-JHGG9oLIkTvT5OPX_gMUk-fPafr011laYGyAb1LaGPbqRArQwjaaACa1XM9T0yQbkdMaF1p3kYDSzZmaTxLqzh7wfBvdInALkmHDzX8fTC6_2_3fjQcaWE0ooViAzENeREoRdjFWHcdoaJoIlYkPJDkVHRtLqQJ_yQuCnvwqvokxMY5aZRKz8_qU0D4JNS-fz-vcRZYQYeeEQW2j6JxImme6nvuUbYlS6zEJDZDpRA0BTdMiqitmHrbl2YnttxSM2-SxJO2wTOJkXvFBsRZY1s0ivWkPrhiTNlTs2TEYbZtuLas2Rp2ebM-WySIgcxA76tg39AOtal8h0pkkrBt6FlBRbBJJUlI4Khk3Y8zdK8fMPtSsKoO53jxn87A5xGYY6NEUihxkrCJpqNtgRsTRAfVxMrOM9yh12hDRhwgCa6AmgP58IazJ0MHhBbIFI_uQWL444xSzRy7mUzvX9bcZlUN4qGH-DMI_qDXGEofHslmFgJr3i6efQbo9-9bx5hSPLf9oDWZgKMrKx3M2ebc1V4smD8-Ks7eCcavgYILVyuJf-0mar9rrSNQ-xPwmpA5tlrzegVY4CTcaYTlE0qVXlRdRAGOm8l30LiDbZgk4xU6jdp00w3-aRq9mTIdxlobyIQYuUls1Iy&cid=CAQSPABpAlJWVHkxWX6eIju-ouqC4tbjxXZa7kf5quyrdzj1j23FvZUlkaBrlQum3pmDEMVRrcPxMNA6P9xkUhgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

cafe /

Resource Hash

d7afbe70223d30bc314b525ac2ba273d4c0accb7359521f1ca470922ac20fe44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15773
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2756 0
0 77ms
76ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu3bI-7mZwQEPfkyItcYFJ92v86njWCVk5-4z_jTCyoo37xJ-hpLvOQFBnBwhwHTF0LvWTjJLBUjgM857FmMgu320HBqcnzWS2OohefZt5PzJHsNcRucyHvDP33d26d3xLs5k-FayEOLTmVXY3w2JM9IkPAgLdGDMwkpniWXFQfmQSRCa-RshC30WccErHJ4CzK5xQi1FlX4Dbxdu1csMit5N3VGjywGQIJRSAVE65JTr3HMBdrzHvLRDk78x2Pnl191yWQnOeiG3TpRD817YVTHCiBtqRGZhRMs9HRmtWsaOq8K0tGOj8dOaNOTZmhtaw-woSFe-ZwPTH3Qo8WqXvd6M8S7HhTlDgnbMjkZfBMvydAF2lwvf0U_YAedSKiuJJoucEQ3LzZz8TRi4df4F4HYVEvrRQ52TEfP5JMuxb6dwRtM2ZKwsSjm_KJXGgYVSwO72LMSd-WuXAFOcb0CYB6nFcHXsexScXiyeZqJthv-eZiDRGqyzmzEgZ7ZomT1nIzXNtXL6UmqQ6zLTAcg2PuVwQqiRu9jH4qC6_5mf7ek3NJb2dVf9HvKTq3j8pLU4wdcLWg_V6BTXVfmpQTCQL591VzGqjEaJgyr67Vpe5g7oQsC3jU3RtI1yMkv09FLhecepgseoH8E_4O4-AO_IgrCiejYo_dgDX8k9K5iHuQUQDTml1D_MNw-zlWdsx7kGk18VNC4Q1PSxRLyoSXy3AMF9yvnolDNYSZbs-NyamiPnfNSv6EuhmXA06H0S1_jFUixjvdAaQdcPt7N02lSPNZG2sGbOqYxHKoLYJOrikoHG1eql6HVLwIpC6y8SXAgjJL7Md7K6aKfbfh8h6tKdBleKdZ9Z-zWnUnXB6wIUJoTbIVfFII4NniCQfhhiSaQ7ikBzxiodo7XJ0UQXqADNO9NSrltSEQLf1EfTgBOjlWbfkcLHYDl57QmAdEY8yePtwSDMg_BOZZdmAvcebGtJ3jToWhWOJH3FFpSmZ-eZNZR4xm9NxLrusAXwJs4bWMvZxbKNA8jn52wM3MH9cdFZyC9Rg_ZSLuq8WxHtJ8Mh2j51vjwdBHgx_A19Ihgv3-cghoWrLXQzssaIDM-ZbDqOITlaBG_LkQWTmVZSi52nWWCX8c4D3x3L56dlDmZic8CnAdllTVhojdFIpZdT17BJuImZK39n94d_b7l51OP8tjq7hIMTlFmSk-vKlfIan2Zet88N_Y9BNJA90vhVPV-C9Jvw9T795n0FzulJs&sai=AMfl-YQyJAi3P5soZqKWBN3bnBoZ8wt-rQXNxGxPvN0SXf0kMOk4dO5dM7lYMAIzmFRrP04NREdzNcSOuu1nGf22rXHI72lKGYZq4XLNPWznaCcJI899_o1AriCcV_LQhfH91CFYlHY1_LbxKEMsmZ4BgLOc665KjDxYxYwFrueexxOpqBYrJxzvwJ3JYJXr4xKtTuor8ZxfgRNgig00mnjmahChkYQC1edoeiWTnrQ_36DWtX6LN0BKB1Slfx7Ozq1GGuPy&sig=Cg0ArKJSzFa6lkRBM_qrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&vt=11&dtpt=194&dett=2&cstd=0&cisv=r20230711.23737&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED42 0
16 B 82ms
80ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjAhsHjATAB&v=APEucNWVDPrHQ_KvyGQMbcvlIoNi7fmUEQdhjECy3A6mIWLJtlucAB_L4qKe8cogEI1u6MZHVL_YyicMQ0VxysxIQa76HgXbJQ

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D3AE 85 KB
29 KB 165ms
163ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:29 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3AE 42 B
63 B 74ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPa4PVCDRt_B3X6FkaO8CQIh_sv3Ms-SOstgyw4mo6mL9pX4GihxaSK4PDmzrAASkKco_XD9Cs97vZArpzzuRB-JYwJmcCZIhkPYe0IVzqmiedgrI

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3AE 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13897875304122459788&x=1&ct=76

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D3AE 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 04:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jul 2023 04:56:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/ Frame D3AE 20 KB
8 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230711/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:34:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8314
x-xss-protection: 0
server: cafe
etag: 15120507268597061312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 18:34:37 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D3AE 0
0 49ms
47ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5Y7gha7GT8rME25MD4FCQi2FvB7sraHRHX1utUyL2JcsfXRCxaObez4lYKDVZHI7vDoi0
Requested by: Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3AE 179 KB
56 KB 1196ms
1194ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689162493659380"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:31 GMT

GET
H/1.1 204
No Content desktop Show response
demand-engine.browsiprod.com/single/ 0
155 B 55ms
55ms XHR
text/plain 54.194.96.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://demand-engine.browsiprod.com/single/desktop?if=true&ai=101&f=1&rc=0&ll=false&st=fixed_top&et=b&al=0&di=0&pt=out%20of%20main%20content&s=div.page%20header%20%3E%20div.container%20%3E%20div%23browsi_takeover&sk=enca&pk=emedia&pvid=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2&aid=enca_-1930224856_1053819432&sid=2daacbac-0308-4fc1-906e-1112d9270c1d%26false%26false%26DEFAULT%26de%26desktop-4.17.10%26true&mch=5234&uid=anonymous&pu=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&pl=6215&d=false&sh=1200&lid=fb5a41e9-1a85-40d7-bb2a-4dfd02d82689_A&ts=DEFAULT&cc=de&ir=false&ul=1200&do=Windows&dd=Unknown%20Desktop%7CEmulator&dp=DESKTOP&dt=DESKTOP&db=Chrome&lt=2.3&ac=0
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.96.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-96-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.enca.com
Date: Fri, 14 Jul 2023 08:13:29 GMT
Access-Control-Allow-Credentials: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2068 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBiUaqQOxZIq7GIaRjuwP3Zun2AcAAAAAOAHgBAI&bg=!ISKlInbNAAb90kgr3dI7ADkAdvg8WnCa5Bw29LlKCEjqD440v9dBnfa5xso8cuOPm0wZwi1QeSyIP8SyMrf_88aSv8NMGLfdGKYCAAAAj1IAAAAGaAEHCgBeeu6lVkljAilzaciw8yr0-fSUjKokpEoSqwMA4ULKiKln0cxLw7WY08EycnQ0dk7zmmN1HFq2XZaRd_wQ8TNCXMbEQa8lvLq2KRgPP8VtiobUd8QvY60N4QktKVpiNpkC6lonISXvJSZMs8mnA9XDO5BSZ7aOC5Bi6pesR3vx_icdIjMc6vRKnv5-RMVnPhN1wz35-bo-T2gQ7tUQq2h6T1sfIQbTYq3HlagQ5Z0HaT6qyzCCtgBe_58R2Up4YfGnbRxhSoiHhfdt8z3DeLB2aS_VYOmhvr2hYzI17oGcjvb6Q6IryL25-KlHBOciDgQVNYEKVacn9yW5GeO5AkRCd61XYFMWZYBxtSvyDn41dVjoEKa7YQrCIih_13BKhuYCyIfLPchaCsrtq3WqDQb0m87h_xAEpGP5VPWOsbijxTKNC69Hxnxg-9J7nzzGTl802LgEq3O_IC7ZoS9amhV8zfZdzvkm1ayCpiz8zA2JAxeIBU91TrXDObXoGF0e8e90SHxmyROzhL20kh17R0xlEauMgN-AlIIxkuoQplmS7SyIzxigrb7JQjucK75rJiCd9lmZK3hAe2ZSJDQGY7fXvZGgy_TECdwa0JY-0nBTktjWdqcBLBDEELlZcS8-e4lZ0Xsz1oWl0OOhMFNtsGeMDFn88RyewBIZBvFOnZmr1ijd5kGt805oV4z2eb9xoWMhQ-FdkCOzeBac1VljKgX8QbGte1U93udGGJ1F118baJ7H2mYixNGWJEsqL0NKkMfWTkKyMUY-WaSHNzW1V2_gi5sxlIr_SFo9Au8mpWJ7yMvDfzJysKBOeY3f2MaGX5kI6hx3SI8yrYMAzgYhf5vY8_w_33PFqKK6iud2npC74s4_c3Y3GK0YOgjluGym6QCYOC6COTUQKDVNmnBnYubSxfOXKZg6ONh4PW8AzhXpKIeXqKL9VkPXRWeJn8swU705zg31r5npvnYmS1t-wt9iNWIbSuf84tuLHltxePZKa-zZJyaqJaIDfkJ8i28zSZ8mnaMdW4eA0BS3XpsB_icqoMjHC1aQeK696BXsewTxOh5J_2I77E_VOdUTpHz5zgIpc_KtB-_ig6aZHzyweNWE779jW8AhNYrsNhtc

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 168F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
expires: Fri, 14 Jul 2023 08:13:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 41DC 0
0 79ms
78ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCVW2qQOxZJLSDpL4gAeFxpqYAtST6LxxsKu-gfYR7v-Pzv02EAEgjL-OJ2CVgoCAtAegAaDG8OIByAEGqQJia9Uk_tiyPqgDAaoE4AFP0Ctt8S572wVTNhC0g2B4ABOTk9DovmbIZ-xRirBjIDLQc5toTgzc7nw2Imk2qrO1uRN69JCvozwgLjsGOQ0R_I-op56M5aOJ98-vAdBNK6XzjO7xQaOtEOPDwZS3WpymFjLQg_DGn41gh2ZFDm8JkaAzxeEw5NGVB8ARvdSfOc5-LEiEQf5XFEEuPkmGCkGmSmvbKnilYL1AglAgQcnBcv-fFJJMgvQl4SQwJhs4xCVrVtYOmJ4SLhXY5MbNu2_cFqBjGy7O-PU6BtSHGrZWkDCdPB1HxRhhoVvgcTGZUsAEoreS_rUE4AQDiAXe5LPdS5IFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHyLmPnQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDryyUYusSW7wHSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsBogwIKgYKBMOwsQKwE-f1iRTIE8y4meMD0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTAyOTQ4NTk4ODQ0MjYxMDYY_MsT6BcF&sigh=NCF5O557GQM&uach_m=[UACH]&cid=CAQSPABpAlJWVHkxWX6eIju-ouqC4tbjxXZa7kf5quyrdzj1j23FvZUlkaBrlQum3pmDEMVRrcPxMNA6P9xkUhgB&template_id=509&vt=10&cbvp=2&vis=1
Requested by: Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9DCD 0
20 B 88ms
87ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Blm6lqQOxZNXGIr-d9u8PxJ6-2AcAAAAAOAHgBAI&bg=!d3SldCDNAAb90kgr3dI7ADkAdvg8WgpgWKwYl7lyExpc46tqlfToZZmb5vvMqKnwY9jdwpO40w8AIXj5n1XP8N70p1B9pluG-xkCAAAAX1IAAAAEaAEHCgBhBGrYCtnEXhm9PHC7CPXO0tfsLXONx3P-YMdhy_DEJE9JHZfpo9lOthKl11_oYPv1mNyG4RVMOzqkCsM-ug1Pk4r46HlXs3pai1peL5rWsUD49Pk2JUjOQE0poJl42z_kupkC6fTl3YQu7uQZuPdNKgylF16InDfSL7EQR4VjpS8yRluLtl4I6f9rmpuY3sXkr-kaIkka5B4HMUc8eaut2mtcsddd1B7hLcyqGmmuil1h23WZxlxItU4jNpYTOqonM6S1nbsOe5iM5oRTIYvWbZK1IdBZUUYgPsxkU3EvjoX3RaIj4E7ic-VkOh0ZpaAWD5Lq5VMkcGLAoTRdPKpn9oeOR4lw8B3PMmQ-RPaK3b0Fbeon-oK1JwNH2dfBckuWuCzrC-VfU6SH4acnFbm4-lmNcwehDWzSsWQl0CKnAwmuIZMUEe85DM07MxVaMAuIlWQwvfzPfiXDXsnj5kR5QbVKPp-u4HjP6Eoaw2921uAhzcIhhw3fGrUEBoIsfQA44qyLtXGdp1_A633zfvQs3ZW89LbOopwR7UFb9tcy0HlvIuxgiOxrdk43UQnoSQn72td5h3vokIsDkp-Ju6x8eesJvRfV1PS6B-JvRdNfyYhFMXWm3KrOnWAma6PS66tNfjmDGUeG78FCSzcnag4pESCtzsr9h9QAWCSQV3MKJNNcRea_h1wkaJpb_zp90ev5B76vABMXNz3qpS5Oz0WX-sdgi6lFIG9HBfMHdgJH-yhUN6w99Ux9l4Ark8NxKkItExRzI4H-MWACE2I_9jxfpi3S85pXtnJiwJPGH7TV-naOFC__Iwq8UVrlw2lc6eQm9GSXWgmnLC0UnpeASeihhuLKCeuUHZSrsHwxBYm_zGqOWhkmtYKZRiFUAdjfKtL7l5MBFp90PN1FDfxmxv9WX5aCncrQJIJV9waxgV60P4QJH3vaPhgWGau4qkuEkrWhe6KjW5uVkrKkYrN1t6De7V4j4z1GYa_LI2qRgmBDHhdjYk3jcmasRGwsxOJsDpl9akGdXSL6gVNzSU1pEIBiWJhhsy3R_zFEd2V1ZuhsaO3LHU8BJBnqzTm_YZBsd76v8Q3dL6dKuUbQQ3WQMv4HrV7ZRu7BQ7p5knqGFQU

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3AE 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8647395511234&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3AE 0
20 B 74ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8647395511234&version=m202306200101&ct=76&x=1&cor=13897875304122460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D3AE 76 KB
36 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFfUVNKC2DXnPzP5kLJIqgsPHElfIfF4Y_nrwBCJaknqmrSZd2HNsuFqw-_io0zpjIisqGou7gFJRViXQOHjJ8_bLWjg&cry=1&dbm_d=AKAmf-CDxAe-EczHPaX_xLCnR4j1TR7HNie4YwHJpQS6oQC7IoDUBa4xw3YvlEPPd_ylC8UYkOlbmOsoUzRgFq35GVdpSWuz5oM8pKmmfz2oVi_mKzaujNJbyqAyWSvk9UlYEVRpS-Usw661JW7uDB9GIhUqarWhlJAYN93oO0CywFy81UeK3eIRl2nIj7JOiTvtc9bxt_6VPUXcLnbHRLhWi2HYDh5VMt22Yl_dUZb0y8PtBf_80TdqN46imIK86guZgAg-LKe-XckIToKPlJq0z50HYGTa2rxfbvkZs0T4GAkxvfo-mkhlNgRu9s8xySJ22gXLp4pxobzTLto5BCbz7J0ywgQwf26Rgbk5Nn7mw8qOtXLuzWXaJymWBUa--ERslP3U8veCo1NnEPsfY7Q7XXT1AEFN_0BEdidD1HfRTLWXO_eJElgdfl8XFuAEHqZSoraze1YRrkE60PBg-4BwTkSkFNp1lOinqQ4o7aiHi73HB6ym8gjeVOrCSsSA7bDxMuurMz50vPvg62_fnRmd-VQ73CA8b64ZdfGsjBoauNbzMcMqzfsj37hW5kbbhH1dyLQHJB7mICp7eaewgdIiEnnNVBjXutl-zyUUAQBglawz1cSOygDYBkBnF047U_uqbBSHurRahJ2qgmXtibIksmeCzBlzdLylp7HL-dGo_ztNVPR2i6oiZXxnSvhL5myOsmltyGZvoBj-XxW85Fo5DHprbwqbxTQZft5cpHMcdjRS14vVMp-01pewJIGeihUW44cX4StgxuWMQzVjUBjEmI9tC2ajC4LTTMc4Bt8F902pvEtXuM5vDCNlFa4ykOx9mo-BarPsF_nd7HrUAHzP5JKLmIDA7LJj5B5fi2XsSc_PJHxvObA6IEv3cA8AKtFhJo7KX9d5OQD61ClX0IiDRulQU0Clt8QNDUCWPtDTVCTcER50EDkwMQ5Kz1JRZlu8hOXyBx0jzj4ipAbT1ANcAO2g_3_FNLk9boGCVTXgxnyWVOGfgq_J4VZ63CahVhE-JhmWaUZACZWOwzm0i8Hre4gCj8DOvHTW1XX94BKrozt1m_C7HksCmoeTV_tpa6__R4fcZOzg9lrwu47OKnazuGF9XqpOvqc0_AC1_op-szaCWmk8NFDrwH4rochpkzDAXKz2oYN9ipg93Rv5Vnimytxmc5rNOFzhyqjxc60yeQNh41Id-5vlsSMEzhe67jlTXDQ9cPe35QMhTSBqLYjPgBjhemdgH9LUdWugUv5JbrFgG5uBycjSfJKMVO3vxGFF78f4GDcQAMeOdi4Reffvz6hUyA4pRKiTO06eEydHSG2Prckyphp7YV1szPKqSykH3YfMSFXWcCIkCGcQXn3YBn2Nhfl9b1fLgD9v3_h_yPnCHc8kwAySKUr8OSpfD0uqiQJBa7RwhZL7fuOVULcBE3WEkt9c6dm8LKBvFk0NDKsGB2vfkW12zKkXavN0Zw5q7vmjE3yNk0DjUyrugPTa-MfvqZXSnGsLkAQ1wjiccM-TaN8apHp7HFNJfTW0_z6EOOtjzQuUbIthfw5wWpXaJCkUV_nNHhtw1Yr9xCdO3P4DJTvyz3Lhao3W47sprub_Z-gVynnYZ2iUCCuFQtDwasEvdAnP7hsh-q2ibqTUpEjZHc7c_37eIR6Z19aCDxW8wIYEk2eTUAOXKeMUr1JVby3RT6-fYYA-wW4CUyL9oM6C18D_dNinj-ecSSVx1CLcpEp_kYaehuk1Mq2c_r8WjfYDSoucSmm7jlkrYMNWJlvBhYDyKWcZTVQtQnCHpOO7IoytnhBZlGJjy_0uzYZ0QZHcZJvdhYW-OqzESItWiwqu1_6fkEJUZYhEV8owXkghP52j-Z89brUIsEHWRq06-h91dWo5qAeVNzYQbjayz1D0Ko6bfqYTa6niQDHFpVGp9lkqN4Vv9E9sj9V832HKiWYXx7nObddkxzWvuNFEXlOaiCI7t8Y4I2ulwgwpAMfIpPcZGOhxwt3eOY8G7SpIerySzXi-Pl_gcyMjx114Qkva39zAO8dGsjgPzNEW2NVBNUJgCD2sarru_GRT5rYEgor-lw8ky8XXOpEhXqWeq77qBWB2DHuPfz3u7BtGsMofNB5ZEeZQBXXXfekTvJhAqtcySOLu1lDYepllV3sFJpEInVm8rBGy9hLWyZ_GS_g1khtvhCNPrCfWYYXFciyyn5mTRqnyMtncY1gINpb24BzTNruW5NcUj_gVdPje9K2wyUpFVQj5YGWISsrr43aJ5i55MQ36jW7RVVZdzflZKwU2H7Mqf0HHrUGwuZkIRFCUIs4HqYgzMzmAZ9fX9KMLkNwQRQJ2CAlBHFiTiFQCrFRcSz8j0Jm95ry48_yR4FxVohEV3x7JkrVznAuvHiBNy4OpCaTfsrnxyhZyHR_-GG-elO42uC6O9141g51pivy_v9WgqGi_2zC4su9Hw5W8o4HMapmAzATM-7btjNCusUA0PIZCIkgbKtxYv7BCrXF7jOGnNnLWQD_yxwx6r_JHbeqCTxWmUpzBhDvJjz-Tim21tiQAYAlI9_OJbUNCEX_aJxYxaGt1Mh4BnX1louFYA8XKbEXQNStInz_izFn626qHGMo2UJrnPT4z5tWeH6pKNUFgZXClYKO-6cX815eZQLF7mO7xYgw-xWz6gpdtJ-Q8x-RAlb8ieZ6a6E9UVS6X1entZLCMqtZjtUq6xAQWh28DVi_bVx3CpjE_OHivCaE_Z3c7fgNkfFLVDniqf74BlWvLtjXISe8mKOTBWukWn0yN_9fozjWLBiaXTeeFP5EhokTorFKZt2ttnb_4yQyKOfGALehYnOYjp_ie0tuEsP5ayBkz9WtPtnCUGBz8QisvHV-Mzxee4CDfsPQqvGtWvW8kbvU6_iJYzm-4-P_IqwnYxkH-9R8lIWC_NqXnerh9TGqLo1Mz5UNhBrzes7jJB5sMC07E089ev_3X5vvWp2T4-zCRPy3HbirkC9BAqXm5mFTpDzloID0vX_qQpK1eMcrFRHRQOFFAYEzbE6dqThXLt_cxnm8gK1MrnivpwasFFf4ghZsFNY4ZLbSq9Y0am3EUgAsg4POtx2SKRlYPsPSV3uSf1lTN60m_OKPSqV1M8LE0tS3M9bN7DvPQ9g6OarFaoh0sKgEAr3MiJFTEAiufU9xINvNHoGC8JudXtEvi9eroPGLcxNClrP9LfoPMWNOKUHzQKDYjtXCh_NcstF8JE6MRjTrMFXtrrupDU0211uQjqMcrelydXgl8Gbdyogf3Tbr-K8q4uLTDkV1knGTDSfwkU-E8DllJfM-9ujuG9AwHlKO6tChUQY1HaaQFpwOyNfZnJwK4PdghiCoffJIgNUKZc8lKZ7MoguXqwtAC568-nsWByFDZiyMrLB8cfOlacyQnHzsE38fFnwRrNnWE9It4G1qnzKdL8XN6RswKHOje6AvXMcjUf2GkLxHDocrmzFWYtdfQ1gnLbz-6vXZ9rft8Ap-YzIIGSnvvW15G8IYxAu0-GxbMsjbuEEDO4uk9aM-GDMZIZ8ifGJ5Af7VtsmxmV0ORm9RrHAhGvOQMAUmdjgBnwIsKPib7CWIlptBbBrGz&cid=CAQSPABpAlJWJ26sC-M2wSVZx57TWFf4OLGoPfb1Noaq-Dfmf7wZ73bvjjH30X3lfyZouz2WnZ0_Wms7XM-xihgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=13897875304122460000&adk=3037181500&idt=185&cac=0&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d922786d9178293a477c98ffe925965217c535e5e5911f100af67df9a578d206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36552
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 41DC 0
54 B 100ms
100ms Ping
image/gif 2a00:1450:4003:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lk2ay1r8&c=2038210896378&slotId=1019105448189&qqid=CNLK9LDgjYADFRI84AodBaMGIw&fb=web_video-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 41DC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/acao,ctier,expire,id,ip,ipbits,ita...

862 KB
862 KB

149ms
40ms

Media
video/mp4

2a00:1450:4001:62::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/056AD7D573F416AD6DA0EB6A1C18D49EA54370F5.110D1B12FA98A1976E6E6DA4298F056E1129C508/key/cms1/cms_redirect/yes/mh/Qj/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1689321015/mv/u/mvi/1/pl/36/file/file.mp4

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

HTTP/1.1

Server

2a00:1450:4001:62::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

51c4c32c003192d8fa18dd7948b20a0289e59998546ba1c91a5e62d172721d22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 08:13:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jun 2023 10:17:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-882548/882549
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 882549
Expires: Fri, 14 Jul 2023 08:13:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/42be4887032ab2c4/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3832309121/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/056AD7D573F416AD6DA0EB6A1C18D49EA54370F5.110D1B12FA98A1976E6E6DA4298F056E1129C508/key/cms1/cms_redirect/yes/mh/Qj/mip/2a01:4a0:1338:92::8/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1689321015/mv/u/mvi/1/pl/36/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/ Frame D3AE 30 KB
11 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFfUVNKC2DXnPzP5kLJIqgsPHElfIfF4Y_nrwBCJaknqmrSZd2HNsuFqw-_io0zpjIisqGou7gFJRViXQOHjJ8_bLWjg&cry=1&dbm_d=AKAmf-CDxAe-EczHPaX_xLCnR4j1TR7HNie4YwHJpQS6oQC7IoDUBa4xw3YvlEPPd_ylC8UYkOlbmOsoUzRgFq35GVdpSWuz5oM8pKmmfz2oVi_mKzaujNJbyqAyWSvk9UlYEVRpS-Usw661JW7uDB9GIhUqarWhlJAYN93oO0CywFy81UeK3eIRl2nIj7JOiTvtc9bxt_6VPUXcLnbHRLhWi2HYDh5VMt22Yl_dUZb0y8PtBf_80TdqN46imIK86guZgAg-LKe-XckIToKPlJq0z50HYGTa2rxfbvkZs0T4GAkxvfo-mkhlNgRu9s8xySJ22gXLp4pxobzTLto5BCbz7J0ywgQwf26Rgbk5Nn7mw8qOtXLuzWXaJymWBUa--ERslP3U8veCo1NnEPsfY7Q7XXT1AEFN_0BEdidD1HfRTLWXO_eJElgdfl8XFuAEHqZSoraze1YRrkE60PBg-4BwTkSkFNp1lOinqQ4o7aiHi73HB6ym8gjeVOrCSsSA7bDxMuurMz50vPvg62_fnRmd-VQ73CA8b64ZdfGsjBoauNbzMcMqzfsj37hW5kbbhH1dyLQHJB7mICp7eaewgdIiEnnNVBjXutl-zyUUAQBglawz1cSOygDYBkBnF047U_uqbBSHurRahJ2qgmXtibIksmeCzBlzdLylp7HL-dGo_ztNVPR2i6oiZXxnSvhL5myOsmltyGZvoBj-XxW85Fo5DHprbwqbxTQZft5cpHMcdjRS14vVMp-01pewJIGeihUW44cX4StgxuWMQzVjUBjEmI9tC2ajC4LTTMc4Bt8F902pvEtXuM5vDCNlFa4ykOx9mo-BarPsF_nd7HrUAHzP5JKLmIDA7LJj5B5fi2XsSc_PJHxvObA6IEv3cA8AKtFhJo7KX9d5OQD61ClX0IiDRulQU0Clt8QNDUCWPtDTVCTcER50EDkwMQ5Kz1JRZlu8hOXyBx0jzj4ipAbT1ANcAO2g_3_FNLk9boGCVTXgxnyWVOGfgq_J4VZ63CahVhE-JhmWaUZACZWOwzm0i8Hre4gCj8DOvHTW1XX94BKrozt1m_C7HksCmoeTV_tpa6__R4fcZOzg9lrwu47OKnazuGF9XqpOvqc0_AC1_op-szaCWmk8NFDrwH4rochpkzDAXKz2oYN9ipg93Rv5Vnimytxmc5rNOFzhyqjxc60yeQNh41Id-5vlsSMEzhe67jlTXDQ9cPe35QMhTSBqLYjPgBjhemdgH9LUdWugUv5JbrFgG5uBycjSfJKMVO3vxGFF78f4GDcQAMeOdi4Reffvz6hUyA4pRKiTO06eEydHSG2Prckyphp7YV1szPKqSykH3YfMSFXWcCIkCGcQXn3YBn2Nhfl9b1fLgD9v3_h_yPnCHc8kwAySKUr8OSpfD0uqiQJBa7RwhZL7fuOVULcBE3WEkt9c6dm8LKBvFk0NDKsGB2vfkW12zKkXavN0Zw5q7vmjE3yNk0DjUyrugPTa-MfvqZXSnGsLkAQ1wjiccM-TaN8apHp7HFNJfTW0_z6EOOtjzQuUbIthfw5wWpXaJCkUV_nNHhtw1Yr9xCdO3P4DJTvyz3Lhao3W47sprub_Z-gVynnYZ2iUCCuFQtDwasEvdAnP7hsh-q2ibqTUpEjZHc7c_37eIR6Z19aCDxW8wIYEk2eTUAOXKeMUr1JVby3RT6-fYYA-wW4CUyL9oM6C18D_dNinj-ecSSVx1CLcpEp_kYaehuk1Mq2c_r8WjfYDSoucSmm7jlkrYMNWJlvBhYDyKWcZTVQtQnCHpOO7IoytnhBZlGJjy_0uzYZ0QZHcZJvdhYW-OqzESItWiwqu1_6fkEJUZYhEV8owXkghP52j-Z89brUIsEHWRq06-h91dWo5qAeVNzYQbjayz1D0Ko6bfqYTa6niQDHFpVGp9lkqN4Vv9E9sj9V832HKiWYXx7nObddkxzWvuNFEXlOaiCI7t8Y4I2ulwgwpAMfIpPcZGOhxwt3eOY8G7SpIerySzXi-Pl_gcyMjx114Qkva39zAO8dGsjgPzNEW2NVBNUJgCD2sarru_GRT5rYEgor-lw8ky8XXOpEhXqWeq77qBWB2DHuPfz3u7BtGsMofNB5ZEeZQBXXXfekTvJhAqtcySOLu1lDYepllV3sFJpEInVm8rBGy9hLWyZ_GS_g1khtvhCNPrCfWYYXFciyyn5mTRqnyMtncY1gINpb24BzTNruW5NcUj_gVdPje9K2wyUpFVQj5YGWISsrr43aJ5i55MQ36jW7RVVZdzflZKwU2H7Mqf0HHrUGwuZkIRFCUIs4HqYgzMzmAZ9fX9KMLkNwQRQJ2CAlBHFiTiFQCrFRcSz8j0Jm95ry48_yR4FxVohEV3x7JkrVznAuvHiBNy4OpCaTfsrnxyhZyHR_-GG-elO42uC6O9141g51pivy_v9WgqGi_2zC4su9Hw5W8o4HMapmAzATM-7btjNCusUA0PIZCIkgbKtxYv7BCrXF7jOGnNnLWQD_yxwx6r_JHbeqCTxWmUpzBhDvJjz-Tim21tiQAYAlI9_OJbUNCEX_aJxYxaGt1Mh4BnX1louFYA8XKbEXQNStInz_izFn626qHGMo2UJrnPT4z5tWeH6pKNUFgZXClYKO-6cX815eZQLF7mO7xYgw-xWz6gpdtJ-Q8x-RAlb8ieZ6a6E9UVS6X1entZLCMqtZjtUq6xAQWh28DVi_bVx3CpjE_OHivCaE_Z3c7fgNkfFLVDniqf74BlWvLtjXISe8mKOTBWukWn0yN_9fozjWLBiaXTeeFP5EhokTorFKZt2ttnb_4yQyKOfGALehYnOYjp_ie0tuEsP5ayBkz9WtPtnCUGBz8QisvHV-Mzxee4CDfsPQqvGtWvW8kbvU6_iJYzm-4-P_IqwnYxkH-9R8lIWC_NqXnerh9TGqLo1Mz5UNhBrzes7jJB5sMC07E089ev_3X5vvWp2T4-zCRPy3HbirkC9BAqXm5mFTpDzloID0vX_qQpK1eMcrFRHRQOFFAYEzbE6dqThXLt_cxnm8gK1MrnivpwasFFf4ghZsFNY4ZLbSq9Y0am3EUgAsg4POtx2SKRlYPsPSV3uSf1lTN60m_OKPSqV1M8LE0tS3M9bN7DvPQ9g6OarFaoh0sKgEAr3MiJFTEAiufU9xINvNHoGC8JudXtEvi9eroPGLcxNClrP9LfoPMWNOKUHzQKDYjtXCh_NcstF8JE6MRjTrMFXtrrupDU0211uQjqMcrelydXgl8Gbdyogf3Tbr-K8q4uLTDkV1knGTDSfwkU-E8DllJfM-9ujuG9AwHlKO6tChUQY1HaaQFpwOyNfZnJwK4PdghiCoffJIgNUKZc8lKZ7MoguXqwtAC568-nsWByFDZiyMrLB8cfOlacyQnHzsE38fFnwRrNnWE9It4G1qnzKdL8XN6RswKHOje6AvXMcjUf2GkLxHDocrmzFWYtdfQ1gnLbz-6vXZ9rft8Ap-YzIIGSnvvW15G8IYxAu0-GxbMsjbuEEDO4uk9aM-GDMZIZ8ifGJ5Af7VtsmxmV0ORm9RrHAhGvOQMAUmdjgBnwIsKPib7CWIlptBbBrGz&cid=CAQSPABpAlJWJ26sC-M2wSVZx57TWFf4OLGoPfb1Noaq-Dfmf7wZ73bvjjH30X3lfyZouz2WnZ0_Wms7XM-xihgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Fwww.enca.com&ds=l&xdt=1&iif=1&cor=13897875304122460000&adk=3037181500&idt=185&cac=0&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 14:06:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/ Frame D3AE 11 KB
4 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230711/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 13:58:32 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D3AE 0
0 84ms
84ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4fWGNzQy3yCFfqQ8_pB6G2LfN0U_R5TOxHkJM1rS8M6nX1pS_6H2fv_Xy4fj9TYNZkXNJMngOQo5fLVkiQUbY1SO-J5m83sexw0A5zMmjwwaE2k8vydIwVyFy_04TbOFE3BIrMwJxUwvkVwvO13dFi0zzRpx0N3YWzixTLsYQ0H2oh_oUQjdm_4j66M1U4pvx2l62NalHejr7AiiChKPxOR1VdoG1qxR0rpOX2GUnQlHpnE1ZovTcN1Ehr5KUXyhuyGpv88kbSeBAOTMBoEHwJwvSn6u_jRyw6Fjo-YH5POrky36S2ZA2R9Zeiio4NHWzMQ89rNj7f_rl031BOzqL0ks5x38GRyMuxvb02oAXLgZoQIRijFU3gEfQ5fFRBrmw7Qd2-HVHTzWCrbI5R1F6gFSCy_oKtx0rXZWvHhSfHIaki_6kHMCo_ck_mQ80p3JoJvxdCx3zUi1SPwA3nZ14iLXyJo_HLV1ifb_ORtu-IjppT3UUNcBC-pJ-gNNuAdh9wyFE_PY49SvmuAp0F7fyjsdnm_Je7F-aiPvhBc_PvPQhV7vgmNKyEN6AbNeo5Ynii45QfvAi1YJJHQ2Nobu_zijUX0wNFnOOJka9JiIoLDlrmzCSu3QfBR5K-Gn8mgFFcKlPaATgG-_XY4qyFDgZDmbBFBUdVXZWnlEXiAIAjPoxXP0BuPzl0789Y2gByWRg18KKns50_3rfUYIBhO3O5_yEGuLc4n7ahqTL8k4k6giFMRuQcWW0W4qBw0QqWryw6xeHCGI0zlRaeae7vBC3NKlvmhd43PZlHcLlltPbQ3FQZrjv2vB-00cDNx3W0xVw-tv1s3hkLaMXbAAR7_G7daTSQZJYTn7hXhZl6HPw_ytFQRN9oGGLPsCd2USatY5BM9sDj7_uhgS__Lqve2an36FuYJn8WpPw_d8iJga-iU_VTbfBX4GpV72T6Xl2wAF95YtJ9cZL6XNhDsq5Fr3F1bKTkRLyXHVRJ2U6RgnwffChbgJz815nPMSZBUbwUFLYeAmxUwh5EiqfQzmBCAu3ft6VNgu-OO6Of_E39aEAt-NBK2d7qy0EenAMoRITrq8z6fq9fgIFHVUBTLHiMmL-EIZ90mX0t8l2o3Fu460IDs97Bg_YB6a8bc4fAVWU6HTr-b4ODOppJ9o_gtmfEyhlqT4yRL62ytGklOgE7q3UXM4ol82ubRxC6a6z6b0n5RuT19FTpP9d0P85sc6u8IJyXHJyRWV8tG1MsM2PHkIK9YIMfPYZN_k6jRRv8Q&sai=AMfl-YTQoR0yvTtP3dIe9nfORMTvq24Mi9CxrU0z72x76FrFzOa5fF_wY76_snRu3ZN_L3rJwI9Ow0TPVkqzJpAzImcFzbkwpEBOpAV7RzlCy1fOeYIq7W9LxP3p1kraJUz7N5u1wWvGdTtQV6G6dne_v86IJ3Ya87kMm-23KWutgoa9fUy3VTa8nAsGTenO0MJpOg_egRR6Wom6irloN7Ohz2rmcAlVhrShsfGLKC8mDOwffAe8mJJfEU7mrdbaqV5WS2kaQTI&sig=Cg0ArKJSzOr4kIDi6oElEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230711.75686&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 14 Jul 2023 08:13:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D3AE 41 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:46:58 GMT

GET
H3 200 5968657456671775324
s0.2mdn.net/simgad/ Frame D3AE 108 KB
108 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5968657456671775324

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b23a69abf726828d282a0f9ee6cdd2ef326b36dd63f3ebdb119675bc313fd3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 08 Jul 2023 23:01:23 GMT
x-content-type-options: nosniff
age: 465127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110390
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:58:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Jul 2024 23:01:23 GMT

GET
DATA 200
OK truncated
/ Frame D3AE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e76ee819f06c74ea9abf6619f74a24d1ad283905f201599b074937c4bfd3f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 81C7 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 66391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 13 Jul 2023 13:46:59 GMT
expires: Fri, 12 Jul 2024 13:46:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D3AE 0
0 76ms
76ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4fWGNzQy3yCFfqQ8_pB6G2LfN0U_R5TOxHkJM1rS8M6nX1pS_6H2fv_Xy4fj9TYNZkXNJMngOQo5fLVkiQUbY1SO-J5m83sexw0A5zMmjwwaE2k8vydIwVyFy_04TbOFE3BIrMwJxUwvkVwvO13dFi0zzRpx0N3YWzixTLsYQ0H2oh_oUQjdm_4j66M1U4pvx2l62NalHejr7AiiChKPxOR1VdoG1qxR0rpOX2GUnQlHpnE1ZovTcN1Ehr5KUXyhuyGpv88kbSeBAOTMBoEHwJwvSn6u_jRyw6Fjo-YH5POrky36S2ZA2R9Zeiio4NHWzMQ89rNj7f_rl031BOzqL0ks5x38GRyMuxvb02oAXLgZoQIRijFU3gEfQ5fFRBrmw7Qd2-HVHTzWCrbI5R1F6gFSCy_oKtx0rXZWvHhSfHIaki_6kHMCo_ck_mQ80p3JoJvxdCx3zUi1SPwA3nZ14iLXyJo_HLV1ifb_ORtu-IjppT3UUNcBC-pJ-gNNuAdh9wyFE_PY49SvmuAp0F7fyjsdnm_Je7F-aiPvhBc_PvPQhV7vgmNKyEN6AbNeo5Ynii45QfvAi1YJJHQ2Nobu_zijUX0wNFnOOJka9JiIoLDlrmzCSu3QfBR5K-Gn8mgFFcKlPaATgG-_XY4qyFDgZDmbBFBUdVXZWnlEXiAIAjPoxXP0BuPzl0789Y2gByWRg18KKns50_3rfUYIBhO3O5_yEGuLc4n7ahqTL8k4k6giFMRuQcWW0W4qBw0QqWryw6xeHCGI0zlRaeae7vBC3NKlvmhd43PZlHcLlltPbQ3FQZrjv2vB-00cDNx3W0xVw-tv1s3hkLaMXbAAR7_G7daTSQZJYTn7hXhZl6HPw_ytFQRN9oGGLPsCd2USatY5BM9sDj7_uhgS__Lqve2an36FuYJn8WpPw_d8iJga-iU_VTbfBX4GpV72T6Xl2wAF95YtJ9cZL6XNhDsq5Fr3F1bKTkRLyXHVRJ2U6RgnwffChbgJz815nPMSZBUbwUFLYeAmxUwh5EiqfQzmBCAu3ft6VNgu-OO6Of_E39aEAt-NBK2d7qy0EenAMoRITrq8z6fq9fgIFHVUBTLHiMmL-EIZ90mX0t8l2o3Fu460IDs97Bg_YB6a8bc4fAVWU6HTr-b4ODOppJ9o_gtmfEyhlqT4yRL62ytGklOgE7q3UXM4ol82ubRxC6a6z6b0n5RuT19FTpP9d0P85sc6u8IJyXHJyRWV8tG1MsM2PHkIK9YIMfPYZN_k6jRRv8Q&sai=AMfl-YTQoR0yvTtP3dIe9nfORMTvq24Mi9CxrU0z72x76FrFzOa5fF_wY76_snRu3ZN_L3rJwI9Ow0TPVkqzJpAzImcFzbkwpEBOpAV7RzlCy1fOeYIq7W9LxP3p1kraJUz7N5u1wWvGdTtQV6G6dne_v86IJ3Ya87kMm-23KWutgoa9fUy3VTa8nAsGTenO0MJpOg_egRR6Wom6irloN7Ohz2rmcAlVhrShsfGLKC8mDOwffAe8mJJfEU7mrdbaqV5WS2kaQTI&sig=Cg0ArKJSzOr4kIDi6oElEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=83&vt=11&dtpt=82&dett=2&cstd=0&cisv=r20230711.75686&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:13:30 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 81C7 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 18:08:18 GMT

POST
H2 204 visible Show response
trc.taboola.com/esattv-enca/log/3/ 0
94 B 50ms
50ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/esattv-enca/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Fri, 14 Jul 2023 08:13:30 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 8776
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
server: nginx
x-timer: S1689322410.342266,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://www.enca.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 40ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230713-8-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Fri, 14 Jul 2023 08:13:30 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 1825
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1689322410.416043,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 46
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 8377

GET
H2 200 / Show response
pips.taboola.com/ 4 B
120 B 46ms
40ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230070-FRA
date: Fri, 14 Jul 2023 08:13:30 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.enca.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81C7 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0tjCqgOxZIvmB_mm9u8Pyfyl0AMAAAAAOAHgBAI&bg=!GBulG0_NAAb90kgr3dI7ADkAdvg8Wve8acdx9iOKF-uf368bTG-0t1zyv8WMkYy0UpcOUWQbwc0vDxEMa20IWtvIlVQNrRBSOFICAAAATlIAAAAFaAEHmQLrYQ9zoOm2ORrwD5QoPCfoZRjefZnzSKYKBIPS16h3j9LVYp9fgYKofpmFlDVAMCwzXVux2gprDkTLE-FO1QTpLEa9EplG9CGt5deuvR6lLjT_AGKwVLzZU2CVM6NhaK4evcw6jtBfTHB-7AEOoil55wGKX9zHFWsTrUE3fKYO7oZo0Gmiuc10VApJAekvAnuMLgjtayV5XMImpkCSq-vTPrkzDAixe-dEPhXpF27qMZmbfrp3hzyU6WUsmO1DkqwKOrLBN-xWGeOlbjqZOyD-knue4yyEt9qdw4qVO3S3Q32wh9JAeYNEIE2_zMElXUZJ55hUOHwDB_WRB73bmu6Vzjazu9LMYIwDopFectZo1o7wsX-BJk5oyMLG42p75puDyxz4YB_fjxbud-8taJyU8BwDO60CwUAGJ2gRkbUX_a0mdJkeJQ7Q3MXWC_fSGU0E6liz_2jkqQsA8Gc0d637HR8B3Nq1JdN86KYUceCncFcmx_3PuUIgOyf81IcWDykJcQMSO0nff3fGz4amDI5LOsW5d8uHfJ6WZTjin5d9VowUsY2fiqphuYUEuSXPFTAWpj2NdZSpVsvrutz4bkTthhJcEXeaJ09LVE-keBD67rXnisyFsY_Nzr5AJ_8MdbsepD0l5Ao2p-pEm8R0nVIXW2bP0QxENjjDDWxA2up2q2Dg852dIQjb4PJCdpzwrA6EumxwopoG3GN_T1DjQBNx2pGnzQxGa8cDnoCzZWpMZ4gED8hxa4v3J67pwVCh3pMyUH7_HRoSRuWaux0IEgvgmaZhLPgIIdYE6RnMVSO301vI-d6Epz8RdHZPjeYSENthWhIDsyNhmPJmJ_1buMglh3GAUNmKrBwX6xmMLz8LrmYAFhADykkFroD1FT3pKWzYAf-hlqVjOB99k8lmn_-eK3LMfVUdwXg-WblAD6fEROLDNLJgLI0x1syU2CkkN4pZeKo_9r1kDmHEfupouM02Xol7HRUWJe4ccMzs

Requested by

Host: 7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
URL: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 594ms
191ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=bd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 14 Jul 2023 08:13:30 GMT
cache-control: no-store
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E387 0
20 B 77ms
76ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3582906995866&version=m202306200101&ct=76&x=1&cor=1342829425395894800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 41DC 0
54 B 98ms
97ms Ping
image/gif 2a00:1450:4003:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lk2ay1yk&c=2038210896378&slotId=1019105448189&qqid=CNLK9LDgjYADFRI84AodBaMGIw&fb=web_video-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=973&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C692%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&umsem=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/admanager/outstream/web_video.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4003:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gl23.7.3.js Show response
static.r66net.com/d_s1/ 307 KB
103 KB 40ms
39ms Script
application/javascript 68.232.35.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/d_s1/gl23.7.3.js
Requested by: Host: k.sd9net.com
URL: https://k.sd9net.com/GetLink
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/673A) /
Resource Hash: 4f0ca68147bbad74c6d8246eaf3dde55c3fd6772ec98abbe582b08464d044073

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
last-modified: Thu, 13 Jul 2023 07:21:11 GMT
server: ECS (frb/673A)
age: 89475
etag: W/"64afa5e7-4cb1f"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 105533
expires: Fri, 21 Jul 2023 08:13:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FD7 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmlfajHSBna7K5n63Legv0qh1YLcjXhKSXRY_W3UtyDiRQAxpfHVj0ST853U0AyMRUaWGWanpFMdqhD9RC6u1Mj9PXIZW9zDA_Uuci68iZfh-JKavle7mFwhgtJQrlb8DRo127xUDjGtuZ5OSkM9JJnVJJj_141DMpVHXErMhrJJ0tZZfWPIvs481Rm3Sr6zdCaOjcNsYvtY4gVWmzyKZhe0PYWa0ghrvkiisZLYTByCQZKXAxrjgPv3rJ4QCwEr87d06TFt4yucM1_S8sM3l_4v_0Fb6eX3tZx97fb3QT4DR-YAJN9fn5429Pg6d7rjJ5RcOW&sai=AMfl-YR0l-fLYjwIuxw4fWgXtZFv4evTwLoTp2q__eMKx_UqA9u-NbojaiBYSHUYZMwZSS6Pz_gBMGJ5HN5gpB6WJHO9ohBPLYRlP28Ey91yFI2DbjISA7HAqnc34Jk-oWk&sig=Cg0ArKJSzDErlFXkgE7kEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Jul 2023 08:13:31 GMT

GET
H3 200 collect
stats.g.doubleclick.net/r/ 35 B
55 B 49ms
49ms Image
image/gif 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?xyzNoCache=cqf7vetd

Requested by

Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 14 Jul 2023 08:13:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loading-black.gif
static.r66net.com/Content/Images/ 6 KB
6 KB 40ms
40ms Image
image/gif 68.232.35.200
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.r66net.com/Content/Images/loading-black.gif
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: acb6e0350b54d617ba8f16265346c4e03405b1dbaaf1a5e2ac436f1b69e6341c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
last-modified: Mon, 13 Dec 2021 22:45:16 GMT
server: ECS (frb/67BA)
age: 8190
etag: "61b7ccfc-16d9"
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 5849
expires: Fri, 21 Jul 2023 08:13:31 GMT

GET
H2 200 dvad12.3.css
static.r66net.com/Content/ 24 KB
7 KB 40ms
40ms Stylesheet
text/css 68.232.35.200
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/Content/dvad12.3.css
Requested by: Host: static.r66net.com
URL: https://static.r66net.com/d_s1/gl23.7.3.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.200 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: 67baf0407a2ae360e7c44ca7c6d982c4d427c5bc9ed6bb9e0e6d4e1e86d023f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Mar 2023 21:49:44 GMT
server: ECS (frb/6763)
age: 177506
etag: "6410ebf8-61b7"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 6561
expires: Fri, 21 Jul 2023 08:13:31 GMT

GET
H2 200 VideoAdContent Show response
content.videostep.com/VideoAd/ 1 KB
997 B 468ms
254ms Script
application/x-javascript 216.59.56.193
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.videostep.com/VideoAd/VideoAdContent?location=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&lId=&showFallback=false&ivbsCampIdsLocal=&blk=&noc=false&oi=0&lnkBrk=&kw=Financial%2Ccustomers%2Chave%2Cbeen%2Casked%2Cto%2Cbe%2Cvigilant%2Cwhen%2Capproached%2Cby%2Cunknown%2Cindividuals%2Cor%2Corganisations%2Crequesting%2Cuse%2Ctheir%2Cbank%2Caccounts%2Cdeposit%2Ctransfer%2Cmoney%2Coften%2Cwith%2Cthe%2Cpromise%2Cof%2Ca%2Creward%2Cpayment%2CBanking%2Cscams%2CConsumers%2Cwarned%2Cmule%2CeNCA&purposes=false%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse&li=false%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse&tc=&l=42&aci=divVideoStepAdTop&userCookieId=&vId=18pefkrp&width=1600&height=1200&minifiedScriptList=&callback=invibes.cb_ap2gf0o5
Requested by: Host: static.r66net.com
URL: https://static.r66net.com/d_s1/gl23.7.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.193 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 8d93219d2c46971ec8b8973deeceeb8fb1b11967eb4731f1c3d7de7a7b372de1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
cache-control: private
content-encoding: gzip
x-powered-by: ASP.NET
content-length: 872
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8

GET
H2 200 GetOptIn Show response
u.videostep.com/User/ 66 B
362 B 380ms
181ms Script
application/x-javascript 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u.videostep.com/User/GetOptIn?callback=invibes.cb_3ltnueul
Requested by: Host: static.r66net.com
URL: https://static.r66net.com/d_s1/gl23.7.3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f5cd876b8bd2ac41f2098f303ecb436278587e1f9594512370ba34b12e90ef11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:31 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
content-length: 181

GET
H2 200 PixelUve
kwebstat.videostep.com/Stat/ 35 B
158 B 391ms
184ms Image
image/gif 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kwebstat.videostep.com/Stat/PixelUve?pageId=207989311&publisherUrlId=111598&publisherPlacementId=5708&userCookieId=&zone=de&vId=18pefkrp&additionalInfo=0%7C&eventType=1050&location=https%3A%2F%2Fwww.enca.com%2Fbusiness%2Fbanking-scams-consumers-warned-mule-bank-accounts&cacheBuster=cmya7f3q&consentType=0
Requested by: Host: www.enca.com
URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Fri, 14 Jul 2023 08:13:31 GMT
cache-control: no-cache, no-store, must-revalidate
x-powered-by: ASP.NET
content-length: 35
content-type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/webp

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2756 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=453712651162&version=m202306200101&ct=76&x=1&cor=16678129865112860000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3AE 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8647395511234&version=m202306200101&ct=76&x=1&cor=13897875304122460000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 171ms
88ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307120202&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a9851b1ea10fd3fe6496b588754c36ad68cf67745ae9214e915a9b462c3b7ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11888
x-xss-protection: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 3 KB
1 KB 133ms
127ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1689322412267&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1533&pt=-182389371&tz=0&viewable=true&ddast=V8AEgCLAYY2WmEz9nl2RIwstMIn7PLsy0AAABgYID-AAnNXLvNcmZZK2YOh1s022zWwt3ItxYOBpuRZbJcriaWISChmWu3Wc4sa8XM4XCLZpvNWrgb-dbCwWAzskyWy9XEMgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGzyh6XT4XPd63e93V9k9DrvG7_ZLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz53AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fAwAUh4S6m1x2o8vp9gcAAAAAEAAAAAAkAA528ksAmPBNnfj_________jzFAn3kj4_____-GQQ-ABx8AD0IAAAA-hsD5BnOUJzTqEymoLMIIAAAAANT_QdqRSTpBxaLK__9_vxWAKwAAAYlTdkacWXQHJd7CAAAACIxZoIfF7zc77Bq_22X-_________838n_lHI3TElZImaKDwQ80vIADAml9AAAA26gYA4I0AnKBD0IrBYHUUYjecLXazwWwwOwAAAAB3_v____WA5HCxWA02jt1q4rKZTMvNcLQZLkyjiWllWjlWu-0RtghvZ2t8Mu4TIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzM2GL0Woy2SyHs-ViMhiOhqPR_gzEYjRAEzFYLieTxWS3Gq1Gm-FuNBsskEAMJoiiRYPJajSaLCbD1Wiymi0Xu90GUbRqNRttBsPVbDLb7VbDwXA5GqEJW4xWk8lmOZwtF5PBcDQcjYYIRkyW4WC22bhFDptxLZoYR2vlYORZy3aD5cg1cayGm81a9PqYLg6HcTnZbZFgQNReJE-LdKIxbSwOx8q2GHkMk41lMRpMjKOVY2UzDFcmk2diEUs0J4t0Irvsm8PFYjXYOHarictmMi03w9FmuDCNJqaVaeVY7fYVk2U4mG02bpHDZlyLJsbRWjkYeday3WA5ck0cq-Fmsxa9PqaLw2FcTnb7xmy43Ewmo8Fu35gNl5vJZDTY7Tt0hu_qczaqV9Knx-SwKdPWrc1pULgMFu9PYlpMu7OD6ew7Om3KbbOzM_r9fr_f7_f7_X6_Qes5mA0K32doe1x7muWxr1oWxAaDIpYILtKJyvMwnW5vld3jsIglStNFOtFLXJ-n3eX5_CUOu9dp97k1H4fb89b47Z7X22X5vHUPy91lcqtdZ5db4rB73QqPx--6mz4XsURwukgnopfxdFH_EQMO5pLVaq6bKwarVQIAAAAAAAAAsATTTDcBAAAAcDKg3WgxWK3Tgawmk8VytVwAFI3MuoBBAAAAAAAAduXQblVat4-wF2vssYXyPEyn21tl9zisDICiUZnZZp8RxFqtljUAAAABbAAAAAHcdONNQAoV9____z8OAACAjBx6AAAA9PuAqGj0wo9cKfgVxGI5mO0fgAqxVqvV7cZarRY!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=2522195&dpubid=474105&abtst=nonrv_vA!smbs!ufm_vE!uftchrwf_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.enca.com&en=1&subu=6
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f587abee1a2c822b62df432f1b8c46f31caf2cc4f23a6e26f6625f76d29bb6c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Fri, 14 Jul 2023 08:13:32 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1421
x-cache: MISS
x-served-by: cache-fra-eddf8230089-FRA
pragma: no-cache
server: nginx
x-timer: S1689322412.292680,VS0,VE87
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.enca.com
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?xyzNoCache=3ifhak8d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 02:38:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20113
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120202/pubads_impl.js?cb=31076084

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jul 2023 08:13:32 GMT

POST
H2 204 supply Show response
events.browsiprod.com/events/v2/ 0
99 B 208ms
208ms XHR
text/plain 52.34.43.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/supply?p=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.43.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-43-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:32 GMT
access-control-allow-credentials: true

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2991 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10915
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 05:11:37 GMT
expires: Sat, 13 Jul 2024 05:11:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C1E 783 B
532 B 50ms
50ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58efd0e7e46002d0f40196287e1fb318ede7ddb522723eec5cc956d85f738300

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yrbtHfLikoPECSFdHyxHHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-yrbtHfLikoPECSFdHyxHHQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jul 2023 08:13:32 GMT
expires: Fri, 14 Jul 2023 08:13:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2991 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 18:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 18:08:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C1E 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307120202&jk=274256971693811&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2991 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?08XtQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 14 Jul 2023 08:13:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 demand Show response
events.browsiprod.com/events/v2/ 0
99 B 209ms
209ms XHR
text/plain 52.34.43.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.browsiprod.com/events/v2/demand?p=b2f4ffd2-2eb6-4f8c-88f8-d9d3ee8a12e2
Requested by: Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.17.10.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.43.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-43-124.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.enca.com
date: Fri, 14 Jul 2023 08:13:32 GMT
access-control-allow-credentials: true

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307120202&jk=274256971693811&bg=!YWKlYjbNAAb90kgr3dI7ADkAdvg8WttAEJjE8tuMTH0yTyG00TLRXuYK0guPCf9ZlJmide_DnuAmFn_fwNSTJuiCN8yog1RVZkoCAAAAQlIAAAAYaAEHmQKg2ap1LONSXEJwnS_oz3Xke84mIaXSv_ORVPFmUXcLghDMhg-OD_cM4PtewuXBOz376Eaz0fOHYYwG6LNfiSq86sRxn7z2cgSdjayyq8_5nqHBUi8yXTRbjTv1sYSzbD_xPZAszQvvC0LiY8S7BsGx-Sdn0rzF6BtBC9bK8jUsPCKI7wBBhJy2kJjpx9pVVJF4ttYoNItQ_r7Bo_DbH2u3E9SVWwzxuZ8tA1LTANEVK72UCJ7AH4uM21DkJl4lyYMy35zdOqedkH4Texh_rjrjHshUC005-4KkDF9aYXqUHfpggCqWtazrvoudmWR0jHpFhXzQEz3jFHdsBrwcBnx8HbYUsfcdaU9PP9i-0feCyM5wNerLspPpBx4wTZEZEGjoXkhwWnH3oUvIILjGkNwcWDK9luMUI1xkdej3oWxsrZvhsfz7P-M0luoYtyN9uU_SfkcOXQsSyObaxuOnzGNnEhsnbxxwq_FvkDw-LOh-gvcWLKTGhvvBN84_L7-vgjr-kDzLLWVdtBoCXS863vLjitdhEVKQV_idqI_d2s_R1HAFbDoIB-rnrG1T_XszvwPNrcZ1gpDgNbBSNX2d4UF4jEHUik8Ew6-RLZrbmPMd0xawFk126KIB6SV6oLehJgAn5MGE_nzi48nS1xImccW7ZQshA0d2fl1s_jMzQ0nOQPsaTWW9ANv6PhTnbu2G0wESasxXI3oErGRcpAGN8_tg1rbrKb0ZKeBaVBeYgG3uO2fcBOsnQCTHbF6Xx1j5bPmjTArHdJmrONKu6tGjSVeUNbnP7bEe2wxAhhMDsAS73BGTmIo-nfdhORpXgttSmen7uo94TMAeZjlt__zKfhz7x_lVDaYgJFGp1nk8DqR1Czynp4dLdF6NM2ztjJ38N2yF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 /
pixel.adsafeprotected.com/ 43 B
216 B 213ms
69ms Image
image/gif 54.77.117.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/?xyzNoCache=bis7s6u7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.117.150 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jul 2023 08:13:33 GMT
server: nginx
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: za-ssl.effectivemeasure.net
URL: https://za-ssl.effectivemeasure.net/em.js

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.enca.com/business	1970-01-20 22:51:22	Name: vicinity_id Value: 7ff57c9d-e208-4847-bc9e-3c6324e6d982__1749322347392
www.enca.com/business	1970-01-20 13:15:23	Name: vic_loc_error Value: desktop__1689323007407
www.enca.com/business	1970-01-20 13:25:22	Name: blkbs Value: 5def2299140ae31d720d9c1c4907b995__1689922347408
www.enca.com/	1970-01-20 13:15:24	Name: __browsiSessionID Value: 2daacbac-0308-4fc1-906e-1112d9270c1d&false&false&DEFAULT&de&desktop-4.17.10&true
www.enca.com/	1970-01-20 22:00:58	Name: __browsiUID Value: 68e018e1-e399-42b5-8a96-10030477ae57
.enca.com/	1970-01-20 13:15:24	Name: __cf_bm Value: 9Jue55HqYaGcsH3RRhZzCAiCr_Rm6qeiX2QB.q2_cco-1689322407-0-ATjU315dmH2VHNd5cjzSzq83+YMkXqZKux2WzY24fL2Wqwh7fG/WUEqWSuN+mu73OA==
.enca.com/	1970-01-20 15:24:58	Name: _gcl_au Value: 1.1.474255205.1689322408
.enca.com/	1970-01-20 22:51:22	Name: _ga Value: GA1.2.1980003793.1689322408
.enca.com/	1970-01-20 13:16:48	Name: _gid Value: GA1.2.1399055125.1689322408
.enca.com/	1970-01-20 22:44:10	Name: _cb Value: B7ub3KByAMfTDVKf9F
.enca.com/	1970-01-20 22:44:10	Name: _chartbeat2 Value: .1689322407858.1689322407858.1.PHD4y6PpHjj2gsLC9A2k9j5Gws.1
.enca.com/	1970-01-20 13:15:24	Name: _cb_svref Value: null
.enca.com/	1970-01-20 13:15:22	Name: _dc_gtm_UA-34090326-1 Value: 1
.enca.com/	1970-01-20 13:15:22	Name: _gat_UA-180905438-1 Value: 1
.doubleclick.net/	1970-01-20 22:36:58	Name: IDE Value: AHWqTUnJ8vnlB5q7JQaGAMN_QMh854h2Awk1o3Hlz6tq_V7Z5HDLPYxL-GrX37IS8Ao
.enca.com/	1970-01-20 22:51:22	Name: _ga_BWWYH36YER Value: GS1.2.1689322408.1.0.1689322408.0.0.0
.enca.com/	1970-01-20 22:51:22	Name: _ga_Y9HVJJ63SE Value: GS1.2.1689322408.1.0.1689322408.60.0.0
www.enca.com/	1970-01-20 13:16:48	Name: ln_or Value: eyIyODY0NzY5IjoiZCJ9
.enca.com/	1970-01-20 15:24:58	Name: _fbp Value: fb.1.1689322408111.2028892814
.linkedin.com/	1970-01-20 22:00:58	Name: bcookie Value: "v=2&9216c3f8-66af-4bba-8568-0266a5b5b625"
.linkedin.com/	1970-01-20 17:34:34	Name: li_gc Value: MTswOzE2ODkzMjI0MDg7MjswMjExArRTovngAoHScQ+JT6qgkjwaY4cC9NrrpqEgKcBWpA==
.linkedin.com/	1970-01-20 13:16:48	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2623:u=1:x=1:i=1689322408:t=1689408808:v=2:sig=AQH0IBPr8_cLQsVCF5ObQZyRJta1h8Y_"
.twitter.com/	1970-01-20 22:51:22	Name: personalization_id Value: "v1_QMbzON32CmAGcVF2gbuObQ=="
.t.co/	1970-01-20 22:51:22	Name: muc_ads Value: 9897e4fc-ca29-4af8-ba94-b9734e5cb454
www.enca.com/	1970-01-20 22:00:58	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dbd28063c-daf8-4b84-90d3-6709d5b15833-tuctbaa8927
.doubleclick.net/	1970-01-20 13:15:26	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 17:34:34	Name: APC Value: Aa3gxNpdgciApnZANeIJ3NCZkjPy7Ru6nZkKOUjnvcYqsFyGDVJgIw
.w55c.net/	1970-01-20 22:47:03	Name: wfivefivec Value: qeGMCQ0X1QkdVD5
.company-target.com/	1970-01-20 22:51:22	Name: tuuid Value: f3ba117f-5e85-4978-8a52-2b39c79b6071
.company-target.com/	1970-01-20 22:51:22	Name: tuuid_lu Value: 1689322409\|rp:0
.enca.com/	1970-01-20 22:36:58	Name: __gads Value: ID=f4270b103dbffda0:T=1689322408:RT=1689322408:S=ALNI_MZaPyMZDYpS89s2lmYY5GlLf0m4Lg
.enca.com/	1970-01-20 22:36:58	Name: __gpi Value: UID=00000c3caf3a9d3a:T=1689322408:RT=1689322408:S=ALNI_MYb3E5DZs5_bJLgCCyj-9Vkq-SWwA
.w55c.net/	1970-01-20 13:58:34	Name: matchrubicon Value: 5

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://za-ssl.effectivemeasure.net/em.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts Message: Mixed Content: The page at 'https://www.enca.com/business/banking-scams-consumers-warned-mule-bank-accounts' was loaded over HTTPS, but requested an insecure element 'http://cdn.taboola.com/libtrc/static/thumbnails/50a087a7140fead542c7df09ce6c6e35.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ea670b2db8b6f1b36f3ef1ce3ade731.safeframe.googlesyndication.com
8610150.fls.doubleclick.net
ad2.vic-m.co
adservice.google.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
analytics.twitter.com
b1sync.zemanta.com
bid.g.doubleclick.net
cdn.browsiprod.com
cdn.linkedin.oribi.io
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
connect.facebook.net
content.videostep.com
csi.gstatic.com
demand-engine.browsiprod.com
encacom.disqus.com
eus.rubiconproject.com
events.browsiprod.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.w55c.net
images.taboola.com
imprammp.taboola.com
k.sd9net.com
kwebstat.videostep.com
match.adsrvr.org
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
px4.ads.linkedin.com
r1---sn-4g5e6nsk.c.2mdn.net
region1.analytics.google.com
region1.google-analytics.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.chartbeat.com
static.r66net.com
static.vic-m.co
stats.g.doubleclick.net
t.co
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.videostep.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.enca.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
yield-manager.browsiprod.com
za-ssl.effectivemeasure.net
za-ssl.effectivemeasure.net
102.133.181.146
104.244.42.131
104.244.42.133
13.107.42.14
141.226.228.48
141.226.230.50
142.250.186.98
146.75.116.157
151.101.129.44
151.101.193.44
172.217.18.2
172.217.23.102
173.194.76.157
18.66.97.12
184.30.22.30
199.232.196.134
2001:4860:4802:32::36
2001:4860:4802:34::36
216.59.56.193
216.59.56.23
23.212.89.151
23.32.185.60
2600:9000:2057:4e00:18:1fcd:353:c61
2600:9000:2057:e600:17:2922:12c0:93a1
2600:9000:20eb:200:2:53b2:240:93a1
2606:4700:10::6816:47c5
2606:4700::6810:3b54
2606:4700::6811:190e
2620:1ec:21::14
2a00:1450:4001:62::6
2a00:1450:4001:800::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a00:1450:4003:80e::2003
2a00:1450:400c:c07::9d
2a02:2638:3::c
2a02:26f0:780::210:a423
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a05:d018:d29:3602:64dc:88e6:e53a:1b23
34.251.13.38
34.96.105.8
34.96.71.22
50.31.142.31
52.0.197.153
52.223.40.198
52.28.152.8
52.34.43.124
52.46.128.147
52.57.153.48
54.194.96.60
54.77.117.150
63.33.36.239
68.232.35.200
69.173.144.139
69.173.144.165
69.173.151.100
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
0240de66a7b445f61b5a32e74c7d1dff431ac48b1b218ba454275b8f22046368
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
053aa9004679f9e211c03e084581996c6a2474ef0786a9ea931cd6e96df3864a
0631cf6532f94d9026622c690375b4876bcb97c3aa787aef3065e07b52975448
0764d82f53e12016422a9e9992f8594df7a30ec60d9c1ec875e0596ab7af1a1d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08cfbcc5fd8060bc287c3fa793b4cdef5cc877d14bde22873614d8f9fcc7b50b
0a116e0286ab0749c9bf3eda862681c698bda3fcd453accac8f7c65a33399af5
0a3e7ea485fd97c7e6323e644f2b846cac5337359fdb1cb71b789e9b71337453
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c45caa4e3d434a32ad3c46ba4f38f72fc8e1fe7a11b9fdc090b2a3648385902
0ca578004c17a038ab0b78306e6bf07a05fd2f4617cd4d2c9b774ef09b796a1e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e184cdc472fa48e761950148678d41ab9cecea77994f660fff0b1bd3469eea
15684309274ca43c5240c88c5be2c9ed2f56ed2b38d0367dc372760f9e287c50
17449c216cd087927dbe618b63bce7d30033315245db165cfa4f63665829f463
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7f3232e16c5af1b4d3192ed6be46c39b4902ecef8717b7a1dc69da6b8fe34
1f587abee1a2c822b62df432f1b8c46f31caf2cc4f23a6e26f6625f76d29bb6c
2106feb364ba8e1bea6d4d5f144769cf7e3b11e4240a8ebd179ddf0e5491ebba
23c5461bdfa232f2e3a3228c65e511eef3e1e1849cfac54036edfc192828fae9
2bf5b582fe6e7f1a0432041f27b593c16b34ab1676d42583eb4802ced9faffb2
2c25d9e768938d776acad3c854459d455eae6ab8439970c245896fffd7de61b1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d63921429c5f219ace5cd282868e032f11aab1e0f675c43a58c5b8825536d83
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34501daf01cd6b29587d0710ba49442d7ccdba2e95ba61b76cb229650ae2d3d4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
359ebbfe334ead2a09e06bf39ee89d9adb4277fea605732f40d6d34689680782
35dfd75fddc56de433ba56cab31a5a0edee0f627d3ccfc2e28cc2fc019f5db6a
367b2fce0d26c324f1453d9817ca9eaee79b5a54b006928c92e017b4d45926db
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a19ff3554a1e589f756a92be8263726674127c133feb1d333095668b77ba08c
3a73bb0d75544e1b20a3de55758c5d92ee322c80ec5b4c57444db77c884efe62
3a9851b1ea10fd3fe6496b588754c36ad68cf67745ae9214e915a9b462c3b7ef
3ab76e016aef544c6bd1110335fd898ba6030e79cd15bfcab5c768a7d20a179c
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ac22a80a1517c4b3751f554c5ea17e9906473d3fff568baa668e37588ba753d
3b7509332b7438dc81e22f99246dca6869664742e48cb449aace433e5dd78509
3c24907e6474e2ca71798ee12efc54e88da87a8747bdba3ff0efb3261ef00fa3
3dab93242ee573bbcfc22c9d15acd47794e500ed44e6bd48a35400b39d65aa43
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ed4f4b716ab842f94bbecefdac523b93ebd80af5fb414818ff5cd2b8431e699
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
407e5f7555fe203a6245ac0209874437d50b9daf51a7102e6fd90a99a3df1717
40cd3e2a9b178dceff438cdbf851df46995b1923e200e2f4a074c63e2a3231e3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03
482a218fd165347462affb0d7d3ce6387c893bbad36cbca944933706d0c43fc4
482c37ef0d6cba94183ee8efb97c46d6da479cd1dc67f7d89a491b0acd48a346
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
48685149b0af8c3da9349714409115ba8da61195e246d027f4c706b7049aee20
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4995726a1e82c5e753c961383e1e73733107f00f92cd37e0830faedaac0fdf38
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4bccbbcd01a783a35fac8d155270930e0274f27042c384a9c6e76816a255ede4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6d2cd12e2762c88eeb786dd6e085a1fb85aea017700ed0030586128850771a
4f0ca68147bbad74c6d8246eaf3dde55c3fd6772ec98abbe582b08464d044073
4f20f4148399b70e87db6af24e5695344366f9251934d896a589fa6e03e738f9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c4c32c003192d8fa18dd7948b20a0289e59998546ba1c91a5e62d172721d22
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564c64a15991e68abe6d646f638395a1f24c1ae5beb8e0223d32ce61e141dbbc
58efd0e7e46002d0f40196287e1fb318ede7ddb522723eec5cc956d85f738300
590523d061126e0ab8399db4da339da09641844282668e1fee51165502709c59
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
59be8f74a7d9c4672577e576568abd53aa1a4e5d71731425ee8407880d28cd38
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a87da6d7e7ae52f27af98c69383baca01068e3610ea0c4442fd27b80a76de60
5b96f8cfa9b6e9392cafe2a918a09f12d0a6bd8d62b21cc5a90314eb19f5f07b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cd397677e5d50d8b0cb05df19242e3dfcc6bb02bfe0faebd73d7ca11950fa0f
5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971
5e1a576de5ede817cf192d0e386e839277923de334af7f56bcaee80df136635b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c65746df37547f7178374934d89140c44e7698ed42f73c2ec41d3338faa873
634e5e68aa74d1935d1286e0f10a7c66304d53925e31a1504770750143dfd517
67baf0407a2ae360e7c44ca7c6d982c4d427c5bc9ed6bb9e0e6d4e1e86d023f4
69238b8faab0e1e6d59d48d3afa3b33f9496510107741a81b45c8c9c9d101e45
692a83221617b74acc8198b565bbdfa0365248f5df89578d6115382cc9508260
6945487f28c4ccdea5b9adf779658ac7796c3d2256f4dc0422c07a20a953ed9b
697a1623b4a514e5b162909bc1b1eec654d952578d9491db799647181e9811e5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b58740d00ed71e4d0cd3a7745d446781f15fbda1f6b396e120daef3ff29201b
70f37fc50d5edfcb84e27a8e5848801fe6050d41f5bb21ef2cd788fde4091e82
735238af05474ecb9165143ef0124b633697143459f9d1d669387b28f23d00fe
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
75f332ab70cd95968ad30744dc4c87d03ac4d5f68c1db5c1feef81ba04d5fb95
787da484df6c5c5c906b32641d85a5853da7935788e54a878d2ecbb50fd5ac4d
792c313ca6492ef04d0d6a6c0eccd7d75fc25a75bf584a84ba4158743bf41996
7a01c12297a7ae9e1034fa2b0dc3388739bd2bdff534f578aa094ec92ea95e0a
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
802439339303df33f49c43fb743eb3da7974356eda255a02796b1c88bafa5a81
810284e7c7165d0055169c2715d5f652c132e2ab7439d40d0936ff0e6ba56c99
82054b408dbd466342fa1b87be6352e996443fb09384496c715ad8fa874c6f06
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa130ad83ab39b398f6f0442d39e903824a6455fca225b445cc1d1365815a5
8647eba2437fa68d394ebb1e56912f08fc23283a0a6c91ec88948fd464f56602
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
87e279b06afcdc7221fa679d2d785c3b5d6853b6ebe64cd344770023e191443e
8907ebee28f46bda652c26fb9ed674bdf714f5808c04f94562631e6b2564ca14
89824dd47e95493cc0f8a34e71a1b88050880b5ed8c1012805f47e6339a2f763
89b375fafa20e292c9444fea6bb53171d6700aaaa84303a8534bd17ab4c7ccc7
8ae57a5bf045d8910e8135b771b16dde67fb9fa78c873f9968cec31a2c97f381
8b31d53d69faa979838ddc7b0a429905aa68ae17b959feed09d07659fbb32988
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d93219d2c46971ec8b8973deeceeb8fb1b11967eb4731f1c3d7de7a7b372de1
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
979de68aebb3e046cd7d4a5a2b1da91ee235a7dc62049636a0bfe62c2e956b4a
9c727a22c9a0f06bb0ed75d41be20ffe54f4a6d4058f912ad1f695a64483ee99
a03328db2c4e906af7abfd8ef77ec125b48dd366309d5c566964c00bd4a450ba
a224dfc1e1af0259dd16f2fbc3033f2d43c30eb02ce760a3333d86c01dc1e942
a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a641ee7ba713c76a66ccef2ea30ad837f6075f91c3fd139a6008e3e7b77ad6ab
a65a529f3ef72edb29c82c55a7c0f3a54b1bd2ba8a3e780f19bde9174539713b
a6ee270a65ffd28f98a0b1c6fba3d61d1b1a45d38ca69c2cf0ccd2eafe9b425a
a74c2f5b4222de41a49f8aa7157bb6aa9658d4d9c5807225441501b28a359ffc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acb6e0350b54d617ba8f16265346c4e03405b1dbaaf1a5e2ac436f1b69e6341c
ace3f32ec46a00398ff15c5ab1d7d0de00ce03797d2adcd537b58f406f9ae7b0
ae0d35049942996c719b780811f07e206f6ad5c29efbeabf0c25b76297d39e2c
ae6b821dbf8e5e893424901ee9f76d9b0fc8d52d66b1634cca18d169b581063b
afc2a4522c1595534e45743001f8d6ace573052aa466b3f9dc9232d4cbf3d3c1
b05d396b5347ad8a552973eba56bd5b39b886195b3e6c126a71c96d8eafeb42d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15268ea79ca54c51001ebd1da2f77d07996e08b77ff0842b60470789d643094
b23a69abf726828d282a0f9ee6cdd2ef326b36dd63f3ebdb119675bc313fd3f0
b72dda235b143194413283de53498a1e9c2cc2142558b6fe8b80f6ac551520c2
b890b2458d00f21a6a6a7da502571b15900436b8aa9835e9349d12e09bd36535
ba5c8f13aa4074c2504e7fda1c12e2c9aeeed8d470cdb4102399f19ea134bb33
bb23fa0c7050a21f889b8e7a74e23f0c56f7dfefa208eb556594a33ebafb3ebe
bfb92c56348cab69ccfc7e45c2a0f883b43df9e501ce94c5b49ca0ed8555c237
bfe687f827d33e76d3b73e57242783ecf6a0045e12153c2c25ef7cf1148b309d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28251baca6a91ad276d45280224cea320a22ba839b359ca5a420b259c385b2a
c2b2a138c1338e25efd9e1e575e78e6d9a4bd146687ba8b768a0595608d3e0b4
c2c7c0793629fa08e98d9a3c898975d975fec2716c31eb9dd8a0d1bb7b48be5d
c2e76ee819f06c74ea9abf6619f74a24d1ad283905f201599b074937c4bfd3f4
c348c506a64b75ce24a293fa17bad91631996d66f66ac96cda06cf9c1dc01082
c43149092fa152af5b168002912a06574c4f62395fd6255a383524a6eabb061b
c48f8ddd40f7734ed4828adfaf6d87d490542052ae6017d81c1a54e5522e5740
c4ffcb380b93be8587df1adff939042b89c5b2f0329458df5f2f2a8c07123297
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c8a32d0b7eba81a313f683b7d55195a52aa4939fa19a8a1edc45991f408a46be
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c92b03c43f1e2494f985361bc880f9d0e5b5bace1976a0df34c6611b9756cbc3
c9b8e9daac6fdd5e2faacc357074102ef46afb6fdbcd59aa885ab9e809e471dd
cb359becda45907cd7684daadfb2c272ee8ec3a109f6d6323a3164e8d95d3d37
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
ccf8944f85fac81446e1d7dd2de935dc94033c0dd48e535ee91dbaafb848f947
cd10bf01939d73638d1368a03b4168a9422a40705d7dfe83eace588676e6a3f9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d24404a662b990b500cc46eef84694e5e2441827c656291f15844f27cd4b10b0
d46a19ce7ae1617b330b2bc8e3741c531432f96af35a37596f236bdfbed44766
d65e555a2ac24f0219db6c29a65518eaf51819a5dab0765440ff1d133f69a505
d7afbe70223d30bc314b525ac2ba273d4c0accb7359521f1ca470922ac20fe44
d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1
d922786d9178293a477c98ffe925965217c535e5e5911f100af67df9a578d206
d92af92fa444d7fa85e940101ed8dc44af985ad85813185442e61cbcf21b44ab
d9a6688aaa71ab4182ccd5b15e890cb41ab6f99c26ad6b1a67224259dc34c493
db4eb85ff77f1b6645b4cb0b3d6e0ece633f7554b31f2046aa74741ba4a2bc1a
db4faede8c291a068e6a9a317f58a25ec0cb883f430c5ef1fd4dc876961371c0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8e07b99039e1ec873e57f5ba20a14ca273d977508ac4910e8f1424f39ac407
debe88ca9fee9d115bf57ac3fcb1697f5d46de85e160196d1aab65076f4633d1
e063159d935829727670ebeaa4998d3234f024e7e865928eb8e56858e34b5483
e378497ea2905ba493354ac745de990a818a6db98b5899531b740738e943df83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c9c41384b940256f120641481aa1d06e69c7e60ae7af217ca502fddd4cba5e
e79630c55da453745bc30cc65ec37c4f24648821fea8a4b0dac4280d2f196879
e79a0634ef0143c04f73eb5853b79116a81a8f3791b6581865eed9c018594348
e9fb7ca9439ab8001a9b7cefd61823ddcc53115b017308f9d2514320ac04564b
ee59a729348a1ee72417458ddb4879d4e09668334d2a715f3a700edb5e19bf04
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f021e91510890a23deac116f0b103d5218fd528fa1d78dd9382debd5fe5de9ff
f02d7207b5a7489770e9300cc9b52d3d1ba168e8111281c92973e4ecbc04a7b4
f2436e75044181e273d035a47e095dc36f5716e64842c96741476ef9e5ea7917
f2893d8c5c2fece5dc2b4b22e28929b0265f432b09cf6d8e80d3f1eb11bc7690
f4afb4d6894fc67a4e76d6a4ed4ef8493d81caa0e5f1bfd26a60f00d7ffa1dec
f5cd876b8bd2ac41f2098f303ecb436278587e1f9594512370ba34b12e90ef11
f5edf4f2675338b776f8a3808f691baf84f14a4e4d958ce49472e3ab7e7acebb
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa48fd3a2ac4e33d022422bd91edd7638d71bac2bab6c42fd9d9ec11bf2bebd6
facf5f0be178fcf46bc483644fe84256e4f0f5c7da5829904a5f53a65cde4469
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbef5864ff31251230e362229fb4de781e6d794efe90e9ade6205d9ae9762488
fc2b1926e9ada92623da74f032c3979c12c1192a753d2e3f60f9a8469386ada5
fd9f922cbc03301de80c845f90b8a4023e24a8c0de2327546381d73ae5b5ed2c
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84

www.enca.com Open in urlscan Pro 2606:4700::6810:3b54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

334 Requests

97 %HTTPS

47 %IPv6

43 Domains

81 Subdomains

64 IPs

7 Countries

6623 kBTransfer

14096 kBSize

33 Cookies

47 Outgoing links

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.enca.com Open in urlscan Pro
2606:4700::6810:3b54 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

97 %
HTTPS

47 %
IPv6

43
Domains

81
Subdomains

64
IPs

7
Countries

6623 kB
Transfer

14096 kB
Size

33
Cookies

334 HTTP transactions
7 data transactions